CISCO-SSL-PROXY-MIB

File: CISCO-SSL-PROXY-MIB.mib (142944 bytes)

Imported modules

SNMPv2-SMI SNMPv2-CONF SNMP-FRAMEWORK-MIB
SNMPv2-TC INET-ADDRESS-MIB CISCO-TC
CISCO-SMI

Imported symbols

MODULE-IDENTITY OBJECT-TYPE NOTIFICATION-TYPE
Counter32 Gauge32 Integer32
Unsigned32 NOTIFICATION-GROUP MODULE-COMPLIANCE
OBJECT-GROUP SnmpAdminString TimeStamp
RowStatus TruthValue InetAddressType
InetAddress CiscoPort ciscoMgmt

Defined Types

CspPsEntry  
SEQUENCE    
  cspPsName SnmpAdminString
  cspPsListIndex Integer32
  cspPsServiceType INTEGER
  cspPsVirtualAddressType InetAddressType
  cspPsVirtualAddress InetAddress
  cspPsVirtualPort CiscoPort
  cspPsServerAddressType InetAddressType
  cspPsServerAddress InetAddress
  cspPsServerPort CiscoPort
  cspPsAdminStatus INTEGER
  cspPsOperStatus INTEGER
  cspPsOperDownReason INTEGER
  cspPsConfigRowStatus RowStatus

CspPsPolicyEntry  
SEQUENCE    
  cspPspVirTcpPolicyName SnmpAdminString
  cspPspSerTcpPolicyName SnmpAdminString
  cspPspSslPolicyName SnmpAdminString
  cspPspHttpHdrPolicyName SnmpAdminString
  cspPspUrlRewritePolicyName SnmpAdminString

CspPsKeyCertEntry  
SEQUENCE    
  cspPskcKeyUsage INTEGER
  cspPskcTrustPointName SnmpAdminString
  cspPskcCertFileName SnmpAdminString
  cspPskcKeyName SnmpAdminString
  cspPskcKeyFileName SnmpAdminString
  cspPskcKeySize INTEGER
  cspPskcKeyTime SnmpAdminString
  cspPskcCertStatus INTEGER
  cspPskcCertSubjName SnmpAdminString
  cspPskcCertSerialNum SnmpAdminString
  cspPskcIssuerName SnmpAdminString
  cspPskcIssuerCertSerialNum SnmpAdminString
  cspPskcCertStartDate SnmpAdminString
  cspPskcCertEndDate SnmpAdminString
  cspPskcConfigRowStatus RowStatus

CspTcpPolicyEntry  
SEQUENCE    
  cspTpPolicyName SnmpAdminString
  cspTpSynTimeOut Integer32
  cspTpInActivityTimeOut Integer32
  cspTpNagleAlgo TruthValue
  cspTpFinWaitTimeOut Integer32
  cspTpReassemTimeOut Integer32
  cspTpRcvBufShrLim Integer32
  cspTpTransBufShrLim Integer32
  cspTpMss Integer32
  cspTpPathMtuDisc TruthValue
  cspTpConfigRowStatus RowStatus

CspSslPolicyEntry  
SEQUENCE    
  cspSpPolicyName SnmpAdminString
  cspSpRSArc4128md5 TruthValue
  cspSpRSArc4128sha TruthValue
  cspSpRSAdescbcsha TruthValue
  cspSpRSA3descbcsha TruthValue
  cspSpProtocol INTEGER
  cspSpCloseProtocol TruthValue
  cspSpSessionCache Integer32
  cspSpSessionTimeOut Integer32
  cspSpConfigRowStatus RowStatus

CspPsCounterEntry  
SEQUENCE    
  cspPscClearTime TimeStamp
  cspPscConnAttempt Counter32
  cspPscConnComplete Counter32
  cspPscFullHandShake Counter32
  cspPscResumedHandShake Counter32
  cspPscConnInHandShake Gauge32
  cspPscConnInDataPhase Gauge32
  cspPscRenegAttempt Counter32
  cspPscConnInReneg Gauge32
  cspPscBlksEncrypted Counter32
  cspPscBlksDecrypted Counter32
  cspPscBytesEncrypted Counter32
  cspPscBytesDecrypted Counter32
  cspPscValidSessions Counter32
  cspPscSessLimitExceed Counter32
  cspPscHandShakeFailed Counter32
  cspPscDataFailed Counter32
  cspPscFatalAlertsRcvd Counter32
  cspPscFatalAlertsSent Counter32
  cspPscBadMacRcvd Counter32
  cspPscPadErrors Counter32
  cspPscNoCipherAlerts Counter32
  cspPscNoComprsnAlerts Counter32
  cspPscVerMismatchAlerts Counter32

CspPsSsl3CounterEntry  
SEQUENCE    
  cspPs3cClearTime TimeStamp
  cspPs3cFullHandShake Counter32
  cspPs3cResumedHandShake Counter32
  cspPs3cHandShakeFailed Counter32
  cspPs3cDataFailed Counter32
  cspPs3cBadMacRcvd Counter32
  cspPs3cPadErrors Counter32
  cspPs3cRSArc4128md5 Counter32
  cspPs3cRSArc4128sha Counter32
  cspPs3cRSAdescbcsha Counter32
  cspPs3cRSA3desedecbcsha Counter32

CspPsTls1CounterEntry  
SEQUENCE    
  cspPt1cClearTime TimeStamp
  cspPt1cFullHandShake Counter32
  cspPt1cResumedHandShake Counter32
  cspPt1cHandShakeFailed Counter32
  cspPt1cDataFailed Counter32
  cspPt1cBadMacRcvd Counter32
  cspPt1cPadErrors Counter32
  cspPt1cRSArc4128md5 Counter32
  cspPt1cRSArc4128sha Counter32
  cspPt1cRSAdescbcsha Counter32
  cspPt1cRSA3desedecbcsha Counter32

CspCpuStatusEntry  
SEQUENCE    
  cspCpuName SnmpAdminString
  cspCpuStatus INTEGER
  cspCpuClearTime TimeStamp
  cspCpuProcessUtil Gauge32
  cspCpuInterruptUtil Gauge32
  cspCpuProcessUtilIn5Sec Gauge32
  cspCpuProcessUtilIn1Min Gauge32
  cspCpuProcessUtilIn5Min Gauge32
  cspCpuInterruptUtilIn5Sec Gauge32
  cspCpuInterruptUtilIn1Min Gauge32
  cspCpuInterruptUtilIn5Min Gauge32

Defined Values

ciscoSslProxyMIB 1.3.6.1.4.1.9.9.370
This MIB module is for managing a Secure Socket Layer (SSL) Proxy device which terminates and accelarates SSL and Transport Layer Security (TLS) transactions. The proxy device can act as a SSL server or a SSL client depending on the configuration and the application. In one application, the device acts as a proxy SSL server. It terminates SSL handshakes and TCP connections initiated by SSL clients. The device is configured with a key and a certificate bearing the identity of the SSL server. The device uses this identity to establish the SSL session on behalf of the server, offloading the key establishment and data encryption and decryption work. After the SSL session has been successfully established between the client and the proxy device, the device starts to receive and decrypt the encrypted data sent from the client and forward to the server. The device forwards the clear data to the server on a backend connection. Clear data sent from the server is encrypted by the proxy device before it is forwarded to the SSL client. Optionally, the proxy device is configured to reencrypt the decrypted data sent from the client to the server. The proxy device acts as a SSL client to initiate a SSL session to the server. The decrypted data is encrypted within this SSL session to be forwarded to the server. The encrypted data sent from the server to the device is decrypted and then reencrypted before it is forwarded to the client. In another application, the proxy device forwards data generated by one or more sources to the destination via a SSL session. The proxy device acts as a SSL client and intiates a SSL session to the next hop device. When data is received from the source, the proxy device forwards the data to the next hop using the SSL session. The next hop can continue to forward the data if it is not the destination. The proxy device supports a number of proxy services. Each proxy service defines the role of the proxy device, whether it acts as a SSL server or a SSL client. The rest of the configuration include cryptographic and protocol parameters. This MIB is used for monitoring the configuration, statuses and statistics of the proxy services and the protocols including TCP, SSL and TLS.
MODULE-IDENTITY    

