SECURITY-MANAGEMENT-MIB

File: SECURITY-MANAGEMENT-MIB.mib (33677 bytes)

Imported modules

AVAYAGEN-MIB G700-MG-MIB IF-MIB
LOAD-MIB RFC1213-MIB SNMPv2-CONF
SNMPv2-SMI SNMPv2-TC

Imported symbols

lsg cmgTrapLocation cmgTrapOnBoard
cmgTrapSubsystem cmgTrapOnIccMissing cmgTrapModule
ifIndex ifType ifPhysAddress
ifName genOpLastFailureDisplay genAppFileId
genAppFileName genAppFileVersionNumber DisplayString
OBJECT-GROUP NOTIFICATION-GROUP IpAddress
Unsigned32 Counter64 OBJECT-TYPE
MODULE-IDENTITY OBJECT-IDENTITY NOTIFICATION-TYPE
PhysAddress DateAndTime TEXTUAL-CONVENTION

Defined Types

OnOffType  
Description.
TEXTUAL-CONVENTION    
  INTEGER on(1), off(2)  

ServiceStateType  
Description.
TEXTUAL-CONVENTION    
  INTEGER on(1), off(2), notSupported(3)  

SecMngProtoEntry  
SEQUENCE    
  secMngProtoId INTEGER
  secMngProtoStatus ServiceStateType

LsgLicMngEntry  
SEQUENCE    
  lsgLicMngFeatureKeyword OCTET STRING
  lsgLicMngFeatureType INTEGER
  lsgLicMngAdminStatus OnOffType
  lsgLicMngOperStatus OnOffType
  lsgLicMngCountedValue Unsigned32
  lsgLicMngLastError INTEGER

Defined Values

secMngModule 1.3.6.1.4.1.6889.2.1.14.1
Defines MIB objects related to device secured management.
MODULE-IDENTITY    

avayaSecurity 1.3.6.1.4.1.6889.2.1.14
OBJECT IDENTIFIER    

secMode 1.3.6.1.4.1.6889.2.1.14.1.1
When the security mode flag = on - it indicates that device operates in secured mode, =off - in non-secured mode. Otherwize when the value retuned =Not relevant - secured mode is not supported in this device.
Status: current Access: read-only
OBJECT-TYPE    
  OnOffType  

secTcpSynCookies 1.3.6.1.4.1.6889.2.1.14.1.2
OBJECT IDENTIFIER    

secTcpSynCkiOpState 1.3.6.1.4.1.6889.2.1.14.1.2.1
Monitors the operational state of the TCP SYN cookies defense mechanism. The operational state of the SYN cookies can change only after a reset, if the configuration state was changed and the running configuration was saved to the startup configuration before the reset. Use secTcpSynCkiCfgState to monitor and change the SYN cookies configuration state. When the SYN cookies feature is turned on, it helps protect the local host from SYN attacks (a type of DoS attack).
Status: current Access: read-only
OBJECT-TYPE    
  OnOffType  

secTcpSynCkiCfgState 1.3.6.1.4.1.6889.2.1.14.1.2.2
Controls and monitors the configuration state of the TCP SYN cookies defense mechanism. The operational state of the SYN cookies can change only after reset, if the configuration state was changed and the running configuration was saved to the startup configuration before the reset. Use secTcpSynCkiOpState to monitor the SYN cookies operational state. When the SYN cookies feature is turned on, it helps protect the local host from SYN attacks (a type of DoS attack).
Status: current Access: read-write
OBJECT-TYPE    
  OnOffType  

secMngProtoTable 1.3.6.1.4.1.6889.2.1.14.1.3
List of security management protocols supported in the device.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    SecMngProtoEntry

secMngProtoEntry 1.3.6.1.4.1.6889.2.1.14.1.3.1
Description.
Status: current Access: not-accessible
OBJECT-TYPE    
  SecMngProtoEntry  

