PDN-SECURITY-MIB

File: PDN-SECURITY-MIB.mib (14604 bytes)

Imported modules

RFC1155-SMI RFC-1212 PDN-HEADER-MIB
SNMPv2-TC

Imported symbols

IpAddress OBJECT-TYPE pdn-security
RowStatus

Defined Types

DevSecurityMgrEntry  
SEQUENCE    
  devSecurityMgrIpAddress IpAddress
  devSecurityMgrAccess INTEGER

NewSecurityMgrEntry  
SEQUENCE    
  newSecurityMgrIpAddress IpAddress
  newSecurityMgrAccess INTEGER
  newSecurityMgrSubnetMask IpAddress

SecurityMgrEntry  
SEQUENCE    
  securityMgrIpAddress IpAddress
  securityMgrSubnetMask IpAddress
  securityMgrSnmpAccess INTEGER
  securityMgrTelnetAccess INTEGER
  securityMgrFtpAccess INTEGER
  securityMgrTrapAccess INTEGER
  securityMgrRowStatus RowStatus

Defined Values

devSecurityMgrValidation 1.3.6.1.4.1.1795.2.24.2.8.1
This object is used to either enable or disable SNMP IP validation. When enabled the first check on any incoming PDU is based on the IP address of the datagram. If the IP address is configured in the devSecurityMgrTable then the community name is checked. If the community name is correct then the lowest access level between the the Table and the community name is taken.
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER disable(1), enable(2)  

devSecurityMgrMaxNumber 1.3.6.1.4.1.1795.2.24.2.8.2
Maximum number of managers allowed in the devSecurityMgrTable.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

devSecurityMgrCurrentNumber 1.3.6.1.4.1.1795.2.24.2.8.3
Current number of managers in the devSecurityMgrTable.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

devSecurityMgrTable 1.3.6.1.4.1.1795.2.24.2.8.4
A list of the security manager entries. In order to add a new Security Manager the devSecurityMgrIpAddress object must be created first by setting it to a valid IP Address.
Status: deprecated Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    DevSecurityMgrEntry

devSecurityMgrEntry 1.3.6.1.4.1.1795.2.24.2.8.4.1
The SNMP IP Address configuration items.
Status: deprecated Access: not-accessible
OBJECT-TYPE    
  DevSecurityMgrEntry  

devSecurityMgrIpAddress 1.3.6.1.4.1.1795.2.24.2.8.4.1.1
This is used to specify the IP address that identifies the SNMP manager(s) that are authorized to send SNMP messages. An existing Security Manager may be deleted by setting the devSecurityMgrIpAddress object to 0.0.0.0 or by setting the devSecurityMgrIpAddress object to a new IP Address. A new Security Manager may be added by setting the devSecurityMgrIpAddress object of 0.0.0.0 to the new address as long as there is still room for another Security Manager. When ever a new Security Manager is added or an existing Security Manager's IP Address is modified, the devSecurityMgrAccess object is set to the default value of read (1).
Status: deprecated Access: read-write
OBJECT-TYPE    
  IpAddress  

devSecurityMgrAccess 1.3.6.1.4.1.1795.2.24.2.8.4.1.2
This field is used to specify the access allowed for an authorized NMS when Manager Validation is performed. If the IP address for the NMS sending an SNMP message is on the list of allowed managers, this option along with the Community Name access determine the type of access allowed for the that manager. When ever a new Security Manager is added or an existing Security Manager's IP Address is modified, the devSecurityMgrAccess object is set to the default value of read (1). If the index for this object is not in the existing table and if there is room in the table then the index will be used to create a new Security Manager and will be given the requested access level.
Status: deprecated Access: read-write
OBJECT-TYPE    
  INTEGER read(1), readWrite(2)  

newSecurityMgrTable 1.3.6.1.4.1.1795.2.24.2.8.5
A list of the security manager entries. If an entry is not found in this table, it is added to the table.
Status: deprecated Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    NewSecurityMgrEntry

newSecurityMgrEntry 1.3.6.1.4.1.1795.2.24.2.8.5.1
The SNMP IP Address configuration items.
Status: deprecated Access: not-accessible
OBJECT-TYPE    
  NewSecurityMgrEntry  

newSecurityMgrIpAddress 1.3.6.1.4.1.1795.2.24.2.8.5.1.1
This is used to specify the IP address that identifies the SNMP manager(s) that are authorized to send SNMP messages. This object is the binary AND of SNMP or telnet source IP address and its subnet mask if the subnet mask is available. Subnet mask is assumed to be 255.255.255.255 when not available
Status: deprecated Access: read-write
OBJECT-TYPE    
  IpAddress  

