-- ================================================================== -- Copyright (C) 2008 by HUAWEI TECHNOLOGIES. All rights reserved. -- -- Description: HUAWEI SECURITY MIB -- Reference: -- Version: V1.0 -- History: -- V1.0 2008-3-12 publish -- ================================================================== HUAWEI-SECURITY-MIB DEFINITIONS ::= BEGIN IMPORTS hwDatacomm FROM HUAWEI-MIB OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP FROM SNMPv2-CONF Integer32, OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE FROM SNMPv2-SMI EnabledStatus FROM P-BRIDGE-MIB DisplayString FROM SNMPv2-TC; hwSecurityMIB MODULE-IDENTITY LAST-UPDATED "200803121015Z" ORGANIZATION "Huawei Technologies Co.,Ltd." CONTACT-INFO "8090 Team Huawei Technologies Co.,Ltd. Huawei Bld.,NO.3 Xinxi Rd., Shang-Di Information Industry Base, Hai-Dian District Beijing P.R. China http://www.huawei.com Zip:100085 " DESCRIPTION "The private mib file includes the general extent information of the device.hwDatacomm(165).hwSecurityMIB." ::= { hwDatacomm 165 } hwBaseSecurityMIBObjects OBJECT IDENTIFIER ::= { hwSecurityMIB 1 } hwLocalUrpf OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 2 } hwLocalUrpfTable OBJECT-TYPE SYNTAX SEQUENCE OF HwLocalUrpfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " The table lists the information about local URPF Packets. " ::= { hwLocalUrpf 1 } hwLocalUrpfEntry OBJECT-TYPE SYNTAX HwLocalUrpfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " The table lists the information about local URPF protection." INDEX { hwLocalUrpfChassisId , hwLocalUrpfSlotId } ::= { hwLocalUrpfTable 1 } HwLocalUrpfEntry ::= SEQUENCE{ hwLocalUrpfChassisId INTEGER, hwLocalUrpfSlotId Integer32, hwLocalUrpfCurrentRateLow Integer32, hwLocalUrpfCurrentRateHigh Integer32, hwLocalUrpfNotifyEnabledStatus EnabledStatus, hwLocalUrpfRateThreshold Integer32, hwLocalUrpfRateInterval Integer32 } hwLocalUrpfChassisId OBJECT-TYPE SYNTAX INTEGER{ clc1(1), clc2(2), clc3(3), clc4(4), clc5(5), clc6(6), clc7(7), clc8(8) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of local URPF,the chassis ID indicates the slot on which chassis is configured with URPF." ::= { hwLocalUrpfEntry 1 } hwLocalUrpfSlotId OBJECT-TYPE SYNTAX Integer32(1..16) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of local URPF,the slot configured with URPF." ::= { hwLocalUrpfEntry 2 } hwLocalUrpfCurrentRateLow OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The lower 32 bits discard number during the interval of local URPF.unit(packet)." ::= { hwLocalUrpfEntry 11 } hwLocalUrpfCurrentRateHigh OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The upper 32 bits discard number during the interval of local URPF.unit(packet)." ::= { hwLocalUrpfEntry 12 } hwLocalUrpfNotifyEnabledStatus OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "The alarm state of local URPF." ::= { hwLocalUrpfEntry 13 } hwLocalUrpfRateThreshold OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Local URPF's discard threshold during the configured interval.unit(packet)." ::= { hwLocalUrpfEntry 14 } hwLocalUrpfRateInterval OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The detection interval of the local URPF.unit(s). " ::= { hwLocalUrpfEntry 15 } hwTcpIpDefend OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 3 } hwTcpIpDefendTable OBJECT-TYPE SYNTAX SEQUENCE OF HwTcpIpDefendEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about TCPIP protection." ::= { hwTcpIpDefend 1 } hwTcpIpDefendEntry OBJECT-TYPE SYNTAX HwTcpIpDefendEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about TCPIP protection." INDEX { hwTcpIpDefendChassisId, hwTcpIpDefendSlotId, hwTcpIpDefendType } ::= { hwTcpIpDefendTable 1 } HwTcpIpDefendEntry ::= SEQUENCE{ hwTcpIpDefendChassisId INTEGER, hwTcpIpDefendSlotId