PDN-SECURITY-MIB
File:
PDN-SECURITY-MIB.mib (14604 bytes)
Imported modules
Imported symbols
Defined Types
DevSecurityMgrEntry |
|
SEQUENCE |
|
|
|
|
devSecurityMgrIpAddress |
IpAddress |
|
|
devSecurityMgrAccess |
INTEGER |
|
NewSecurityMgrEntry |
|
SEQUENCE |
|
|
|
|
newSecurityMgrIpAddress |
IpAddress |
|
|
newSecurityMgrAccess |
INTEGER |
|
|
newSecurityMgrSubnetMask |
IpAddress |
|
SecurityMgrEntry |
|
SEQUENCE |
|
|
|
|
securityMgrIpAddress |
IpAddress |
|
|
securityMgrSubnetMask |
IpAddress |
|
|
securityMgrSnmpAccess |
INTEGER |
|
|
securityMgrTelnetAccess |
INTEGER |
|
|
securityMgrFtpAccess |
INTEGER |
|
|
securityMgrTrapAccess |
INTEGER |
|
|
securityMgrRowStatus |
RowStatus |
|
Defined Values
devSecurityMgrValidation |
1.3.6.1.4.1.1795.2.24.2.8.1 |
This object is used to either enable or disable
SNMP IP validation. When enabled the first check on any
incoming PDU is based on the IP address of the datagram.
If the IP address is configured in the
devSecurityMgrTable then the community name is checked.
If the community name is correct then the lowest access level
between the the Table and the community name is taken. |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
disable(1), enable(2) |
|
devSecurityMgrMaxNumber |
1.3.6.1.4.1.1795.2.24.2.8.2 |
Maximum number of managers allowed in the devSecurityMgrTable. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
devSecurityMgrCurrentNumber |
1.3.6.1.4.1.1795.2.24.2.8.3 |
Current number of managers in the devSecurityMgrTable. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
devSecurityMgrTable |
1.3.6.1.4.1.1795.2.24.2.8.4 |
A list of the security manager entries.
In order to add a new Security Manager the devSecurityMgrIpAddress
object must be created first by setting it to a valid IP Address. |
Status: deprecated |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
DevSecurityMgrEntry |
|
devSecurityMgrEntry |
1.3.6.1.4.1.1795.2.24.2.8.4.1 |
The SNMP IP Address configuration items. |
Status: deprecated |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DevSecurityMgrEntry |
|
|
devSecurityMgrIpAddress |
1.3.6.1.4.1.1795.2.24.2.8.4.1.1 |
This is used to specify the IP address that identifies the
SNMP manager(s) that are authorized to send SNMP messages.
An existing Security Manager may be deleted by setting the
devSecurityMgrIpAddress object to 0.0.0.0 or by setting the
devSecurityMgrIpAddress object to a new IP Address.
A new Security Manager may be added by setting
the devSecurityMgrIpAddress object of 0.0.0.0 to the new address
as long as there is still room for another Security Manager.
When ever a new Security Manager is added or an existing
Security Manager's IP Address is modified,
the devSecurityMgrAccess object is set to the default value
of read (1). |
Status: deprecated |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
devSecurityMgrAccess |
1.3.6.1.4.1.1795.2.24.2.8.4.1.2 |
This field is used to specify the access allowed for an authorized
NMS when Manager Validation is performed.
If the IP address for the NMS sending an SNMP message is on the list
of allowed managers, this option along with the Community Name access
determine the type of access allowed for the that manager.
When ever a new Security Manager is added or an existing
Security Manager's IP Address is modified, the devSecurityMgrAccess
object is set to the default value of read (1).
If the index for this object is not in the existing table and if there
is room in the table then the index will be used to create a new
Security Manager and will be given the requested access level. |
Status: deprecated |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
read(1), readWrite(2) |
|
newSecurityMgrTable |
1.3.6.1.4.1.1795.2.24.2.8.5 |
A list of the security manager entries. If an entry is not found
in this table, it is added to the table. |
Status: deprecated |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
NewSecurityMgrEntry |
|
newSecurityMgrEntry |
1.3.6.1.4.1.1795.2.24.2.8.5.1 |
The SNMP IP Address configuration items. |
Status: deprecated |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
NewSecurityMgrEntry |
|
|
newSecurityMgrIpAddress |
1.3.6.1.4.1.1795.2.24.2.8.5.1.1 |
This is used to specify the IP address that identifies the
SNMP manager(s) that are authorized to send SNMP messages.