newSecurityMgrAccess 1.3.6.1.4.1.1795.2.24.2.8.5.1.2
This field is used to specify the access allowed for an authorized NMS when Manager Validation is performed. If the IP address for the NMS sending an SNMP message is on the list of allowed managers, this option along with the Community Name access determine the type of access allowed for the that manager. When ever a new Security Manager is added or an existing Security Manager's IP Address is modified, the newSecurityMgrAccess object is set to the default value of read (1). If the index for this object is not in the existing table and if there is room in the table then the index will be used to create a new Security Manager and will be given the requested access level. In addition changing an existing access permission to noAccess invalidates the corresponding row of this table. It is upto the implementation to decide whether to actually remove this entry from the table or not. read (1) ==> no telnet access and snmp read only access readWrite (2) ==> no telnet access and snmp read-write access noAccess (3) ==> no telnet access and no snmp read-write access telnetNoAccess (4) ==> telnet access and no snmp access telnetRead (5) ==> telnet access and snmp read only access telnetReadWrite (6) ==> telnet access and snmp read-write access.
Status: deprecated Access: read-write
OBJECT-TYPE    
  INTEGER read(1), readWrite(2), noAccess(3), telnetNoAccess(4), telnetRead(5), telnetReadWrite(6)  

newSecurityMgrSubnetMask 1.3.6.1.4.1.1795.2.24.2.8.5.1.3
This object is used to specify the subnet mask
Status: deprecated Access: read-write
OBJECT-TYPE    
  IpAddress  

devSecurityTelnetSourceValidation 1.3.6.1.4.1.1795.2.24.2.8.6
This object is used to either enable or disable telnet source address screening
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER disable(1), enable(2)  

devSecurityFtpSourceValidation 1.3.6.1.4.1.1795.2.24.2.8.7
This object is used to either enable or disable ftp source address screening
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER disable(1), enable(2)  

securityMgrTable 1.3.6.1.4.1.1795.2.24.2.8.8
A list of the security manager entries. If an entry is not found in this table, it is added to the table.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    SecurityMgrEntry

securityMgrEntry 1.3.6.1.4.1.1795.2.24.2.8.8.1
The device access security configuration items.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  SecurityMgrEntry  

securityMgrIpAddress 1.3.6.1.4.1.1795.2.24.2.8.8.1.1
This is used to specify the IP address that identifies the SNMP manager(s) that are authorized to send SNMP messages.
Status: mandatory Access: read-only
OBJECT-TYPE    
  IpAddress  

securityMgrSubnetMask 1.3.6.1.4.1.1795.2.24.2.8.8.1.2
This object is used to specify the subnet mask
Status: mandatory Access: read-only
OBJECT-TYPE    
  IpAddress  

securityMgrSnmpAccess 1.3.6.1.4.1.1795.2.24.2.8.8.1.3
This is used to specify the snmp access to the device.
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER readOnly(1), readWrite(2), noAccess(3)  

securityMgrTelnetAccess 1.3.6.1.4.1.1795.2.24.2.8.8.1.4
This is used to specify the telnet access to the device.
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER disable(1), enable(2)  

securityMgrFtpAccess 1.3.6.1.4.1.1795.2.24.2.8.8.1.5
This is used to specify the ftp access to the device.
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER disable(1), enable(2)  

securityMgrTrapAccess 1.3.6.1.4.1.1795.2.24.2.8.8.1.6
This is used to specify the trap access to the device. NOTE: the pdnDevTrapMgrTable should be used instead.
Status: deprecated Access: read-write
OBJECT-TYPE    
  INTEGER trapAccess(1), noTrapAccess(2)  

securityMgrRowStatus 1.3.6.1.4.1.1795.2.24.2.8.8.1.7
The status of this table entry.
Status: mandatory Access: read-write
OBJECT-TYPE    
  RowStatus  

devSecuritySNMPMgrAccess 1.3.6.1.4.1.1795.2.24.2.8.9
This object is used to either enable or disable SNMP access to the system. When disabled the first check on any incoming PDU is based on the UPD type of the datagram. If it is an SNMP manager trying to access SNMP agent on the system the access will be denied.
Status: mandatory Access: read-write
OBJECT-TYPE    
  INTEGER disable(1), enable(2)