secMngProtoId 1.3.6.1.4.1.6889.2.1.14.1.3.1.1
Index to the secMngProtoTable. The index can take one of the following values that correspond to supported management protocols scpConfigFiles(1), scpImageFiles(2), ssh(3), telnet(4), snmpv3(5), http(6), https(7), telnetClient(8), icmpRedirection(9), - icmp redirection service state icmp(10), - icmp services status recoveryPassword(11), - recovery password state sshClient(12), snmpv1(13), icmpEcho(14) - icmp service has been launched in EchoOnly mode tftp(16), dhcp(17), dnsResolver(18, scpClient(19), tftpClient(20), servicesTelnet(21), - reports telnet status on Services interface in G450 Missing entry indicates that corresponding protocol is not supported.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER scpConfigFiles(1), scpImageFiles(2), ssh(3), telnet(4), snmpv3(5), http(6), https(7), telnetClient(8), icmpRedirection(9), icmp(10), recoveryPassword(11), sshClient(12), snmpv1(13), icmpEcho(14), ftpClient(15), tftp(16), dhcp(17), dnsResolver(18), scpClient(19), tftpClient(20), telnetServices(21), dnsRelay(22)  

secMngProtoStatus 1.3.6.1.4.1.6889.2.1.14.1.3.1.2
Portocol status. When the status is =on - it indicates that correpsonding protocol is up and running, =off - protocol is down. Otherwize when the value retuned =Not relevant - the protocol is not supported.
Status: current Access: read-only
OBJECT-TYPE    
  ServiceStateType  

secMngConformance 1.3.6.1.4.1.6889.2.1.14.1.4
OBJECT IDENTIFIER    

secMngGroups 1.3.6.1.4.1.6889.2.1.14.1.4.1
OBJECT IDENTIFIER    

secMngBasicGroup 1.3.6.1.4.1.6889.2.1.14.1.4.1.1
Description.
Status: current Access: read-only
OBJECT-GROUP    

secMngCompliance 1.3.6.1.4.1.6889.2.1.14.1.4.2
OBJECT IDENTIFIER    

lsgLicManagement 1.3.6.1.4.1.6889.2.1.14.1.5
Group of MIBs objects used for configuration/presentation of the License information generated by Avaya Remote Feature Activation (RFA) system.
Status: current Access: read-only
OBJECT-IDENTITY    

lsgLicMngTable 1.3.6.1.4.1.6889.2.1.14.1.5.1
RFA based License management table. All elements are displaying the feature activation status. License activation controlled by the license file. The table is indexed by the license feature keyword assuming that the same keyword describing a feature cannot appear more than once per a license file.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    LsgLicMngEntry

lsgLicMngEntry 1.3.6.1.4.1.6889.2.1.14.1.5.1.1
Entry in lsgLicMngTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  LsgLicMngEntry  

lsgLicMngFeatureKeyword 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.1
This table entry contains a features keyword. The feature keywords are text-based for example FEAT_VPN string. This field is used as a table index
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING  

lsgLicMngFeatureType 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.2
License activation mechanism support two feature types * Boolean on-off feature * Features that describe quantities for example number of concurrent VPN peers
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER onOffFeature(1), quantifiableFeature(2)  

lsgLicMngAdminStatus 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.3
An administration status shows the feature activation status - when set to On the feature is activated by the RFA licensing system.
Status: current Access: read-only
OBJECT-TYPE    
  OnOffType  

lsgLicMngOperStatus 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.4
The operation status shows the actual status of the corresponding feature - feature can be not operational enabled if for example device must be reset for feature to be activated or feature is not supported by a device.
Status: current Access: read-only
OBJECT-TYPE    
  OnOffType  

lsgLicMngCountedValue 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.5
For counted features, this entry shows the associated quantity
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

lsgLicMngLastError 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.6
Shows feature error state
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER licNoError(2)  

lsgLicMngConformance 1.3.6.1.4.1.6889.2.1.14.1.5.20
Description.
Status: current Access: read-only
OBJECT-IDENTITY    

lsgLicMngGroups 1.3.6.1.4.1.6889.2.1.14.1.5.20.1
Description.
Status: current Access: read-only
OBJECT-IDENTITY    

lsgLicMngBasicGroup 1.3.6.1.4.1.6889.2.1.14.1.5.20.1.1
Description.
Status: current Access: read-only
OBJECT-GROUP    

fips140 1.3.6.1.4.1.6889.2.1.14.1.6
Description.
Status: current Access: read-only
OBJECT-IDENTITY    