This object is the binary AND of SNMP or telnet source IP
address and its subnet mask if the subnet mask is available.
Subnet mask is assumed to be 255.255.255.255 when not available |
Status: deprecated |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
newSecurityMgrAccess |
1.3.6.1.4.1.1795.2.24.2.8.5.1.2 |
This field is used to specify the access allowed for an authorized
NMS when Manager Validation is performed.
If the IP address for the NMS sending an SNMP message is on the list
of allowed managers, this option along with the Community Name access
determine the type of access allowed for the that manager.
When ever a new Security Manager is added or an existing
Security Manager's IP Address is modified, the newSecurityMgrAccess
object is set to the default value of read (1).
If the index for this object is not in the existing table and if there
is room in the table then the index will be used to create a new
Security Manager and will be given the requested access level.
In addition changing an existing access permission to noAccess
invalidates the corresponding row of this table. It is upto
the implementation to decide whether to actually remove this
entry from the table or not.
read (1) ==> no telnet access and snmp read only access
readWrite (2) ==> no telnet access and snmp read-write access
noAccess (3) ==> no telnet access and no snmp read-write access
telnetNoAccess (4) ==> telnet access and no snmp access
telnetRead (5) ==> telnet access and snmp read only access
telnetReadWrite (6) ==> telnet access and snmp read-write access. |
Status: deprecated |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
read(1), readWrite(2), noAccess(3), telnetNoAccess(4), telnetRead(5), telnetReadWrite(6) |
|
devSecurityTelnetSourceValidation |
1.3.6.1.4.1.1795.2.24.2.8.6 |
This object is used to either enable or disable
telnet source address screening |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
disable(1), enable(2) |
|
devSecurityFtpSourceValidation |
1.3.6.1.4.1.1795.2.24.2.8.7 |
This object is used to either enable or disable
ftp source address screening |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
disable(1), enable(2) |
|
securityMgrTable |
1.3.6.1.4.1.1795.2.24.2.8.8 |
A list of the security manager entries. If an entry is not found
in this table, it is added to the table. |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
SecurityMgrEntry |
|
securityMgrEntry |
1.3.6.1.4.1.1795.2.24.2.8.8.1 |
The device access security configuration items. |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SecurityMgrEntry |
|
|
securityMgrIpAddress |
1.3.6.1.4.1.1795.2.24.2.8.8.1.1 |
This is used to specify the IP address that identifies the
SNMP manager(s) that are authorized to send SNMP messages. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
securityMgrSubnetMask |
1.3.6.1.4.1.1795.2.24.2.8.8.1.2 |
This object is used to specify the subnet mask |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
securityMgrSnmpAccess |
1.3.6.1.4.1.1795.2.24.2.8.8.1.3 |
This is used to specify the snmp access to the device. |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
readOnly(1), readWrite(2), noAccess(3) |
|
securityMgrTelnetAccess |
1.3.6.1.4.1.1795.2.24.2.8.8.1.4 |
This is used to specify the telnet access to the device. |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
disable(1), enable(2) |
|
securityMgrFtpAccess |
1.3.6.1.4.1.1795.2.24.2.8.8.1.5 |
This is used to specify the ftp access to the device. |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
disable(1), enable(2) |
|
securityMgrTrapAccess |
1.3.6.1.4.1.1795.2.24.2.8.8.1.6 |
This is used to specify the trap access to the device.
NOTE: the pdnDevTrapMgrTable should be used instead. |
Status: deprecated |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
trapAccess(1), noTrapAccess(2) |
|
devSecuritySNMPMgrAccess |
1.3.6.1.4.1.1795.2.24.2.8.9 |
This object is used to either enable or disable
SNMP access to the system. When disabled the first check on any
incoming PDU is based on the UPD type of the datagram.
If it is an SNMP manager trying to access SNMP agent on the system
the access will be denied. |
Status: mandatory |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
disable(1), enable(2) |
|