Integer32, hwTcpIpDefendType INTEGER, hwTcpIpDefendCurrentRateLow Integer32, hwTcpIpDefendCurrentRateHigh Integer32, hwTcpIpDefendNotifyEnabledStatus EnabledStatus, hwTcpIpDefendRateThreshold Integer32, hwTcpIpDefendRateInterval Integer32 } hwTcpIpDefendChassisId OBJECT-TYPE SYNTAX INTEGER{ clc1(1), clc2(2), clc3(3), clc4(4), clc5(5), clc6(6), clc7(7), clc8(8) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of TCPIP protection,the chassis ID indicates the slot on which chassis is configured with TCPIP protection." ::= { hwTcpIpDefendEntry 1 } hwTcpIpDefendSlotId OBJECT-TYPE SYNTAX Integer32(1..16) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of TCPIP protection,the slot configured with TCPIP protection." ::= { hwTcpIpDefendEntry 2 } hwTcpIpDefendType OBJECT-TYPE SYNTAX INTEGER{ abnormalPacket(1), udpPacket(2), tcpSyn(3), ipFragmentation(4) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of TCPIP protection,the type of TCPIP protection." ::= { hwTcpIpDefendEntry 3 } hwTcpIpDefendCurrentRateLow OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The lower 32 bits discard number during the interval of TCPIP protection.unit(packet)." ::= { hwTcpIpDefendEntry 11 } hwTcpIpDefendCurrentRateHigh OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The upper 32 bits discard number during the interval of TCPIP protection.unit(packet)." ::= { hwTcpIpDefendEntry 12 } hwTcpIpDefendNotifyEnabledStatus OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "The alarm state of TCPIP protection." ::= { hwTcpIpDefendEntry 13 } hwTcpIpDefendRateThreshold OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "TCPIP protection's discard threshold during the configured interval.unit(packet)." ::= { hwTcpIpDefendEntry 14 } hwTcpIpDefendRateInterval OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The detection interval of TCPIP protection.unit(s)." ::= { hwTcpIpDefendEntry 15 } hwMaDefend OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 4 } hwMaDefendTable OBJECT-TYPE SYNTAX SEQUENCE OF HwMaDefendEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about management and application protection." ::= { hwMaDefend 1 } hwMaDefendEntry OBJECT-TYPE SYNTAX HwMaDefendEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about management and application protection." INDEX { hwMaDefendChassisId, hwMaDefendSlotId, hwMaDefendProtocol} ::= { hwMaDefendTable 1 } HwMaDefendEntry ::= SEQUENCE{ hwMaDefendChassisId INTEGER, hwMaDefendSlotId Integer32, hwMaDefendProtocol INTEGER, hwMaDefendCurrentRateLow Integer32, hwMaDefendCurrentRateHigh Integer32, hwMaDefendNotifyEnabledStatus EnabledStatus, hwMaDefendRateThreshold Integer32, hwMaDefendRateInterval Integer32 } hwMaDefendChassisId OBJECT-TYPE SYNTAX INTEGER{ clc1(1), clc2(2), clc3(3), clc4(4), clc5(5), clc6(6), clc7(7), clc8(8) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of management and application protection,the chassis ID indicates the slot on which chassis is configured with management and application protection." ::= { hwMaDefendEntry 1 } hwMaDefendSlotId OBJECT-TYPE SYNTAX Integer32(1..16) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of management and application protection,the slots configured with management and application protection." ::= { hwMaDefendEntry 2 } hwMaDefendProtocol OBJECT-TYPE SYNTAX INTEGER{ ftp(1), ssh(2), snmp(3), telnet(4), tftp(5), bgp(6), ldp(7), rsvp(8), ospf(9), rip(10), isis(11), pim(12), ntp(13), lsp-ping(14), dhcp-c(15), dhcp-r(16), tcp(17), udp(18) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of management and application protection,the protocols configured in management and application protection." ::= { hwMaDefendEntry 3 } hwMaDefendCurrentRateLow OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The lower 32 