EdgeSwitch-MGMT-SECURITY-MIB DEFINITIONS ::= BEGIN -- Ubiquiti Mgmt Security MIB -- Copyright Broadcom Inc (2003-2007) All rights reserved. -- This SNMP Management Information Specification -- embodies Broadcom Inc's confidential and proprietary -- intellectual property. Broadcom Inc retains all title -- and ownership in the Specification including any revisions. -- This Specification is supplied "AS IS", Broadcom Inc -- makes no warranty, either expressed or implied, -- as to the use, operation, condition, or performance of the -- Specification. IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, IpAddress, Integer32 FROM SNMPv2-SMI fastPath FROM EdgeSwitch-REF-MIB DisplayString FROM RFC1213-MIB TruthValue FROM SNMPv2-TC; fastPathMgmtSecurity MODULE-IDENTITY LAST-UPDATED "201311110000Z" -- 11 Nov 2013 12:00:00 GMT ORGANIZATION "Broadcom Inc" CONTACT-INFO "" DESCRIPTION "The Ubiquiti Private MIB for FastPath Security" -- Revision history. REVISION "201311110000Z" -- 11 Nov 2013 12:00:00 GMT DESCRIPTION "Fixed allowed integer range for object agentSSLSecurePort." REVISION "201308270000Z" -- 27 Aug 2013 12:00:00 GMT DESCRIPTION "Added object agentSSHMgmtPortNum to agentSSHConfigGroup." REVISION "201101260000Z" -- 26 Jan 2011 12:00:00 GMT DESCRIPTION "Postal address updated." REVISION "200705230000Z" -- 23 May 2007 12:00:00 GMT DESCRIPTION "Ubiquiti branding related changes." REVISION "200311210000Z" -- 21 Nov 2003 12:00:00 GMT DESCRIPTION "Initial revision." ::= { fastPath 11 } --************************************************************************************** -- agentSSLConfigGroup -- --************************************************************************************** agentSSLConfigGroup OBJECT IDENTIFIER ::= { fastPathMgmtSecurity 1 } agentSSLAdminMode OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Configures whether the SSL service is enabled on this switch. The default value is disable(2)." ::= { agentSSLConfigGroup 1 } agentSSLSecurePort OBJECT-TYPE SYNTAX Integer32 (443|1025..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "Configures the port the SSL service will respond on. The default value is 443." ::= { agentSSLConfigGroup 2 } agentSSLProtocolLevel OBJECT-TYPE SYNTAX INTEGER { ssl30(1), -- SSL 3.0 tls10(2), -- TSL 1.0 both(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "Configures which protocol versions of SSL are enabled on this switch. The default value is both(3)." ::= { agentSSLConfigGroup 3 } agentSSLMaxSessions OBJECT-TYPE SYNTAX Integer32 (0..16) MAX-ACCESS read-write STATUS current DESCRIPTION "Configures the maximum number of allowable SSL sessions. The default value is 16." ::= { agentSSLConfigGroup 4 } agentSSLHardTimeout OBJECT-TYPE SYNTAX Integer32 (1..168) MAX-ACCESS read-write STATUS current DESCRIPTION "Configures the hard timeout for SSL sessions in hours. The default value is 24 hours." ::= { agentSSLConfigGroup 5 } agentSSLSoftTimeout OBJECT-TYPE SYNTAX Integer32 (1..60) MAX-ACCESS read-write STATUS current DESCRIPTION "Configures the soft (activity) timeout for SSL sessions in minutes. The default value is 5 minutes." ::= { agentSSLConfigGroup 6 } agentSSLCertificatePresent OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Boolean value indicating whether SSL certificate files exist on the device." ::= { agentSSLConfigGroup 7 } agentSSLCertificateControl OBJECT-TYPE SYNTAX INTEGER { noop(1), generate(2), delete(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "Controls certificate generation and deletion. Always returns noop(1)." ::= { agentSSLConfigGroup 8 } agentSSLCertificateGenerationStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates whether certificate files are currently being generated." ::= { agentSSLConfigGroup 9 } --************************************************************************************** -- agentSSHConfigGroup -- --************************************************************************************** agentSSHConfigGroup OBJECT IDENTIFIER ::= { fastPathMgmtSecurity 2 } agentSSHAdminMode OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Configures whether the SSH service is enabled on this switch. The default value is disable(2)." ::= { agentSSHConfigGroup 1 } agentSSHProtocolLevel OBJECT-TYPE SYNTAX INTEGER { ssh10(1), -- SSH 1.0 ssh20(2), -- SSH 2.0 both(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "Configures which protocol versions of SSH are enabled on this switch. The default value is both(3)." ::= { agentSSHConfigGroup 2 } agentSSHSessionsCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Current number of active SSH sessions on this switch." ::= { agentSSHConfigGroup 3 } agentSSHMaxSessionsCount OBJECT-TYPE SYNTAX Integer32 (0..5) MAX-ACCESS read-write STATUS current DESCRIPTION "Max number of SSH sessions permitted on this switch." ::= { agentSSHConfigGroup 4 } agentSSHSessionTimeout OBJECT-TYPE SYNTAX Integer32 (1..160) MAX-ACCESS read-write STATUS current DESCRIPTION "ssh idle timeout value for this switch im minutes." ::= { agentSSHConfigGroup 5 } agentSSHKeysPresent OBJECT-TYPE SYNTAX INTEGER { dsa(1), rsa(2), both(3), none(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates what key files are present on the device, if any." ::= { agentSSHConfigGroup 6 } agentSSHKeyGenerationStatus OBJECT-TYPE SYNTAX INTEGER { dsa(1), rsa(2), both(3), none(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates what key files are currently being generated, if any." ::= { agentSSHConfigGroup 7 } agentSSHRSAKeyControl OBJECT-TYPE SYNTAX INTEGER { noop(1), generate(2), delete(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "Controls RSA key generation and deletion. Always returns noop(1)." ::= { agentSSHConfigGroup 8 } agentSSHDSAKeyControl OBJECT-TYPE SYNTAX INTEGER { noop(1), generate(2), delete(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "Controls DSA key generation and deletion. Always returns noop(1)." ::= { agentSSHConfigGroup 9 } agentSSHMgmtPortNum OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "Get/Set the TCP port number that the SSH server listens to for incoming requests. The port number is an integer value from 1 to 65535. Before setting this object, check your system (e.g. using 'netstat') to make sure the desired port number is not currently being used by any other service. The default value for this object is 22. Note that existing SSH login sessions are not affected by a change in value of this object, although establishment of any new SSH sessions must use the new port number." ::= { agentSSHConfigGroup 10 } END