cspMIBNotifications 1.3.6.1.4.1.9.9.370.0
OBJECT IDENTIFIER    

cspMIBObjects 1.3.6.1.4.1.9.9.370.1
OBJECT IDENTIFIER    

cspMIBConformance 1.3.6.1.4.1.9.9.370.2
OBJECT IDENTIFIER    

cspGlobalConfig 1.3.6.1.4.1.9.9.370.1.1
OBJECT IDENTIFIER    

cspPsConfig 1.3.6.1.4.1.9.9.370.1.2
OBJECT IDENTIFIER    

cspPsPolicyConfig 1.3.6.1.4.1.9.9.370.1.3
OBJECT IDENTIFIER    

cspPsKeyCertConfig 1.3.6.1.4.1.9.9.370.1.4
OBJECT IDENTIFIER    

cspTcpPolicyConfig 1.3.6.1.4.1.9.9.370.1.5
OBJECT IDENTIFIER    

cspSslPolicyConfig 1.3.6.1.4.1.9.9.370.1.6
OBJECT IDENTIFIER    

cspTcpCountersInfo 1.3.6.1.4.1.9.9.370.1.7
OBJECT IDENTIFIER    

cspTcpCounters 1.3.6.1.4.1.9.9.370.1.8
OBJECT IDENTIFIER    

cspSslCountersInfo 1.3.6.1.4.1.9.9.370.1.9
OBJECT IDENTIFIER    

cspSslCounters 1.3.6.1.4.1.9.9.370.1.10
OBJECT IDENTIFIER    

cspSsl3Counters 1.3.6.1.4.1.9.9.370.1.11
OBJECT IDENTIFIER    

cspTls1Counters 1.3.6.1.4.1.9.9.370.1.12
OBJECT IDENTIFIER    

cspSslCryptoCounters 1.3.6.1.4.1.9.9.370.1.13
OBJECT IDENTIFIER    

cspSslErrorCounters 1.3.6.1.4.1.9.9.370.1.14
OBJECT IDENTIFIER    

cspPsCounters 1.3.6.1.4.1.9.9.370.1.15
OBJECT IDENTIFIER    

cspPsSsl3Counters 1.3.6.1.4.1.9.9.370.1.16
OBJECT IDENTIFIER    

cspPsTls1Counters 1.3.6.1.4.1.9.9.370.1.17
OBJECT IDENTIFIER    

cspCpuStatusInfo 1.3.6.1.4.1.9.9.370.1.18
OBJECT IDENTIFIER    

cspHttpHeaderInsertedInfo 1.3.6.1.4.1.9.9.370.1.19
OBJECT IDENTIFIER    

cspHttpRedirectInfo 1.3.6.1.4.1.9.9.370.1.20
OBJECT IDENTIFIER    

cspSslResourceNotifInfo 1.3.6.1.4.1.9.9.370.1.21
OBJECT IDENTIFIER    

cspHttpHeaderInsertedSslInfoStats 1.3.6.1.4.1.9.9.370.1.19.1
OBJECT IDENTIFIER    

cspHttpHeaderInsertedSslClientCertStats 1.3.6.1.4.1.9.9.370.1.19.2
OBJECT IDENTIFIER    

cspHttpRedirectClientCertAuthFailedStats 1.3.6.1.4.1.9.9.370.1.20.1
OBJECT IDENTIFIER    

cspGcVersion 1.3.6.1.4.1.9.9.370.1.1.1
The version information of the SSL proxy device, for display only.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cspGcFIPSMode 1.3.6.1.4.1.9.9.370.1.1.2
An indication of whether or not the proxy device is operating in FIPS (Federal Information Processing Standards) approved mode. If 'true', the proxy device is operating in FIPS mode. When the device operates in FIPS mode, only approved cryptographic algorithms and key strengths are enabled. Authentication and other security requirements of FIPS will also be enforced in this mode.
OBJECT-TYPE    
  TruthValue  

cspGcRSArc4128md5 1.3.6.1.4.1.9.9.370.1.1.3
An indication of whether or not the proxy device supports the cipher suite RSA_WITH_RC4_128_MD5. If 'true', the cipher suite is supported.
OBJECT-TYPE    
  TruthValue  

cspGcRSArc4128sha 1.3.6.1.4.1.9.9.370.1.1.4
An indication of whether or not the proxy device supports the cipher suite RSA_WITH_RC4_128_SHA. If 'true', the cipher suite is supported.
OBJECT-TYPE    
  TruthValue  

cspGcRSAdescbcsha 1.3.6.1.4.1.9.9.370.1.1.5
An indication of whether or not the proxy device supports the cipher suite RSA_WITH_DES_CBC_SHA. If 'true', the cipher suite is supported.
OBJECT-TYPE    
  TruthValue  

cspGcRSA3descbcsha 1.3.6.1.4.1.9.9.370.1.1.6
An indication of whether or not the proxy device supports the cipher suite RSA_WITH_3DES_EDE_CBC_SHA. If 'true', the cipher suite is supported.
OBJECT-TYPE    
  TruthValue  

cspGcNotifyProxyServOperStatus 1.3.6.1.4.1.9.9.370.1.1.7
An indication of whether or not a cspServOperStatus notification should be issued when the operation status of proxy services changes. If such a notification is desired, it is the responsibility of the management entity to ensure that the SNMP administrative model is configured in such a way as to allow the notification to be delivered.
OBJECT-TYPE    
  TruthValue  

cspGcNotifyPSCertExpiring 1.3.6.1.4.1.9.9.370.1.1.8
An indication of whether or not a cspServCertExpiring notification should be issued when a proxy service certificate will be expiring in the configured time interval cspGcPSCertExpireInterval. If such a notification is desired, it is the responsibility of the management entity to ensure that the SNMP administrative model is configured in such a way as to allow the notification to be delivered.
OBJECT-TYPE    
  TruthValue  

cspGcPSCertExpireInterval 1.3.6.1.4.1.9.9.370.1.1.9
The proxy service certificate expiration time interval, used to determine when the cspServCertExpiring notification should be issued if cspGcNotifyPSCertExpiring is 'true'. If this time interval is 0, no proxy service certification expiration will be checked.
OBJECT-TYPE    
  Integer32 0..720  

cspPsTable 1.3.6.1.4.1.9.9.370.1.2.1
A list of proxy service configuration entries.
OBJECT-TYPE    
  SEQUENCE OF  
    CspPsEntry

cspPsEntry 1.3.6.1.4.1.9.9.370.1.2.1.1
The proxy service configuration entry. Each entry indicates the name and the index of a proxy service, and a set of configuration parameters to be applied on this proxy service. A unique name can be assigned to each proxy service. Optionally, multiple proxy services can be grouped into a proxy list. All the services in a list have the same name, and each service is assigned a unique index within the list. Each proxy service has a virtual and a server address. This entry reports the address and port configuration, and the administrative and operational statuses of each proxy service. If a service is not operational, the reason for its being 'down' is also reported.
OBJECT-TYPE    
  CspPsEntry  

cspPsName 1.3.6.1.4.1.9.9.370.1.2.1.1.1
The name of a proxy service. A unique name string can be assigned to one proxy service or a list of proxy services. When the name is assigned to a list of proxy services, each proxy service is identified by a unique index within the list.
OBJECT-TYPE    
  SnmpAdminString Size(1..50)  

cspPsListIndex 1.3.6.1.4.1.9.9.370.1.2.1.1.2
The unique index of a proxy service within a list. If the cspPsName string is assigned to a list of proxy services, this index is used to identify a proxy service within the list. If the cspPsName string is unique per proxy service, this index is not used, and the value shall be 0.
OBJECT-TYPE    
  Integer32 0..256  

cspPsServiceType 1.3.6.1.4.1.9.9.370.1.2.1.1.3
The type of proxy service: 'server(1)' or 'client(2)'. When servicing a 'server' type proxy service, the proxy device acts as a SSL server. It terminates the SSL handshake initiated by a SSL client, and forwards the data sent from the client to the destination. When servicing a 'client' type proxy service, the proxy device acts as a SSL client. It initiates a SSL handshake to a SSL server, and forwards data sent from one or more data sources to the SSL server.
OBJECT-TYPE    
  INTEGER server(1), client(2)  

cspPsVirtualAddressType 1.3.6.1.4.1.9.9.370.1.2.1.1.4
An indication of the type of address contained in cspPsVirtualAddress.
OBJECT-TYPE    
  InetAddressType  

cspPsVirtualAddress 1.3.6.1.4.1.9.9.370.1.2.1.1.5
The virtual address. This address is used by the data source to send data that can be received by the proxy device and forwarded to the destination.
OBJECT-TYPE    
  InetAddress  

cspPsVirtualPort 1.3.6.1.4.1.9.9.370.1.2.1.1.6
The virtual TCP port number. This port number is used by the data source to send data that can be received by the proxy device and forwarded to the destination.
OBJECT-TYPE    
  CiscoPort  

cspPsServerAddressType 1.3.6.1.4.1.9.9.370.1.2.1.1.7
An indication of the type of address contained in cspPsServerAddress.
OBJECT-TYPE    
  InetAddressType  

cspPsServerAddress 1.3.6.1.4.1.9.9.370.1.2.1.1.8
The server address. This address is used by the proxy device to send or forward data to the destination.
OBJECT-TYPE    
  InetAddress  

cspPsServerPort 1.3.6.1.4.1.9.9.370.1.2.1.1.9
The server TCP port number. This port number is used by the proxy device to send or forward data to the destination.
OBJECT-TYPE    
  CiscoPort  

cspPsAdminStatus 1.3.6.1.4.1.9.9.370.1.2.1.1.10
The administrative status of the proxy service. Each proxy service can be configured to be administratively 'up' or 'down'. If the Adminstrative Status is 'down', the service will not be operational.
OBJECT-TYPE    
  INTEGER up(1), down(2)  

cspPsOperStatus 1.3.6.1.4.1.9.9.370.1.2.1.1.11
The operational status of a proxy service. For a proxy service to be operational, its administrative status needs to be 'up'. If the administrative status is 'up', the operational status will be changed from 'down' to 'up' automatically once all the required configuration parameters and resources, including necessary keys and certificates, become available. If one or more required resources are removed (e.g. the certificate has expired), the operational status will be changed to 'down' automatically.
OBJECT-TYPE    
  INTEGER up(1), down(2)  