bits discard number during the interval of management and application protection.unit(packet)." ::= { hwMaDefendEntry 11 } hwMaDefendCurrentRateHigh OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The upper 32 bits discard number during the interval of management and application protection.unit(packet)." ::= { hwMaDefendEntry 12 } hwMaDefendNotifyEnabledStatus OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "The alarm state of management and application protection." ::= { hwMaDefendEntry 13 } hwMaDefendRateThreshold OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The discard threshold of management and application protection during the configured interval.unit(packet)." ::= { hwMaDefendEntry 14 } hwMaDefendRateInterval OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The detection interval of management and application protection. unit(s)." ::= { hwMaDefendEntry 15 } hwApplicationApperceive OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 5 } hwApplicationApperceiveTable OBJECT-TYPE SYNTAX SEQUENCE OF HwApplicationApperceiveEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about Application-Apperceive protection." ::= { hwApplicationApperceive 1 } hwApplicationApperceiveEntry OBJECT-TYPE SYNTAX HwApplicationApperceiveEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about Application-Apperceive protection." INDEX { hwAppliApperChassisId, hwAppliApperSlotId, hwAppliApperProtocol} ::= { hwApplicationApperceiveTable 1 } HwApplicationApperceiveEntry ::= SEQUENCE{ hwAppliApperChassisId INTEGER, hwAppliApperSlotId Integer32, hwAppliApperProtocol INTEGER, hwAppliApperCurrentRateLow Integer32, hwAppliApperCurrentRateHigh Integer32, hwAppliApperNotifyEnabledStatus EnabledStatus, hwAppliApperRateThreshold Integer32, hwAppliApperRateInterval Integer32 } hwAppliApperChassisId OBJECT-TYPE SYNTAX INTEGER{ clc1(1), clc2(2), clc3(3), clc4(4), clc5(5), clc6(6), clc7(7), clc8(8) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of Application-Apperceive protection,the chassis ID indicates the slot on which chassis is configured with Application-Apperceive protection." ::= { hwApplicationApperceiveEntry 1 } hwAppliApperSlotId OBJECT-TYPE SYNTAX Integer32(1..16) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of Application-Apperceive protection,the slots configured with Application-Apperceive protection." ::= { hwApplicationApperceiveEntry 2 } hwAppliApperProtocol OBJECT-TYPE SYNTAX INTEGER{ ftpServer(1), sshServer(2), snmp(3), telnetServer(4), tftp(5), bgp(6), ldp(7), rsvp(8), ospf(9), rip(10), isis(11), sftpSever(12), icmp(13), msdp(14), pim(15), ipv4Arp(16), bpdu(17), dhcp(18), lacp(19), ntp(20), radius(21), hwTacacs(22), lspPing(23), igmp(24), vgmp(25), rrpp(26), vrrp(27), bfd(28), mplsOam(29), eth8021ag(30), ftpClient(31), telnetClient(32), sshClient(33), sftpClient(34), dnsClient(35) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Data index of Application-Apperceive protection,the protocol configured in Application-Apperceive protection." ::= { hwApplicationApperceiveEntry 3 } hwAppliApperCurrentRateLow OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The lower 32 bits discard number during the interval of Application-Apperceive protection.unit(packet)." ::= { hwApplicationApperceiveEntry 11 } hwAppliApperCurrentRateHigh OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The upper 32 bits discard number during the interval of Application-Apperceive protection.unit(packet)." ::= { hwApplicationApperceiveEntry 12 } hwAppliApperNotifyEnabledStatus OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "The alarm state of Application-Apperceive protection." ::= { hwApplicationApperceiveEntry 13 } hwAppliApperRateThreshold OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The