fipsEnhancedSecurityFlg 1.3.6.1.4.1.6889.2.1.14.1.6.1
enhanceSecurity flag reports operation of a product in enhance security mode. When running under enhanced security a product performs certain secure-related activities safely, closely matching FIPS-140-2 standard. However the flag doesn't necessary indicate that all device operations comply to FIPS approved mode as some of security activities might be controlled via different mechanisms for example manual configuration. Security policy/Crypto Office guidance documents shall be used as reference as for if this flag can be used as an evidence for operation in FIPS approved mode. The flag is read only and set via product CLI.
Status: current Access: read-only
OBJECT-TYPE    
  OnOffType  

avMssNotifications 1.3.6.1.4.1.6889.2.1.14.1.7
Subtree hosting MSS notification traps
Status: current Access: read-only
OBJECT-IDENTITY    

avMssNotificationPrefix 1.3.6.1.4.1.6889.2.1.14.1.7.0
Description.
Status: current Access: read-only
OBJECT-IDENTITY    

avMSSDenialOfService 1.3.6.1.4.1.6889.2.1.14.1.7.0.1
The MSS notification sent on DoS attack
Status: current Access: read-only
NOTIFICATION-TYPE    

avMSSNotificationRate 1.3.6.1.4.1.6889.2.1.14.1.7.2
Defines the rate of MSS notification report. MSS reports will be generated as per rate if the event group counter passes the threshold correspondingly. The rate units are given in seconds with minimum - 10 seconds maximum - 8 hours (60 * 60 * 8)
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER 10..28800  

avMSSVarbinds 1.3.6.1.4.1.6889.2.1.14.1.7.4
Subtree of access-for-notify arguments to MSS notification varbinds list.
Status: current Access: read-write
OBJECT-IDENTITY    

avMSSVarbindsDoSType 1.3.6.1.4.1.6889.2.1.14.1.7.4.1
Enumeration of DoS attacks
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  INTEGER avMSSDoSMalformedARPs(1), avMSSDoSLandAttack(2), avMSSDoSICMPReflectAttack(3), avMSSDoSUknownPort(4), avMSSDoSUrgTCPOption(5), avMSSDoSMalformedIP(6), avMSSDoSSynFlood(7), avMSSDoSSmurfAttack(8), avMSSDoSFraggleAttack(9), avMSSDoSMalFragmentIP(10), avMSSSpoofedIP(11), avMSSUnknownL4Protocol(12), avMSSunAuthenticatedAccess(13), avMSSUserDefinedDoSAttack100(100), avMSSUserDefinedDoSAttack101(101), avMSSUserDefinedDoSAttack102(102), avMSSUserDefinedDoSAttack103(103), avMSSUserDefinedDoSAttack104(104), avMSSUserDefinedDoSAttack105(105)  

avMSSVarbindsDescription 1.3.6.1.4.1.6889.2.1.14.1.7.4.2
Textual description of the DoS event
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  DisplayString  

avMSSVarbindsSrcAddr 1.3.6.1.4.1.6889.2.1.14.1.7.4.3
Source IP address in IP header. Set to 0.0.0.0 if address is unknown
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  IpAddress  

avMSSVarbindsDstAddr 1.3.6.1.4.1.6889.2.1.14.1.7.4.4
Destination IP address in IP header. Set to 0.0.0.0 if address is unknown
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  IpAddress  

avMSSVarbindsDstPort 1.3.6.1.4.1.6889.2.1.14.1.7.4.5
Destination port number in IP header. 0 if port is not applicable or unknown
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  INTEGER 0..65535  

avMSSVarbindsIpProtocol 1.3.6.1.4.1.6889.2.1.14.1.7.4.6
The protocol field in IP header
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  INTEGER 0..255  

avMSSVarbindsCount 1.3.6.1.4.1.6889.2.1.14.1.7.4.7
Counted number of events that occur in a given period for a corresponding class of security violations (DoS, not authorized access, etc).
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  Counter64  

avMSSVarbindsSrcMACAddr 1.3.6.1.4.1.6889.2.1.14.1.7.4.8
Source Physical address (MAC) of a packet identified as a packet carrying DoS payload. Set to 00:00:00:00:00:00 when phyicial address is not supported or unknown to the system
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  PhysAddress  

avMSSgroup 1.3.6.1.4.1.6889.2.1.14.1.8
Description.
Status: current Access: accessible-for-notify
OBJECT-GROUP    