cspPsOperDownReason 1.3.6.1.4.1.9.9.370.1.2.1.1.12
The reason for the operational status to be 'down'. Possible values are: other(1) : Unknown or undefined reason, notApplicable(2) : Administratively 'down', noConnectivity(3) : No Connectivity to the client, the server, or the gateway, noVirtualAddr(4) : Virtual Address not configured, noServerAddr(5) : Server Address not configured, noCert(6) : Certificate configured, but invalid or missing, certNotConfigured(7): Certificate not configured.
OBJECT-TYPE    
  INTEGER other(1), notApplicable(2), noConnectivity(3), noVirtualAddr(4), noServerAddr(5), noCert(6), certNotConfigured(7)  

cspPsConfigRowStatus 1.3.6.1.4.1.9.9.370.1.2.1.1.13
The conceptual row status of the proxy service configuration entry. An entry cannot have the status 'active' until values have been assigned to the following objects: cspPsVirtualAddress, cspPsVirtualPort, cspPsServerAddress and cspPsServerPort. This entry can be modified when the status is 'active'.
OBJECT-TYPE    
  RowStatus  

cspPsPolicyTable 1.3.6.1.4.1.9.9.370.1.3.1
A list of proxy service policy configuration entries.
OBJECT-TYPE    
  SEQUENCE OF  
    CspPsPolicyEntry

cspPsPolicyEntry 1.3.6.1.4.1.9.9.370.1.3.1.1
The proxy service policy entry. Each proxy service policy entry contains the name of each type of policy configured for the proxy service. A policy is a set of configuration parameters and rules to observe for implementing a protocol or an operation. One or more of the following policies can be configured for a proxy service: TCP protocol policy for virtual connections, TCP protocol policy for server connections, SSL protocol policy, HTTP header insertion policy, and URL rewrite policy.
OBJECT-TYPE    
  CspPsPolicyEntry  

cspPspVirTcpPolicyName 1.3.6.1.4.1.9.9.370.1.3.1.1.1
The name of the TCP protocol policy configured for the virtual side connections. If no TCP policy is configured, the name will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPspSerTcpPolicyName 1.3.6.1.4.1.9.9.370.1.3.1.1.2
The name of the TCP protocol policy configured for the server side connections. If no TCP policy is configured, the name will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPspSslPolicyName 1.3.6.1.4.1.9.9.370.1.3.1.1.3
The name of the SSL protocol policy configured for the SSL handshake and data encryption and decryption. If no SSL policy is configured, the name will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPspHttpHdrPolicyName 1.3.6.1.4.1.9.9.370.1.3.1.1.4
The name of the HTTP header insertion policy. A number of fields can be inserted into the HTTP headers when the proxy service is forwarding data. The policy specifies the header insertion parameters. If no policy is configured, the name will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPspUrlRewritePolicyName 1.3.6.1.4.1.9.9.370.1.3.1.1.5
The name of the URL rewrite policy. The policy specifies configuration parameters for rewriting URLs in HTTP headers and payload. If no policy is configured, the name will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPsKeyCertTable 1.3.6.1.4.1.9.9.370.1.4.1
A list of proxy service key and certificate configuration entries.
OBJECT-TYPE    
  SEQUENCE OF  
    CspPsKeyCertEntry

cspPsKeyCertEntry 1.3.6.1.4.1.9.9.370.1.4.1.1
The proxy service key and certificate configuration entry. This entry specifies the key usage, optionally the trust point name, the certificate and the key file names, the key size and time of generation or import, and some important attributes of the certificate.
OBJECT-TYPE    
  CspPsKeyCertEntry  

cspPskcKeyUsage 1.3.6.1.4.1.9.9.370.1.4.1.1.1
An indication of the usage of a key assigned to a proxy service. Each proxy service can be assigned one or more keys. The key can be used for signing only, for data encryption and decryption only, or for general purpose (that is, it can be used for both signing and data encryption and decryption). The following values are defined: rsaSigning(1) : RSA key used for signing only, rsaEncryption(2) : RSA key used for data encryption and decryption only, rsaGeneralPurpose(3): RSA key used for both signing and data encryption and decryption.
OBJECT-TYPE    
  INTEGER rsaSigning(1), rsaEncryption(2), rsaGeneralPurpose(3)  

cspPskcTrustPointName 1.3.6.1.4.1.9.9.370.1.4.1.1.2
The name of a trust point assigned to the proxy service. The trust point contains information that can be used for certificate enrollment or for importing keys and certificates. A trust point may also contain identifying information about keys and certificates, and the path and the protocol to be used for the proxy device to communicate with a Certificate Authority which issues certificates for the proxy service. If no trust point is assigned to the proxy service, the name will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPskcCertFileName 1.3.6.1.4.1.9.9.370.1.4.1.1.3
The name of the file storing the certificate. If there is no such file, the name will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPskcKeyName 1.3.6.1.4.1.9.9.370.1.4.1.1.4
The name of a key assigned to the proxy service. If there is no key assigned, the name will be a NULL string. If the key is stored in a file, the file name may be used to identify the key, and this name will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPskcKeyFileName 1.3.6.1.4.1.9.9.370.1.4.1.1.5
The name of the file storing the key. If there is no such file, the name will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPskcKeySize 1.3.6.1.4.1.9.9.370.1.4.1.1.6
The size of the key. The following modulus sizes are defined for RSA keys: 512-bit, 768-bit, 1024-bit, 1536-bit and 2048-bit.
OBJECT-TYPE    
  INTEGER other(1), rsa512(2), rsa768(3), rsa1024(4), rsa1536(5), rsa2048(6)  

cspPskcKeyTime 1.3.6.1.4.1.9.9.370.1.4.1.1.7
The time of generation of the key, if known. If the key is imported to the proxy device, this time can indicate the time of import if the time of generation is unknown. If the time is not known, this will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..32)  

cspPskcCertStatus 1.3.6.1.4.1.9.9.370.1.4.1.1.8
The status of the certificate that is used to publish the public key. The following values are defined: Valid(1) : Certificate is valid, Expired(2) : Certificate has expired, Rolling Over(3): Certificate is being renewed. Whether or not an expired certificate can be used for the proxy service is implementation specific.
OBJECT-TYPE    
  INTEGER valid(1), expired(2), rollover(3)  

cspPskcCertSubjName 1.3.6.1.4.1.9.9.370.1.4.1.1.9
The subject name of the certificate assigned to the proxy service. If there is no subject name on the certificate, this will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPskcCertSerialNum 1.3.6.1.4.1.9.9.370.1.4.1.1.10
The serial number of the certificate assigned to the proxy service. If there is no serial number on the certificate, this will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPskcIssuerName 1.3.6.1.4.1.9.9.370.1.4.1.1.11
The issuer name of the certificate assigned to the proxy service. If the issuer name of the certificate is not known, this will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPskcIssuerCertSerialNum 1.3.6.1.4.1.9.9.370.1.4.1.1.12
The serial number of the issuer's certificate. If the serial number of the issuer's certificate is not known, this will be a NULL string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cspPskcCertStartDate 1.3.6.1.4.1.9.9.370.1.4.1.1.13
The time when the certificate starts to be valid, corresponding to the notBefore time on the certificate.
OBJECT-TYPE    
  SnmpAdminString Size(0..32)  

cspPskcCertEndDate 1.3.6.1.4.1.9.9.370.1.4.1.1.14
The time when the certificate validity ends, corresponding to the notAfter time on the certificate.
OBJECT-TYPE    
  SnmpAdminString Size(0..32)  

cspPskcConfigRowStatus 1.3.6.1.4.1.9.9.370.1.4.1.1.15
The conceptual row status of the proxy service key and certificate configuration entry. This entry can be modified when the status is 'active'.
OBJECT-TYPE    
  RowStatus  

cspTcpPolicyTable 1.3.6.1.4.1.9.9.370.1.5.1
A list of TCP Policy entries
OBJECT-TYPE    
  SEQUENCE OF  
    CspTcpPolicyEntry

cspTcpPolicyEntry 1.3.6.1.4.1.9.9.370.1.5.1.1
TCP Policy configuration entry. Each entry defines a set of TCP protocol parameters. A policy can be applied to one or more proxy services.
OBJECT-TYPE    
  CspTcpPolicyEntry  

cspTpPolicyName 1.3.6.1.4.1.9.9.370.1.5.1.1.1
The unique name of a TCP policy.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cspTpSynTimeOut 1.3.6.1.4.1.9.9.370.1.5.1.1.2
The TCP connection SYN timeout value. This is the amount of time the SSL proxy waits before failing the connection establishment attempt.
OBJECT-TYPE    
  Integer32 0..3600  

cspTpInActivityTimeOut 1.3.6.1.4.1.9.9.370.1.5.1.1.3
The TCP connection inactivity timeout value. This is the amount of time the SSL proxy waits for the next packet to arrive on a TCP connection, if no packet is received within this period then the connection is considered to be inactive and aborted.
OBJECT-TYPE    
  Integer32 0..3600  