discard threshold of Application-Apperceive protection during the configured interval.unit(packet)." ::= { hwApplicationApperceiveEntry 14 } hwAppliApperRateInterval OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The detect interval of Application-Apperceive protection. unit(s)." ::= { hwApplicationApperceiveEntry 15 } hwDefdPortVlan OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 6 } hwDefdPortVlanTable OBJECT-TYPE SYNTAX SEQUENCE OF HwDefdPortVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " The table lists the information about defend port vlan packet. " ::= { hwDefdPortVlan 1 } hwDefdPortVlanEntry OBJECT-TYPE SYNTAX HwDefdPortVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about defend port vlan ." INDEX { hwDefdPortVlanIfIndex } ::= { hwDefdPortVlanTable 1 } HwDefdPortVlanEntry ::= SEQUENCE{ hwDefdPortVlanIfIndex Integer32, hwDefdPortVlanIfName OCTET STRING, hwDefdPortVlanId Integer32, hwDefdPortVlanCheckProtocol OCTET STRING } hwDefdPortVlanIfIndex OBJECT-TYPE SYNTAX Integer32(1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Interface Index, equal to ifIndex." ::= { hwDefdPortVlanEntry 1 } hwDefdPortVlanIfName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..256)) MAX-ACCESS read-only STATUS current DESCRIPTION "The name of the interface." ::= { hwDefdPortVlanEntry 2 } hwDefdPortVlanId OBJECT-TYPE SYNTAX Integer32(0..4096) MAX-ACCESS read-only STATUS current DESCRIPTION "The Data index of defend port vlan." ::= { hwDefdPortVlanEntry 3 } hwDefdPortVlanCheckProtocol OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..100)) MAX-ACCESS read-only STATUS current DESCRIPTION "Check protocol name." ::= { hwDefdPortVlanEntry 4 } hwSocAttackTrapObject OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 7 } hwSocAttackInfoTable OBJECT-TYPE SYNTAX SEQUENCE OF HwSocAttackInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " The table lists the information about Security Operation Center. " ::= { hwSocAttackTrapObject 1 } hwSocAttackInfoEntry OBJECT-TYPE SYNTAX HwSocAttackInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about Securty Operation Center detected one attack." INDEX { hwSocAttackSeqNo } ::= { hwSocAttackInfoTable 1 } HwSocAttackInfoEntry ::= SEQUENCE { hwSocAttackSeqNo Integer32, hwSocAttackPossib OCTET STRING, hwSocAttackReason OCTET STRING, hwSocAttackIfName OCTET STRING, hwSocAttackSubIfName OCTET STRING, hwSocAttackVlanIndex OCTET STRING, hwSocAttackUserQinQIndex OCTET STRING, hwSocAttackMacAddr OCTET STRING, hwSocAttackIPAddr OCTET STRING } hwSocAttackSeqNo OBJECT-TYPE SYNTAX Integer32 (1..200) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The sequence number of attack infomation." ::= { hwSocAttackInfoEntry 1 } hwSocAttackPossib OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "The prabability of the attack ." ::= { hwSocAttackInfoEntry 2 } hwSocAttackReason OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..63)) MAX-ACCESS read-only STATUS current DESCRIPTION "The reason of the attack ." ::= { hwSocAttackInfoEntry 3 } hwSocAttackIfName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..63)) MAX-ACCESS read-only STATUS current DESCRIPTION "The interface of the attack" ::= { hwSocAttackInfoEntry 4 } hwSocAttackSubIfName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..256)) MAX-ACCESS read-only STATUS current DESCRIPTION "The sub-interface of the attack" ::= { hwSocAttackInfoEntry 5 } hwSocAttackVlanIndex OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "The vlan of the attack" ::= { hwSocAttackInfoEntry 6 } hwSocAttackUserQinQIndex OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..64)) MAX-ACCESS read-only STATUS current DESCRIPTION "The UserQinQ of the attack" ::= { hwSocAttackInfoEntry 7 } hwSocAttackMacAddr OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The MAC of the attack" ::= { hwSocAttackInfoEntry 8 } hwSocAttackIPAddr OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The IP of the attack" ::= { hwSocAttackInfoEntry 9 } hwBaseSecurityNotifications OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 11 } hwBaseSecurityUrpfDiscardedRateRising NOTIFICATION-TYPE OBJECTS { hwLocalUrpfCurrentRateLow, hwLocalUrpfCurrentRateHigh, hwLocalUrpfRateThreshold} STATUS current DESCRIPTION " The discard packets exceed the threshold of local URPF protection." ::= { hwBaseSecurityNotifications 1 } hwBaseSecurityUrpfDiscardedRateResume NOTIFICATION-TYPE OBJECTS { hwLocalUrpfCurrentRateLow, hwLocalUrpfCurrentRateHigh, hwLocalUrpfRateThreshold} STATUS current DESCRIPTION " The alarm of local URPF is resumed." ::= { hwBaseSecurityNotifications 2 } hwBaseSecurityTcpIpAttackDiscardedRateRising NOTIFICATION-TYPE OBJECTS { hwTcpIpDefendCurrentRateLow, hwTcpIpDefendCurrentRateHigh, hwTcpIpDefendRateThreshold, hwTcpIpDefendRateInterval} STATUS current DESCRIPTION " The discard packets exceed the threshold of TCPIP protection. " ::= { hwBaseSecurityNotifications 3 } hwBaseSecurityTcpIpAttackDiscardedRateResume NOTIFICATION-TYPE OBJECTS { hwTcpIpDefendCurrentRateLow, hwTcpIpDefendCurrentRateHigh, hwTcpIpDefendRateThreshold, hwTcpIpDefendRateInterval} STATUS current DESCRIPTION " The alarm of TCPIP protection is resumed. " ::= { hwBaseSecurityNotifications 4 } hwBaseSecurityMaDiscardedRateRising NOTIFICATION-TYPE OBJECTS { hwMaDefendCurrentRateLow, hwMaDefendCurrentRateHigh, hwMaDefendRateThreshold, hwMaDefendRateInterval} STATUS current DESCRIPTION " The discard packets exceed the threshold of management and application protection." ::= { hwBaseSecurityNotifications 5 } hwBaseSecurityMaDiscardedRateResume NOTIFICATION-TYPE OBJECTS { hwMaDefendCurrentRateLow, hwMaDefendCurrentRateHigh, hwMaDefendRateThreshold, hwMaDefendRateInterval} STATUS current DESCRIPTION " The alarm of management and application protection is resumed. " ::= { hwBaseSecurityNotifications 6 } hwBaseSecurityApplicationApperceiveDiscardedRateRising NOTIFICATION-TYPE OBJECTS { hwAppliApperCurrentRateLow, hwAppliApperCurrentRateHigh, hwAppliApperRateThreshold, hwAppliApperRateInterval} STATUS current DESCRIPTION " The discard packets exceed the threshold of Application-Apperceive protection. " ::= { hwBaseSecurityNotifications 7 } hwBaseSecurityApplicationApperceiveDiscardedRateResume NOTIFICATION-TYPE OBJECTS { hwAppliApperCurrentRateLow, hwAppliApperCurrentRateHigh, hwAppliApperRateThreshold, hwAppliApperRateInterval} STATUS current DESCRIPTION "The alarm of Application-Apperceive protection is resumed." ::= { hwBaseSecurityNotifications 8 } hwBaseSecurityStormControlInterface NOTIFICATION-TYPE OBJECTS { hwBaseSecurityStormControlInterfaceChassisId, hwBaseSecurityStormControlInterfaceSlotId, hwBaseSecurityStormControlInterfaceName} STATUS current DESCRIPTION "The alarm of storm-control detection." ::= { hwBaseSecurityNotifications 9 } hwBaseSocAttackTrap NOTIFICATION-TYPE OBJECTS { hwSocAttackPossib, hwSocAttackReason, hwSocAttackIfName, hwSocAttackSubIfName, hwSocAttackVlanIndex, hwSocAttackUserQinQIndex, hwSocAttackMacAddr, hwSocAttackIPAddr } STATUS current DESCRIPTION "An attack occur on the Network. " ::= { hwBaseSecurityNotifications 12 } hwBaseSocAttackResumeTrap NOTIFICATION-TYPE OBJECTS { hwSocAttackPossib, hwSocAttackReason, hwSocAttackIfName, hwSocAttackSubIfName, hwSocAttackVlanIndex, hwSocAttackUserQinQIndex, hwSocAttackMacAddr, hwSocAttackIPAddr } STATUS current DESCRIPTION "An attack cancels on the Network." ::= { hwBaseSecurityNotifications 13 } hwMacFilter OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 12 } hwMacFilterModeTable OBJECT-TYPE SYNTAX SEQUENCE OF HwMacFilterModeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about mac-filter statistics." ::= { hwMacFilter 1 } hwMacFilterModeEntry OBJECT-TYPE SYNTAX HwMacFilterModeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about mac-filter statistics." INDEX { hwMacFilterIfIndex } ::= { hwMacFilterModeTable 1 } HwMacFilterModeEntry ::= SEQUENCE{ hwMacFilterIfIndex Integer32, hwMacFilterInterface DisplayString, hwMacFilterEnableMode INTEGER, hwMacFilterMatchNum Integer32 } hwMacFilterIfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Mac-filter interface index." ::= { hwMacFilterModeEntry 1 } hwMacFilterInterface OBJECT-TYPE SYNTAX DisplayString (SIZE (1..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "Mac-filter interface name." ::= { hwMacFilterModeEntry 2 } hwMacFilterEnableMode OBJECT-TYPE SYNTAX INTEGER{ none(0), whitelist(1), balcklist(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Mac-filter enable mode." ::= { hwMacFilterModeEntry 3 } hwMacFilterMatchNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Mac-filter if-match number." ::= { hwMacFilterModeEntry 4 } hwMacFilterMacAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF HwMacFilterMacAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about mac-filter if-match mac-address." ::= { hwMacFilter 2 } hwMacFilterMacAddrEntry OBJECT-TYPE SYNTAX HwMacFilterMacAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table list the information about mac-filter if-match mac-address." INDEX { hwMacFilterIfindex, hwMacFilterMacAddr} ::= { hwMacFilterMacAddrTable 1 } HwMacFilterMacAddrEntry ::= SEQUENCE{ hwMacFilterIfindex Integer32, hwMacFilterInterfaceBuf DisplayString, hwMacFilterMacAddr DisplayString } hwMacFilterIfindex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Mac-filter interface index." ::= { hwMacFilterMacAddrEntry 1 } hwMacFilterInterfaceBuf OBJECT-TYPE SYNTAX DisplayString (SIZE (1..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "Mac-filter interface name." ::= { hwMacFilterMacAddrEntry 2 } hwMacFilterMacAddr OBJECT-TYPE SYNTAX DisplayString (SIZE (1..100)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Mac-filter if-match mac-address." ::= { hwMacFilterMacAddrEntry 3 } hwMeSecurityMIBObjects OBJECT IDENTIFIER ::= { hwSecurityMIB 2 } hwSecurityTrapObject OBJECT IDENTIFIER ::= { hwMeSecurityMIBObjects 1 } hwStrackTrapObject OBJECT IDENTIFIER ::= { hwSecurityTrapObject 1 } hwStrackTotalPacket OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The total packets of strack during the configured interval.unit(packet)." ::= { hwStrackTrapObject 1 } hwStrackEndTime OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of strack." ::= { hwStrackTrapObject 2 } hwStrackSourceMac OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of strack." ::= { hwStrackTrapObject 3 } hwStrackPacketPVlan OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of strack." ::= { hwStrackTrapObject 4 } hwStrackPacketCVlan OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of strack." ::= { hwStrackTrapObject 5 } hwStrackPacketIfName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of strack." ::= { hwStrackTrapObject 6 } hwArpsTrapObject OBJECT IDENTIFIER ::= { hwSecurityTrapObject 2 } hwArpsSourceInterface OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of arp security." ::= { hwArpsTrapObject 1 } hwArpsSourceIp OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "TThe data of arp security." ::= { hwArpsTrapObject 2 } hwArpsSourceMac OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of arp security." ::= { hwArpsTrapObject 3 } hwArpsPVlan OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of arp security." ::= { hwArpsTrapObject 4 } hwArpsCVlan OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of arp security." ::= { hwArpsTrapObject 