mssNotificationGroup 1.3.6.1.4.1.6889.2.1.14.1.9
Description.
Status: current Access: accessible-for-notify
NOTIFICATION-GROUP    

secMngNotifications 1.3.6.1.4.1.6889.2.1.14.1.10
Description.
Status: current Access: accessible-for-notify
OBJECT-IDENTITY    

secMngNotificationsPrefix 1.3.6.1.4.1.6889.2.1.14.1.10.0
Description.
Status: current Access: accessible-for-notify
OBJECT-IDENTITY    

avConfigurationEncKeyMismatchFault 1.3.6.1.4.1.6889.2.1.14.1.10.0.1
Encryption keys mismatch error. Configuration download operation is aborted
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

avConfigurationMasterKeyChange 1.3.6.1.4.1.6889.2.1.14.1.10.0.2
Configuration Master key was changed
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

avPasswordToExpireAlert 1.3.6.1.4.1.6889.2.1.14.1.10.0.3
User password is about to expire in n days
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

secMngVarbinds 1.3.6.1.4.1.6889.2.1.14.1.10.1
Notify only varbinds used for notifications in secMngNotifications group
Status: current Access: accessible-for-notify
OBJECT-IDENTITY    

secMngNumOfDays2Expire 1.3.6.1.4.1.6889.2.1.14.1.10.1.1
Description.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  Unsigned32  

avMngNotificationCompliance 1.3.6.1.4.1.6889.2.1.14.1.10.2
Description.
Status: current Access: accessible-for-notify
OBJECT-GROUP    

secMngNotificationGroup 1.3.6.1.4.1.6889.2.1.14.1.11
Description.
Status: current Access: accessible-for-notify
NOTIFICATION-GROUP    

avASGAuthenticationFiles 1.3.6.1.4.1.6889.2.1.14.1.12
Info on authentication file(s) installed in a product
Status: current Access: accessible-for-notify
OBJECT-IDENTITY    

avASGAuthFileHeader 1.3.6.1.4.1.6889.2.1.14.1.12.3
The information on Authentication File stored in ASG AF file header
Status: current Access: accessible-for-notify
OBJECT-IDENTITY    

avASGAuthFileAFID 1.3.6.1.4.1.6889.2.1.14.1.12.3.1
The productID value ascociated with the Authentication File (format 7xxxxxxxxx)
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..10)  

avASGAuthFileGenDate 1.3.6.1.4.1.6889.2.1.14.1.12.3.2
Date of Authentication file generation (format YYYY/MM/DD)
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

avASGAuthFileGenTime 1.3.6.1.4.1.6889.2.1.14.1.12.3.3
A 8-character string in US short locale time (format= HH:MM:SS)
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..8)  

avASGAuthFileRelease 1.3.6.1.4.1.6889.2.1.14.1.12.3.4
Major software release the AF file was generated for
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

avASGNotifications 1.3.6.1.4.1.6889.2.1.14.1.12.3.5
Description.
Status: current Access: read-only
OBJECT-IDENTITY    

avASGNotificationsPrefix 1.3.6.1.4.1.6889.2.1.14.1.12.3.5.0
Description.
Status: current Access: read-only
OBJECT-IDENTITY    

avASGAFDownloadSuccess 1.3.6.1.4.1.6889.2.1.14.1.12.3.5.0.1
AF download successfully accomplished
Status: current Access: read-only
NOTIFICATION-TYPE    

avASGAFDownloadFailure 1.3.6.1.4.1.6889.2.1.14.1.12.3.5.0.2
AF download Failed
Status: current Access: read-only
NOTIFICATION-TYPE    

avASGAuthFileGroup 1.3.6.1.4.1.6889.2.1.14.1.12.1000
Description.
Status: current Access: read-only
OBJECT-GROUP    

avASGAuthFileNotificationGroup 1.3.6.1.4.1.6889.2.1.14.1.12.1001
ASG authentictation File Notification Group
Status: current Access: read-only
NOTIFICATION-GROUP    

avSecLocalDateAndTime 1.3.6.1.4.1.6889.2.1.14.1.13
Setting the Local current RTC date and time, when not registered with CM
Status: current Access: read-write
OBJECT-TYPE    
  DateAndTime