cspTpNagleAlgo 1.3.6.1.4.1.9.9.370.1.5.1.1.4
If 'true', the Nagle Algorithm is enabled during the SSL or TLS data phase to concatenate a number of small messages to avoid sending small messages into the network.
OBJECT-TYPE    
  TruthValue  

cspTpFinWaitTimeOut 1.3.6.1.4.1.9.9.370.1.5.1.1.5
The TCP connection FIN-WAIT2 state timeout value. This is the amount of time the SSL proxy waits for a FIN from the peer after it has initiated close and is in FIN-WAIT2 state.
OBJECT-TYPE    
  Integer32 0..3600  

cspTpReassemTimeOut 1.3.6.1.4.1.9.9.370.1.5.1.1.6
The TCP connection reassembly timeout value. This is the amount of time the SSL proxy waits during the TCP out of order traffic reassembly process for the next expected in sequence segment to arrive.
OBJECT-TYPE    
  Integer32 0..3600  

cspTpRcvBufShrLim 1.3.6.1.4.1.9.9.370.1.5.1.1.7
The receive buffer share limit per connection. This is used by SSL proxy to calculate the maximum window to advertise during the 3 way handshake, and is also the maximum share of the receive buffer pool that would be allocated for this connection.
OBJECT-TYPE    
  Integer32 8192..262144  

cspTpTransBufShrLim 1.3.6.1.4.1.9.9.370.1.5.1.1.8
The transmit buffer share limit per connection. This is the maximum share of the send buffer pool that would be allocated for this connection.
OBJECT-TYPE    
  Integer32 8192..262144  

cspTpMss 1.3.6.1.4.1.9.9.370.1.5.1.1.9
The TCP maximum segment size. This is the MSS value offered by the SSL proxy during 3-way handshake
OBJECT-TYPE    
  Integer32 256..1460  

cspTpPathMtuDisc 1.3.6.1.4.1.9.9.370.1.5.1.1.10
If 'true', the Path MTU Discovery algorithm is enabled.
OBJECT-TYPE    
  TruthValue  

cspTpConfigRowStatus 1.3.6.1.4.1.9.9.370.1.5.1.1.11
The conceptual row status of the TCP policy configuration entry. This entry can be modified when the status is 'active'.
OBJECT-TYPE    
  RowStatus  

cspSslPolicyTable 1.3.6.1.4.1.9.9.370.1.6.1
A list of SSL protocol policy configuration entries.
OBJECT-TYPE    
  SEQUENCE OF  
    CspSslPolicyEntry

cspSslPolicyEntry 1.3.6.1.4.1.9.9.370.1.6.1.1
A SSL policy defines a set of cipher suites to be supported, and the SSL or TLS protocol parameters. Each policy can be assigned to one or more proxy services. If no SSL policy is assigned to a proxy service, all supported cipher suites and all protocol versions will be enabled by default.
OBJECT-TYPE    
  CspSslPolicyEntry  

cspSpPolicyName 1.3.6.1.4.1.9.9.370.1.6.1.1.1
The unique name of a SSL protocol policy.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cspSpRSArc4128md5 1.3.6.1.4.1.9.9.370.1.6.1.1.2
An indication of whether or not the cipher suite RSA_WITH_RC4_128_MD5 is configured. If 'true', the cipher suite is configured.
OBJECT-TYPE    
  TruthValue  

cspSpRSArc4128sha 1.3.6.1.4.1.9.9.370.1.6.1.1.3
An indication of whether or not the cipher suite RSA_WITH_RC4_128_SHA is configured. If 'true', the cipher suite is configured.
OBJECT-TYPE    
  TruthValue  

cspSpRSAdescbcsha 1.3.6.1.4.1.9.9.370.1.6.1.1.4
An indication of whether or not the cipher suite RSA_WITH_DES_CBC_SHA is configured. If 'true', the cipher suite is configured.
OBJECT-TYPE    
  TruthValue  

cspSpRSA3descbcsha 1.3.6.1.4.1.9.9.370.1.6.1.1.5
An indication of whether or not the cipher suite RSA_WITH_3DES_EDE_CBC_SHA is configured. If 'true', the cipher suite is configured.
OBJECT-TYPE    
  TruthValue  

cspSpProtocol 1.3.6.1.4.1.9.9.370.1.6.1.1.6
The set of SSL and TLS protocols to be supported. The following values are defined: other(1) : An unspecified protocol, SSL 3.0(2) : Support SSL 3.0 protocol only, TLS 1.0(3) : Support TLS 1.0 protocol only, ssl3AndTls1(3) : Support both SSL 3.0 and TLS 1.0
OBJECT-TYPE    
  INTEGER other(1), ssl3(2), tls1(3), ssl3AndTls1(4)  

cspSpCloseProtocol 1.3.6.1.4.1.9.9.370.1.6.1.1.7
An indication of whether or not the SSL close protocol is enforced. If 'true', the close protocol is enforced. A close-notify alert message is sent to the peer, and a close-notify alert message is expected from the peer. If 'false', the close protocol is not enforced. The proxy service sends a close-notify alert message to the peer; however, the proxy service does not expect a close-notify alert from the peer before tearing down the session.
OBJECT-TYPE    
  TruthValue  

cspSpSessionCache 1.3.6.1.4.1.9.9.370.1.6.1.1.8
The SSL session cache size. The session cache is used to store a number of most recently used session identifiers. Session identifiers can be reused if a new connection requests to use a session identifier that is found in the cache. This object specifies the maximum size of the cache.
OBJECT-TYPE    
  Integer32 1..262143  

cspSpSessionTimeOut 1.3.6.1.4.1.9.9.370.1.6.1.1.9
The SSL session timeout value. The session entry will be removed from the session cache after the configured timeout. Once the session entry is removed, subsequent connections cannot reuse the session. If this timeout value is 0, entries in the session cache will not timeout.
OBJECT-TYPE    
  Integer32 0..72000  

cspSpConfigRowStatus 1.3.6.1.4.1.9.9.370.1.6.1.1.10
The row status of the SSL policy configuration entry. This entry can be modified when the status is 'active'.
OBJECT-TYPE    
  RowStatus  

cspTcpCountersClearTime 1.3.6.1.4.1.9.9.370.1.7.1
The last time when the TCP counters were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero.
OBJECT-TYPE    
  TimeStamp  

cspTcConnInit 1.3.6.1.4.1.9.9.370.1.8.1
The total number of TCP connections initiated by the proxy device.
OBJECT-TYPE    
  Counter32  

cspTcConnAccept 1.3.6.1.4.1.9.9.370.1.8.2
The total number of TCP connections accepted by the proxy device.
OBJECT-TYPE    
  Counter32  

cspTcConnEstab 1.3.6.1.4.1.9.9.370.1.8.3
The total number of TCP connections established.
OBJECT-TYPE    
  Counter32  

cspTcConnDrop 1.3.6.1.4.1.9.9.370.1.8.4
The total number of TCP connections dropped.
OBJECT-TYPE    
  Counter32  

cspTcConnClosed 1.3.6.1.4.1.9.9.370.1.8.5
The total number of TCP connections closed.
OBJECT-TYPE    
  Counter32  

cspTcSynTimeOuts 1.3.6.1.4.1.9.9.370.1.8.6
The total number of SYN timeouts.
OBJECT-TYPE    
  Counter32  

cspTcIdleTimeOuts 1.3.6.1.4.1.9.9.370.1.8.7
The total number of idle timeouts.
OBJECT-TYPE    
  Counter32  

cspTcTotalPktSent 1.3.6.1.4.1.9.9.370.1.8.8
The total number of TCP packets sent.
OBJECT-TYPE    
  Counter32  

cspTcDataPktSent 1.3.6.1.4.1.9.9.370.1.8.9
The total number of TCP data packets sent.
OBJECT-TYPE    
  Counter32  

cspTcDataByteSent 1.3.6.1.4.1.9.9.370.1.8.10
The total amount of data sent.
OBJECT-TYPE    
  Counter32  

cspTcTotalPktRcv 1.3.6.1.4.1.9.9.370.1.8.11
The total number of TCP packets received.
OBJECT-TYPE    
  Counter32  

cspTcPktRcvSeq 1.3.6.1.4.1.9.9.370.1.8.12
The total number of TCP data packets received in sequence.
OBJECT-TYPE    
  Counter32  

cspTcByteRcvSeq 1.3.6.1.4.1.9.9.370.1.8.13
The total amount of data received in sequence.
OBJECT-TYPE    
  Counter32  

cspSslCountersClearTime 1.3.6.1.4.1.9.9.370.1.9.1
The last time when the SSL counters were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero.
OBJECT-TYPE    
  TimeStamp  

cspScConnAttempt 1.3.6.1.4.1.9.9.370.1.10.1
The total number of SSL connections attempted.
OBJECT-TYPE    
  Counter32  

cspScConnComplete 1.3.6.1.4.1.9.9.370.1.10.2
The total number of SSL connections completed.
OBJECT-TYPE    
  Counter32  

cspScConnInHandShake 1.3.6.1.4.1.9.9.370.1.10.3
The number of SSL connections currently in handshake phase.
OBJECT-TYPE    
  Gauge32  