5 } hwArpsPacketDropNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The number of packets discarded by arp inspection .unit(packet)." ::= { hwArpsTrapObject 6 } hwArpsAlarmThreshold OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The alarm threshold of dynamic arp inspection during the configured interval.unit(packet)." ::= { hwArpsTrapObject 7 } hwArpsBlockTime OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of time which ARP Packet will be blocked. unit(second)." ::= { hwArpsTrapObject 8 } hwIpsgTrapObject OBJECT IDENTIFIER ::= { hwSecurityTrapObject 3 } hwIpsgPacketDropNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of ip source check ." ::= { hwIpsgTrapObject 1 } hwIpsgAlarmThreshold OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The alarm threshold of ip source check during the configured interval.unit(packet)." ::= { hwIpsgTrapObject 2 } hwIpsgSourceInterface OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of ip souce check." ::= { hwIpsgTrapObject 3 } hwIcmpTrapObject OBJECT IDENTIFIER ::= { hwSecurityTrapObject 4 } hwIcmpPacketDropNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The number of packets discarded by ip source check .unit(packet)." ::= { hwIcmpTrapObject 1 } hwIcmpAlarmThreshold OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The alarm threshold of icmp defend during the configured interval.unit(packet)." ::= { hwIcmpTrapObject 2 } hwIcmpSourceInterface OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The data of icmp security." ::= { hwIcmpTrapObject 3 } hwSecurityTraps OBJECT IDENTIFIER ::= { hwMeSecurityMIBObjects 2 } hwStrackTrap OBJECT IDENTIFIER ::= { hwSecurityTraps 1 } hwStrackUserInfo NOTIFICATION-TYPE OBJECTS { hwStrackPacketIfName, hwStrackSourceMac, hwStrackPacketCVlan, hwStrackPacketPVlan, hwStrackEndTime, hwStrackTotalPacket } STATUS current DESCRIPTION "The user data of stack." ::= { hwStrackTrap 1 } hwStrackIfVlanInfo NOTIFICATION-TYPE OBJECTS { hwStrackPacketIfName, hwStrackPacketCVlan, hwStrackPacketPVlan, hwStrackEndTime, hwStrackTotalPacket } STATUS current DESCRIPTION "The data of stack." ::= { hwStrackTrap 2 } hwArpsTrap OBJECT IDENTIFIER ::= { hwSecurityTraps 2 } hwArpsGatewayConflict NOTIFICATION-TYPE OBJECTS { hwArpsSourceInterface, hwArpsSourceIp, hwArpsSourceMac, hwArpsPVlan, hwArpsCVlan } STATUS current DESCRIPTION "The gateway conflict alarm is resumed." ::= { hwArpsTrap 1 } hwArpsEntryCheck NOTIFICATION-TYPE OBJECTS { hwArpsSourceInterface, hwArpsSourceIp, hwArpsSourceMac, hwArpsPVlan, hwArpsCVlan } STATUS current DESCRIPTION "The arp talbe chekc alarm is resumed." ::= { hwArpsTrap 2 } hwArpsPacketCheck NOTIFICATION-TYPE OBJECTS { hwArpsSourceInterface, hwArpsSourceIp, hwArpsSourceMac, hwArpsPVlan, hwArpsCVlan } STATUS current DESCRIPTION "The arp packet check alarm is resumed." ::= { hwArpsTrap 3 } hwArpsDaiDropALarm NOTIFICATION-TYPE OBJECTS { hwArpsPacketDropNum, hwArpsAlarmThreshold, hwArpsSourceInterface } STATUS current DESCRIPTION "The DAI alarm is resumed." ::= { hwArpsTrap 4 } hwArpGlobleSpeedLimitALarm NOTIFICATION-TYPE OBJECTS { hwArpsAlarmThreshold } STATUS current DESCRIPTION "The arp rate limit alarm is resumed." ::= { hwArpsTrap 5 } hwArpIfSpeedLimitALarm NOTIFICATION-TYPE OBJECTS { hwArpsAlarmThreshold, hwArpsSourceInterface } STATUS current DESCRIPTION "TThe arp rate limit alarm is resumed." ::= { hwArpsTrap 6 } hwArpVlanSpeedLimitALarm NOTIFICATION-TYPE OBJECTS { hwArpsAlarmThreshold, hwArpsPVlan } STATUS current DESCRIPTION "The arp rate limit alarm is resumed." ::= { hwArpsTrap 7 } hwArpMissGlobleSpeedLimitALarm NOTIFICATION-TYPE OBJECTS { hwArpsAlarmThreshold } STATUS current DESCRIPTION "The arp miss rate limit alarm is resumed." ::= { hwArpsTrap 8 } hwArpMissIfSpeedLimitALarm