cspScConnInDataPhase 1.3.6.1.4.1.9.9.370.1.10.4
The number of SSL connections currently in data phase.
OBJECT-TYPE    
  Gauge32  

cspScRenegAttempt 1.3.6.1.4.1.9.9.370.1.10.5
The total number of SSL renegotiations attempted.
OBJECT-TYPE    
  Counter32  

cspScConnInReneg 1.3.6.1.4.1.9.9.370.1.10.6
The number of SSL connections currently in renegotiation phase
OBJECT-TYPE    
  Gauge32  

cspScActiveSessions 1.3.6.1.4.1.9.9.370.1.10.7
The number of active SSL sessions. This number indicates the number of valid session entries in the session cache.
OBJECT-TYPE    
  Gauge32  

cspScMaxHandShakeConns 1.3.6.1.4.1.9.9.370.1.10.8
This indicates the maximum number of connections present in handshake phase at any point of time
OBJECT-TYPE    
  Gauge32  

cspScCurrDeviceQLen 1.3.6.1.4.1.9.9.370.1.10.9
The current device queue length. Indicates the number of requests pending with the device.
OBJECT-TYPE    
  Gauge32  

cspScMaxDeviceQLen 1.3.6.1.4.1.9.9.370.1.10.10
The maximum device queue length recorded. Indicates the maximum number of requests queued to the device at any point of time.
OBJECT-TYPE    
  Gauge32  

cspScSessionReuses 1.3.6.1.4.1.9.9.370.1.10.11
The number of session reuses. Indicates the number of times the sessions got reused before the session timer expired.
OBJECT-TYPE    
  Counter32  

cspS3cFullHandShake 1.3.6.1.4.1.9.9.370.1.11.1
The total number of full SSL 3.0 handshakes completed.
OBJECT-TYPE    
  Counter32  

cspS3cResumedHandShake 1.3.6.1.4.1.9.9.370.1.11.2
The total number of SSL 3.0 resumed handshakes completed.
OBJECT-TYPE    
  Counter32  

cspS3cHandShakeFailed 1.3.6.1.4.1.9.9.370.1.11.3
The total number of SSL 3.0 connections failed in handshake phase.
OBJECT-TYPE    
  Counter32  

cspS3cDataFailed 1.3.6.1.4.1.9.9.370.1.11.4
The total number of SSL 3.0 sessions failed in data phase.
OBJECT-TYPE    
  Counter32  

cspS3cBadMacRcvd 1.3.6.1.4.1.9.9.370.1.11.5
The total number of received SSL 3.0 records which have bad MAC (Message Authentication Code).
OBJECT-TYPE    
  Counter32  

cspS3cPadErrors 1.3.6.1.4.1.9.9.370.1.11.6
The total number of received SSL 3.0 records which have pad errors.
OBJECT-TYPE    
  Counter32  

cspS3cRSArc4128md5 1.3.6.1.4.1.9.9.370.1.11.7
The total number of SSL 3.0 connections which used cipher suite RSA_WITH_RC4_128_MD5.
OBJECT-TYPE    
  Counter32  

cspS3cRSArc4128sha 1.3.6.1.4.1.9.9.370.1.11.8
The total number of SSL 3.0 connections which used cipher suite RSA_WITH_RC4_128_SHA.
OBJECT-TYPE    
  Counter32  

cspS3cRSAdescbcsha 1.3.6.1.4.1.9.9.370.1.11.9
The total number of SSL 3.0 connections which used cipher suite RSA_WITH_DES_CBC_SHA.
OBJECT-TYPE    
  Counter32  

cspS3cRSA3desedecbcsha 1.3.6.1.4.1.9.9.370.1.11.10
The total number of SSL 3.0 connections which used cipher suite RSA_WITH_3DES_EDE_CBC_SHA.
OBJECT-TYPE    
  Counter32  

cspTlcFullHandShake 1.3.6.1.4.1.9.9.370.1.12.1
The total number of full TLS 1.0 handshakes completed.
OBJECT-TYPE    
  Counter32  

cspTlcResumedHandShake 1.3.6.1.4.1.9.9.370.1.12.2
The total number of resumed TLS 1.0 handshakes completed.
OBJECT-TYPE    
  Counter32  

cspTlcHandShakeFailed 1.3.6.1.4.1.9.9.370.1.12.3
The total number of TLS 1.0 connections failed in handshake phase.
OBJECT-TYPE    
  Counter32  

cspTlcDataFailed 1.3.6.1.4.1.9.9.370.1.12.4
The total number of TLS 1.0 connections failed in data phase.
OBJECT-TYPE    
  Counter32  

cspTlcBadMacRcvd 1.3.6.1.4.1.9.9.370.1.12.5
The total number of received TLS 1.0 records which have bad MAC (Message Authentication Code.
OBJECT-TYPE    
  Counter32  

cspTlcPadErrors 1.3.6.1.4.1.9.9.370.1.12.6
The total number of received TLS 1.0 records which have pad errors.
OBJECT-TYPE    
  Counter32  

cspTlcRSArc4128md5 1.3.6.1.4.1.9.9.370.1.12.7
The total number of TLS 1.0 connections which used the cipher suite RSA_WITH_RC4_128_MD5.
OBJECT-TYPE    
  Counter32  

cspTlcRSArc4128sha 1.3.6.1.4.1.9.9.370.1.12.8
The total number of TLS 1.0 connections which used the cipher suite RSA_WITH_RC4_128_SHA.
OBJECT-TYPE    
  Counter32  

cspTlcRSAdescbcsha 1.3.6.1.4.1.9.9.370.1.12.9
The total number of TLS 1.0 connections which used the cipher suite RSA_WITH_DES_CBC_SHA.
OBJECT-TYPE    
  Counter32  

cspTlcRSA3desedecbcsha 1.3.6.1.4.1.9.9.370.1.12.10
The total number of TLS 1.0 connections which used the cipher suite RSA_WITH_3DES_EDE_CBC_SHA.
OBJECT-TYPE    
  Counter32  

cspSccBlksEncrypted 1.3.6.1.4.1.9.9.370.1.13.1
The total number of data blocks that got encrypted.
OBJECT-TYPE    
  Counter32  

cspSccBlksDecrypted 1.3.6.1.4.1.9.9.370.1.13.2
The total number of data blocks that got decrypted.
OBJECT-TYPE    
  Counter32  

cspSccBytesEncrypted 1.3.6.1.4.1.9.9.370.1.13.3
The total number of bytes that got encrypted.
OBJECT-TYPE    
  Counter32  

cspSccBytesDecrypted 1.3.6.1.4.1.9.9.370.1.13.4
The total number of bytes that got decrypted.
OBJECT-TYPE    
  Counter32  

cspSccPublicKeyOpers 1.3.6.1.4.1.9.9.370.1.13.5
The total number of RSA public key operations performed.
OBJECT-TYPE    
  Counter32  

cspSccPrivateKeyOpers 1.3.6.1.4.1.9.9.370.1.13.6
The total number of RSA private key operations performed.
OBJECT-TYPE    
  Counter32  

cspSccCryptoFails 1.3.6.1.4.1.9.9.370.1.13.7
The total number of failed cryptographic operations.
OBJECT-TYPE    
  Counter32  

cspSccDmaErrors 1.3.6.1.4.1.9.9.370.1.13.8
The total number of cryptographic device DMA errors.
OBJECT-TYPE    
  Counter32  

cspSecSessAllocFailed 1.3.6.1.4.1.9.9.370.1.14.1
The total number of times SSL session could not be allocated.
OBJECT-TYPE    
  Counter32  

cspSecSessLimitExceed 1.3.6.1.4.1.9.9.370.1.14.2
The total number of times configured SSL session limit got exceeded. The new connections will be rejected if the session limit is exceeded.
OBJECT-TYPE    
  Counter32  

cspSecHShakeInitFailed 1.3.6.1.4.1.9.9.370.1.14.3
The total number of times SSL connections failed even before the handshake phase got started. This typically indicates that there is some connectivity problem with the server.
OBJECT-TYPE    
  Counter32  

cspSecRenegFailed 1.3.6.1.4.1.9.9.370.1.14.4
The total number of times SSL renegotiation failed.
OBJECT-TYPE    
  Counter32  

cspSecFatalAlertsRcvd 1.3.6.1.4.1.9.9.370.1.14.5
The total number of fatal alerts received.
OBJECT-TYPE    
  Counter32  

cspSecFatalAlertsSent 1.3.6.1.4.1.9.9.370.1.14.6
The total number of fatal alerts sent.
OBJECT-TYPE    
  Counter32  

cspSecNoCipherAlerts 1.3.6.1.4.1.9.9.370.1.14.7
The total number of ALERT_HANDSHAKE_FAIL alerts sent due to unsupported cipher suites.
OBJECT-TYPE    
  Counter32  

cspSecVerMismatchAlerts 1.3.6.1.4.1.9.9.370.1.14.8
The total number of ALERT_PROTOCOL_VERSION alerts sent due to unsupported version number.
OBJECT-TYPE    
  Counter32  

cspSecNoComprsnAlerts 1.3.6.1.4.1.9.9.370.1.14.9
The total number of ALERT_HANDSHAKE_FAIL alerts sent due to unsupported compression scheme.
OBJECT-TYPE    
  Counter32  

cspSecHShakeHndleMemFail 1.3.6.1.4.1.9.9.370.1.14.10
The total number of handshake handle memory allocation failure.
OBJECT-TYPE    
  Counter32  

cspSecStalePakDrop 1.3.6.1.4.1.9.9.370.1.14.11
The total number of stale packets dropped. Indicates the number of packets received after the SSL connection is torn down.
OBJECT-TYPE    
  Counter32  

cspSecServiceIdDiscard 1.3.6.1.4.1.9.9.370.1.14.12
The total number of connections rejected because of invalid service identifiers.
OBJECT-TYPE    
  Counter32  

cspSecHShakeLimitExceed 1.3.6.1.4.1.9.9.370.1.14.13
The total number of times simultaneous handshake connection exceeded the capacity. The new connections will be rejected if the total number of simultaneous handshake connections exceeds the limit.
OBJECT-TYPE    
  Counter32  

cspSecDevConnCtxtFail 1.3.6.1.4.1.9.9.370.1.14.14
The total number of times device context could not be allocated.
OBJECT-TYPE    
  Counter32  

cspSecMemAllocFailed 1.3.6.1.4.1.9.9.370.1.14.15
The total number of times memory allocation failed.
OBJECT-TYPE    
  Counter32  

cspSecBuffAllocFailed 1.3.6.1.4.1.9.9.370.1.14.16
The total number of times buffer allocation failed.
OBJECT-TYPE    
  Counter32  

cspSecAlertSendFailed 1.3.6.1.4.1.9.9.370.1.14.17
The total number of failure to send alerts. This is typically because of the memory allocation failure.
OBJECT-TYPE    
  Counter32  

cspSecOverloadDropped 1.3.6.1.4.1.9.9.370.1.14.18
The total number of connections rejected because of overload conditions. This indicates that the incoming rate is higher than what can be handled.
OBJECT-TYPE    
  Counter32  

cspSecConnAborted 1.3.6.1.4.1.9.9.370.1.14.19
The total number of SSL connections aborted.
OBJECT-TYPE    
  Counter32  

cspPsCountersTable 1.3.6.1.4.1.9.9.370.1.15.1
A list of proxy service global counter entries
OBJECT-TYPE    
  SEQUENCE OF  
    CspPsCounterEntry

cspPsCounterEntry 1.3.6.1.4.1.9.9.370.1.15.1.1
The proxy service global counter entry. Each entry displays the global SSL counters collected for a proxy service.
OBJECT-TYPE    
  CspPsCounterEntry  

cspPscClearTime 1.3.6.1.4.1.9.9.370.1.15.1.1.1
The last time when counters in this entry were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero.
OBJECT-TYPE    
  TimeStamp  

cspPscConnAttempt 1.3.6.1.4.1.9.9.370.1.15.1.1.2
The total number of SSL connections attempted.
OBJECT-TYPE    
  Counter32  

cspPscConnComplete 1.3.6.1.4.1.9.9.370.1.15.1.1.3
The total number of SSL connections completed.
OBJECT-TYPE    
  Counter32  

cspPscFullHandShake 1.3.6.1.4.1.9.9.370.1.15.1.1.4
The total number of full handshakes completed.
OBJECT-TYPE    
  Counter32  

cspPscResumedHandShake 1.3.6.1.4.1.9.9.370.1.15.1.1.5
The total number of resumed handshakes completed.
OBJECT-TYPE    
  Counter32  

cspPscConnInHandShake 1.3.6.1.4.1.9.9.370.1.15.1.1.6
The number of connections currently in handshake phase.
OBJECT-TYPE    
  Gauge32  

cspPscConnInDataPhase 1.3.6.1.4.1.9.9.370.1.15.1.1.7
The number of connections currently in data phase.
OBJECT-TYPE    
  Gauge32  

cspPscRenegAttempt 1.3.6.1.4.1.9.9.370.1.15.1.1.8
The total number of SSL renegotiations attempted.
OBJECT-TYPE    
  Counter32  

cspPscConnInReneg 1.3.6.1.4.1.9.9.370.1.15.1.1.9
The number of connections currently in renegotiation phase.
OBJECT-TYPE    
  Gauge32  

cspPscBlksEncrypted 1.3.6.1.4.1.9.9.370.1.15.1.1.10
The total number of data blocks that got encrypted.
OBJECT-TYPE    
  Counter32  

cspPscBlksDecrypted 1.3.6.1.4.1.9.9.370.1.15.1.1.11
The total number of data blocks that got decrypted.
OBJECT-TYPE    
  Counter32  

cspPscBytesEncrypted 1.3.6.1.4.1.9.9.370.1.15.1.1.12
The total number of bytes that got encrypted.
OBJECT-TYPE    
  Counter32  

cspPscBytesDecrypted 1.3.6.1.4.1.9.9.370.1.15.1.1.13
The total number of bytes that got decrypted.
OBJECT-TYPE    
  Counter32  

cspPscValidSessions 1.3.6.1.4.1.9.9.370.1.15.1.1.14
The total number of current valid sessions in the session cache.
OBJECT-TYPE    
  Counter32  

cspPscSessLimitExceed 1.3.6.1.4.1.9.9.370.1.15.1.1.15
The total number of times configured SSL session limit got exceeded. The new connections will be rejected if the session limit is exceeded.
OBJECT-TYPE    
  Counter32  

cspPscHandShakeFailed 1.3.6.1.4.1.9.9.370.1.15.1.1.16
The total number of times SSL connections failed in handshake phase.
OBJECT-TYPE    
  Counter32  

cspPscDataFailed 1.3.6.1.4.1.9.9.370.1.15.1.1.17
The total number of times SSL connections failed in data phase.
OBJECT-TYPE    
  Counter32  

cspPscFatalAlertsRcvd 1.3.6.1.4.1.9.9.370.1.15.1.1.18
The total number of fatal alerts received.
OBJECT-TYPE    
  Counter32  

cspPscFatalAlertsSent 1.3.6.1.4.1.9.9.370.1.15.1.1.19
The total number of fatal alerts sent.
OBJECT-TYPE    
  Counter32  

cspPscBadMacRcvd 1.3.6.1.4.1.9.9.370.1.15.1.1.20
The total number of received SSL records which have bad MAC (Message Authentication Code).
OBJECT-TYPE    
  Counter32  

cspPscPadErrors 1.3.6.1.4.1.9.9.370.1.15.1.1.21
The total number of received SSL records which have pad errors.
OBJECT-TYPE    
  Counter32  

cspPscNoCipherAlerts 1.3.6.1.4.1.9.9.370.1.15.1.1.22
The total number of alerts sent due to unsupported cipher suites.
OBJECT-TYPE    
  Counter32  

cspPscNoComprsnAlerts 1.3.6.1.4.1.9.9.370.1.15.1.1.23
The total number of alerts sent due to unsupported compression scheme.
OBJECT-TYPE    
  Counter32  

cspPscVerMismatchAlerts 1.3.6.1.4.1.9.9.370.1.15.1.1.24
The total number of alerts sent due to unsupported SSL or TLS version.
OBJECT-TYPE    
  Counter32  

cspPsSsl3CountersTable 1.3.6.1.4.1.9.9.370.1.16.1
A list of proxy service SSL 3.0 counter entries.
OBJECT-TYPE    
  SEQUENCE OF  
    CspPsSsl3CounterEntry

cspPsSsl3CounterEntry 1.3.6.1.4.1.9.9.370.1.16.1.1
The proxy service SSL 3.0 counter entry. This entry reports the counters collected about the SSL 3.0 protocol for each proxy service.
OBJECT-TYPE    
  CspPsSsl3CounterEntry  

cspPs3cClearTime 1.3.6.1.4.1.9.9.370.1.16.1.1.1
The last time when counters in this entry were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have the value of zero.
OBJECT-TYPE    
  TimeStamp  

cspPs3cFullHandShake 1.3.6.1.4.1.9.9.370.1.16.1.1.2
The total number of SSL 3.0 full handshakes completed.
OBJECT-TYPE    
  Counter32  

cspPs3cResumedHandShake 1.3.6.1.4.1.9.9.370.1.16.1.1.3
The total number of SSL 3.0 resumed handshakes completed.
OBJECT-TYPE    
  Counter32  

cspPs3cHandShakeFailed 1.3.6.1.4.1.9.9.370.1.16.1.1.4
The total number of SSL 3.0 connections failed in handshake phase.
OBJECT-TYPE    
  Counter32  

cspPs3cDataFailed 1.3.6.1.4.1.9.9.370.1.16.1.1.5
The total number of SSL 3.0 connections failed in data phase.
OBJECT-TYPE    
  Counter32  

cspPs3cBadMacRcvd 1.3.6.1.4.1.9.9.370.1.16.1.1.6
The total number of received SSL 3.0 records which have bad MAC (Message Authentication Code).
OBJECT-TYPE    
  Counter32  

cspPs3cPadErrors 1.3.6.1.4.1.9.9.370.1.16.1.1.7
The total number of received SSL 3.0 records which have pad errors.
OBJECT-TYPE    
  Counter32  

cspPs3cRSArc4128md5 1.3.6.1.4.1.9.9.370.1.16.1.1.8
The total number of SSL 3.0 connections that used the cipher suite RSA_WITH_RC4_128_MD5.
OBJECT-TYPE    
  Counter32  

cspPs3cRSArc4128sha 1.3.6.1.4.1.9.9.370.1.16.1.1.9
The total number of SSL 3.0 connections that used the cipher suite RSA_WITH_RC4_128_SHA.
OBJECT-TYPE    
  Counter32  

cspPs3cRSAdescbcsha 1.3.6.1.4.1.9.9.370.1.16.1.1.10
The total number of SSL 3.0 connections that used the cipher suite RSA_WITH_DES_CBC_SHA.
OBJECT-TYPE    
  Counter32  

cspPs3cRSA3desedecbcsha 1.3.6.1.4.1.9.9.370.1.16.1.1.11
The total number of SSL 3.0 connections that used the cipher suite RSA_WITH_3DES_EDE_CBC_SHA.
OBJECT-TYPE    
  Counter32  

cspPsTls1CountersTable 1.3.6.1.4.1.9.9.370.1.17.1
A list of proxy service TLS 1.0 counter entries.
OBJECT-TYPE    
  SEQUENCE OF  
    CspPsTls1CounterEntry

cspPsTls1CounterEntry 1.3.6.1.4.1.9.9.370.1.17.1.1
The proxy service TLS 1.0 counter entry. This entry displays counters collected about the TLS 1.0 protocol for each proxy service.
OBJECT-TYPE    
  CspPsTls1CounterEntry  

cspPt1cClearTime 1.3.6.1.4.1.9.9.370.1.17.1.1.1
The last time when counters in this entry were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero.
OBJECT-TYPE    
  TimeStamp  

cspPt1cFullHandShake 1.3.6.1.4.1.9.9.370.1.17.1.1.2
The total number of TLS 1.0 full handshakes completed.
OBJECT-TYPE    
  Counter32  

cspPt1cResumedHandShake 1.3.6.1.4.1.9.9.370.1.17.1.1.3
The total number of TLS 1.0 resumed handshakes completed.
OBJECT-TYPE    
  Counter32  

cspPt1cHandShakeFailed 1.3.6.1.4.1.9.9.370.1.17.1.1.4
The total number of TLS 1.0 connections failed in handshake phase.
OBJECT-TYPE    
  Counter32  

cspPt1cDataFailed 1.3.6.1.4.1.9.9.370.1.17.1.1.5
The total number of TLS 1.0 connections failed in data phase.
OBJECT-TYPE    
  Counter32  

cspPt1cBadMacRcvd 1.3.6.1.4.1.9.9.370.1.17.1.1.6
The total number of received TLS 1.0 records which have bad MAC (Message Authentication Code).
OBJECT-TYPE    
  Counter32  

cspPt1cPadErrors 1.3.6.1.4.1.9.9.370.1.17.1.1.7
The total number of received TLS 1.0 records which have pad errors.
OBJECT-TYPE    
  Counter32  

cspPt1cRSArc4128md5 1.3.6.1.4.1.9.9.370.1.17.1.1.8
The total number of TLS 1.0 connections that used the cipher suite RSA_WITH_RC4_128_MD5.
OBJECT-TYPE    
  Counter32  

cspPt1cRSArc4128sha 1.3.6.1.4.1.9.9.370.1.17.1.1.9
The total number of TLS 1.0 connections that used the cipher suite RSA_WITH_RC4_128_SHA.
OBJECT-TYPE    
  Counter32  

cspPt1cRSAdescbcsha 1.3.6.1.4.1.9.9.370.1.17.1.1.10
The total number of TLS 1.0 connections that used the cipher suite RSA_WITH_DES_CBC_SHA.
OBJECT-TYPE    
  Counter32  

cspPt1cRSA3desedecbcsha 1.3.6.1.4.1.9.9.370.1.17.1.1.11
The total number of TLS 1.0 connections that used the cipher suite RSA_WITH_3DES_EDE_CBC_SHA.
OBJECT-TYPE    
  Counter32  

cspCpuStatusTable 1.3.6.1.4.1.9.9.370.1.18.1
A list of CPU status information entries.
OBJECT-TYPE    
  SEQUENCE OF  
    CspCpuStatusEntry

cspCpuStatusEntry 1.3.6.1.4.1.9.9.370.1.18.1.1
The CPU status information entry. Each entry displays the operational status and usage information about one CPU on the proxy device. A proxy device can have one or more CPU's.
OBJECT-TYPE    
  CspCpuStatusEntry  

cspCpuName 1.3.6.1.4.1.9.9.370.1.18.1.1.1
The unique name of a CPU on the proxy device.
OBJECT-TYPE    
  SnmpAdminString Size(1..20)  

cspCpuStatus 1.3.6.1.4.1.9.9.370.1.18.1.1.2
The operational status of the CPU.
OBJECT-TYPE    
  INTEGER up(1), down(2)  

cspCpuClearTime 1.3.6.1.4.1.9.9.370.1.18.1.1.3
The last time when the CPU counters were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero.
OBJECT-TYPE    
  TimeStamp  

cspCpuProcessUtil 1.3.6.1.4.1.9.9.370.1.18.1.1.4
The percentage of CPU time utilized at process level.
OBJECT-TYPE    
  Gauge32  

cspCpuInterruptUtil 1.3.6.1.4.1.9.9.370.1.18.1.1.5
The percentage of CPU time utilized at interrupt level.
OBJECT-TYPE    
  Gauge32  

cspCpuProcessUtilIn5Sec 1.3.6.1.4.1.9.9.370.1.18.1.1.6
The percentage of CPU time utilized at process level within the past five seconds.
OBJECT-TYPE    
  Gauge32  

cspCpuProcessUtilIn1Min 1.3.6.1.4.1.9.9.370.1.18.1.1.7
The percentage of CPU time utilized at process level within the past minute.
OBJECT-TYPE    
  Gauge32  

cspCpuProcessUtilIn5Min 1.3.6.1.4.1.9.9.370.1.18.1.1.8
The percentage of CPU time utilized at process level within the past five minutes.
OBJECT-TYPE    
  Gauge32  

cspCpuInterruptUtilIn5Sec 1.3.6.1.4.1.9.9.370.1.18.1.1.9
The percentage of CPU time utilized at interrupt level within the past five seconds.
OBJECT-TYPE    
  Gauge32  

cspCpuInterruptUtilIn1Min 1.3.6.1.4.1.9.9.370.1.18.1.1.10
The percentage of CPU time utilized at interrupt level within the past minute.
OBJECT-TYPE    
  Gauge32  

cspCpuInterruptUtilIn5Min 1.3.6.1.4.1.9.9.370.1.18.1.1.11
The percentage of CPU time utilized at interrupt level within the past five minutes.
OBJECT-TYPE    
  Gauge32  

cspNumOfSslInfoSuccessInserted 1.3.6.1.4.1.9.9.370.1.19.1.1
This object represents the total number of times SSL headers were successfully inserted. The number of individual SSL session headers and SSL server header within a SSL header insertion are not counted separately.
OBJECT-TYPE    
  Counter32  

cspNumOfSslInfoFailedInserted 1.3.6.1.4.1.9.9.370.1.19.1.2
This object represents the number of failed insertions of SSL information into HTTP headers.
OBJECT-TYPE    
  Counter32  

cspNumOfSpoofHttpHeaderDeleted 1.3.6.1.4.1.9.9.370.1.19.1.3
This object represents the number of times a header in the incoming HTTP request was deleted because of possible header spoofing.
OBJECT-TYPE    
  Counter32  

cspNumOfSslSessHeaderExtracted 1.3.6.1.4.1.9.9.370.1.19.1.4
This object represents the number of SSL session headers extracted.
OBJECT-TYPE    
  Counter32  

cspNumOfSslSessHeaderFailedExtracted 1.3.6.1.4.1.9.9.370.1.19.1.5
This object represents the number of SSL session headers that failed to be extracted.
OBJECT-TYPE    
  Counter32  

cspNumOfSslServerCertHeaderExtracted 1.3.6.1.4.1.9.9.370.1.19.1.6
This object represents the total number of SSL server certificate headers extracted successfully.
OBJECT-TYPE    
  Counter32  

cspNumOfSslServerCerHeaderFailedExtracted 1.3.6.1.4.1.9.9.370.1.19.1.7
This object represents the number of SSL server certificate headers that failed to be extracted.
OBJECT-TYPE    
  Counter32  

cspNumOfTimesSslHeaderTruncated 1.3.6.1.4.1.9.9.370.1.19.1.8
This object represents the number of times SSL headers were truncated because the size of SSL data inserted exceeds maximum length value.
OBJECT-TYPE    
  Counter32  

cspNumOfSslClientCertHeaderExtracted 1.3.6.1.4.1.9.9.370.1.19.2.1
This object represents the total number of SSL client certificate headers extracted successfully.
OBJECT-TYPE    
  Counter32  

cspNumOfSslClientCertHeaderFailedExtracted 1.3.6.1.4.1.9.9.370.1.19.2.2
This object represents the number of SSL client certificate headers that failed to be extracted.
OBJECT-TYPE    
  Counter32  

cspCertNotYetValidRedirect 1.3.6.1.4.1.9.9.370.1.20.1.1
This object represents the number of HTTP redirects with reason client certificate is not valid yet.
OBJECT-TYPE    
  Counter32  

cspCertExpiredRedirect 1.3.6.1.4.1.9.9.370.1.20.1.2
This object represents the number of HTTP redirects with reason expired client certificate.
OBJECT-TYPE    
  Counter32  

cspIssuerCertNotFoundRedirect 1.3.6.1.4.1.9.9.370.1.20.1.3
This object represents the number of HTTP redirects because issuer certificate could not be found. This occurs if the issuer certificate of an untrusted certificate cannot be found.
OBJECT-TYPE    
  Counter32  

cspCertRevokedRedirect 1.3.6.1.4.1.9.9.370.1.20.1.4
This object represents the number of HTTP redirects with reason revoked client certificate.
OBJECT-TYPE    
  Counter32  

cspNoClientCertSentRedirect 1.3.6.1.4.1.9.9.370.1.20.1.5
This object represents the number of HTTP redirects with reason client certificate was not sent.
OBJECT-TYPE    
  Counter32  

cspNoCrlAvailableRedirect 1.3.6.1.4.1.9.9.370.1.20.1.6
This object represents the number of HTTP redirects with reason no CRL available during revocation check.
OBJECT-TYPE    
  Counter32  

cspCrlExpiredRedirect 1.3.6.1.4.1.9.9.370.1.20.1.7
This object represents the number of HTTP redirects with reason CRL expired during revocation check.
OBJECT-TYPE    
  Counter32  

cspCertSignatureFailedRedirect 1.3.6.1.4.1.9.9.370.1.20.1.8
This object represents the number of HTTP redirects with reason invalid certificate signature.
OBJECT-TYPE    
  Counter32  

cspOtherCertErrorRedirect 1.3.6.1.4.1.9.9.370.1.20.1.9
This object represents the number of HTTP redirects with reason other certificate errors.
OBJECT-TYPE    
  Counter32  

cspSslTrapType 1.3.6.1.4.1.9.9.370.1.21.1
This object indicates the type of trap issued by cspSSLResourceLimitReached notification.
OBJECT-TYPE    
  INTEGER risingHighThresh(1), fallingHighThresh(3)  

cspSslMaxConn 1.3.6.1.4.1.9.9.370.1.21.2
This object specifies the maximum allowed SSL (SSLv3 and TLSv1) connections per system as configured by the user.
OBJECT-TYPE    
  Unsigned32  

cspSslActiveConn 1.3.6.1.4.1.9.9.370.1.21.3
This object indicates the active SSL (SSLv3 and TLSv1) connections per system.
OBJECT-TYPE    
  Gauge32  

cspSslConfigHighConnPcnt 1.3.6.1.4.1.9.9.370.1.21.4
This object specifies the percentage of the maximum SSL connections per system as configured by the user.
OBJECT-TYPE    
  Unsigned32  

cspSslActiveConnPcnt 1.3.6.1.4.1.9.9.370.1.21.5
This object indicates the percentage of the active SSL connections per system based on cspSslActiveConn. The notification will be send when the cspSslActiveConnPcnt count exceeds cspSslConfigHighConnPcnt.
OBJECT-TYPE    
  Unsigned32  

cspSslConfigWatermarkConnPcnt 1.3.6.1.4.1.9.9.370.1.21.6
This object specifies the SSL connections watermark threshold value (in percentage) per system allowed as configured by the user. The value of cspSslConfigWatermarkPcnt should be less than cspSslConfigHighConnPcnt.
OBJECT-TYPE    
  Unsigned32  

cspServOperStatus 1.3.6.1.4.1.9.9.370.0.1
The proxy service operation status change notification. When the Operation Status of a proxy service changes, and cspGcNotifyProxyServOperStatus is 'true', a notification will be issued. The notification contains the current operation status and the down reason of the proxy service.
NOTIFICATION-TYPE    

cspServCertExpiring 1.3.6.1.4.1.9.9.370.0.2
The proxy service certificate expiring notification. If the time interval cspGcPSCertExpireInterval is positive, and cspGcNotifyPSCertExpiring is 'true', a notification will be issued for every proxy service certificate that will be expiring within this time interval. This notification is issued only once for each of these certificates. If the interval is changed from a positive value to 0, the proxy device will clear its memory of notification issued in the past, and stop issuing new notification. The notification contains the subject name, the serial number and the issuer name of the certificate, the serial number of the issuer's certificate, and the end date on the certificate.
NOTIFICATION-TYPE    

cspSSLResourceLimitReached 1.3.6.1.4.1.9.9.370.0.3
This notification is issued on the following scenarios: 1) When the value of cpsSslActiveConnPcnt exceeds the value of cspSslConfigHighConnPcnt 2) When the value of cpsSslActiveConn falls below the watermark value represented by cspSslConfigWatermarkPcnt.
NOTIFICATION-TYPE    

cspMIBCompliances 1.3.6.1.4.1.9.9.370.2.1
OBJECT IDENTIFIER    

cspMIBGroups 1.3.6.1.4.1.9.9.370.2.2
OBJECT IDENTIFIER    

cspMIBCompliance 1.3.6.1.4.1.9.9.370.2.1.1
The compliance statement for entities which implement the Cisco SSL Proxy MIB.
MODULE-COMPLIANCE    

cspMIBComplianceRev1 1.3.6.1.4.1.9.9.370.2.1.2
The compliance statement for entities which implement the Cisco SSL Proxy MIB.
MODULE-COMPLIANCE    

cspMIBComplianceRev2 1.3.6.1.4.1.9.9.370.2.1.3
The compliance statement for entities which implement the Cisco SSL Proxy MIB.
MODULE-COMPLIANCE    

cspGlobalConfigGroup 1.3.6.1.4.1.9.9.370.2.2.1
A collection of global configuration objects.
OBJECT-GROUP    

cspProxyServiceConfigGroup 1.3.6.1.4.1.9.9.370.2.2.2
A collection of configuration objects for a proxy service.
OBJECT-GROUP    

cspPolicyConfigGroup 1.3.6.1.4.1.9.9.370.2.2.3
A collection of configuration objects for a policy.
OBJECT-GROUP    

cspTcpGroup 1.3.6.1.4.1.9.9.370.2.2.4
A collection of TCP protocol objects.
OBJECT-GROUP    

cspSslGroup 1.3.6.1.4.1.9.9.370.2.2.5
A collection of SSL handshake protocol statistics.
OBJECT-GROUP    

cspSsl3Group 1.3.6.1.4.1.9.9.370.2.2.6
A collection of SSL 3.0 protocol statistics.
OBJECT-GROUP    

cspTls1Group 1.3.6.1.4.1.9.9.370.2.2.7
A collection of TLS 1.0 protocol statistics.
OBJECT-GROUP    

cspSslCryptoGroup 1.3.6.1.4.1.9.9.370.2.2.8
A collection of cryptographic statistics.
OBJECT-GROUP    

cspSslErrorGroup 1.3.6.1.4.1.9.9.370.2.2.9
A collection of SSL protocol error counters.
OBJECT-GROUP    

cspProxyServiceStatsGroup 1.3.6.1.4.1.9.9.370.2.2.10
A collection of proxy service statistics.
OBJECT-GROUP    

cspProxyServiceSsl3Group 1.3.6.1.4.1.9.9.370.2.2.11
A collection of SSL 3.0 statistics for a proxy service.
OBJECT-GROUP    

cspProxyServiceTls1Group 1.3.6.1.4.1.9.9.370.2.2.12
A collection of TLS 1.0 statistics for a proxy service.
OBJECT-GROUP    

cspCpuStatusGroup 1.3.6.1.4.1.9.9.370.2.2.13
A collection of statuses and usage information about each CPU on the SSL proxy device.
OBJECT-GROUP    

cspProxyServiceNotificationGroup 1.3.6.1.4.1.9.9.370.2.2.14
A collection of notifications for signaling important proxy service events.
NOTIFICATION-GROUP    

cspHttpHeaderInsertedSslInfoGroup 1.3.6.1.4.1.9.9.370.2.2.15
A collection of stats related to the insertion of SSL session and SSL server certificate information into HTTP header.
OBJECT-GROUP    

cspHttpHeaderInsertedSslClientCertGroup 1.3.6.1.4.1.9.9.370.2.2.16
A collection of stats related to the insertion of SSL client certificate information into HTTP header.
OBJECT-GROUP    

cspHttpRedirectInfoGroup 1.3.6.1.4.1.9.9.370.2.2.17
A collection of counters for http redirect due to client certificate authentication failure type.
OBJECT-GROUP    

cspSslResourceLimitNotifObjectsGroup 1.3.6.1.4.1.9.9.370.2.2.18
Collection of the objects for connection notification related configuration and information.
OBJECT-GROUP    

cspSslResourceLimitNotifGroup 1.3.6.1.4.1.9.9.370.2.2.19
A collection of notifications for signaling important resource limit exceed signalling.
NOTIFICATION-GROUP