NOTIFICATION-TYPE OBJECTS { hwArpsAlarmThreshold, hwArpsSourceInterface } STATUS current DESCRIPTION "The arp miss rate limit alarm is resumed." ::= { hwArpsTrap 9 } hwArpMissVlanSpeedLimitALarm NOTIFICATION-TYPE OBJECTS { hwArpsAlarmThreshold, hwArpsPVlan } STATUS current DESCRIPTION "The arp miss rate limit alarm is resumed." ::= { hwArpsTrap 10 } hwArpSourceIpSpeedLimitALarm NOTIFICATION-TYPE OBJECTS { hwArpsSourceIp, hwArpsAlarmThreshold } STATUS current DESCRIPTION "The alarm of arp speed limit." ::= { hwArpsTrap 11 } hwArpMissSourceIpSpeedLimitALarm NOTIFICATION-TYPE OBJECTS { hwArpsSourceIp, hwArpsAlarmThreshold } STATUS current DESCRIPTION "The alarm of arp miss speed limit." ::= { hwArpsTrap 12 } hwArpIfRateLimitBlockALarm NOTIFICATION-TYPE OBJECTS { hwArpsSourceInterface, hwArpsBlockTime } STATUS current DESCRIPTION "The arp rate limit block alarm is resumed." ::= { hwArpsTrap 13 } hwIpsgTrap OBJECT IDENTIFIER ::= { hwSecurityTraps 3 } hwIpsgDropALarm NOTIFICATION-TYPE OBJECTS { hwIpsgPacketDropNum, hwIpsgAlarmThreshold, hwIpsgSourceInterface } STATUS current DESCRIPTION "The ipsg alarm is resumed." ::= { hwIpsgTrap 1 } hwIcmpTrap OBJECT IDENTIFIER ::= { hwSecurityTraps 4 } hwIcmpGlobleDropALarm NOTIFICATION-TYPE OBJECTS { hwIcmpAlarmThreshold } STATUS current DESCRIPTION "The icmp rate limit alarm is resumed." ::= { hwIcmpTrap 1 } hwIcmpIfDropALarm NOTIFICATION-TYPE OBJECTS { hwIcmpAlarmThreshold, hwIcmpSourceInterface } STATUS current DESCRIPTION "The icmp rate limit alarm is resumed." ::= { hwIcmpTrap 2 } hwSecurityConformance OBJECT IDENTIFIER ::= { hwSecurityMIB 11 } hwSecurityCompliances OBJECT IDENTIFIER ::= { hwSecurityConformance 1 } hwSecurityCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for systems supporting the HUAWEI-SECURITY-MIB." MODULE MANDATORY-GROUPS { hwLocalUrpfObjectGroup, hwTcpIpDefendObjectGroup, hwMaDefendObjectGroup, hwApplicationApperceiveObjectGroup, hwBaseSecurityNotificationsObjectGroup, hwMeSecurityObjectGroup, hwMeSecurityTrapGroup, hwDefdPortVlanObjectGroup, hwSocAttackTrapGroup } ::= { hwSecurityCompliances 1 } hwBaseSecurityGroups OBJECT IDENTIFIER ::= { hwSecurityConformance 2 } hwLocalUrpfObjectGroup OBJECT-GROUP OBJECTS{ hwLocalUrpfCurrentRateLow , hwLocalUrpfCurrentRateHigh , hwLocalUrpfNotifyEnabledStatus , hwLocalUrpfRateThreshold , hwLocalUrpfRateInterval } STATUS current DESCRIPTION "The alarm parameter of URPF." ::= { hwBaseSecurityGroups 2 } hwTcpIpDefendObjectGroup OBJECT-GROUP OBJECTS{ hwTcpIpDefendCurrentRateLow , hwTcpIpDefendCurrentRateHigh , hwTcpIpDefendNotifyEnabledStatus , hwTcpIpDefendRateThreshold , hwTcpIpDefendRateInterval } STATUS current DESCRIPTION "The alarm parameter of TCPIP protection." ::= { hwBaseSecurityGroups 3 } hwMaDefendObjectGroup OBJECT-GROUP OBJECTS{ hwMaDefendCurrentRateLow , hwMaDefendCurrentRateHigh , hwMaDefendNotifyEnabledStatus , hwMaDefendRateThreshold , hwMaDefendRateInterval } STATUS current DESCRIPTION "The alarm parameter of management and application protection." ::= { hwBaseSecurityGroups 4 } hwApplicationApperceiveObjectGroup OBJECT-GROUP OBJECTS{ hwAppliApperCurrentRateLow , hwAppliApperCurrentRateHigh , hwAppliApperNotifyEnabledStatus , hwAppliApperRateThreshold , hwAppliApperRateInterval } STATUS current DESCRIPTION "The alarm parameter of Application-Apperceive protection." ::= { hwBaseSecurityGroups 5 } hwBaseSecurityNotificationsObjectGroup NOTIFICATION-GROUP NOTIFICATIONS{ hwBaseSecurityUrpfDiscardedRateRising , hwBaseSecurityUrpfDiscardedRateResume , hwBaseSecurityTcpIpAttackDiscardedRateRising , hwBaseSecurityTcpIpAttackDiscardedRateResume , hwBaseSecurityMaDiscardedRateRising , hwBaseSecurityMaDiscardedRateResume , hwBaseSecurityApplicationApperceiveDiscardedRateRising , hwBaseSecurityApplicationApperceiveDiscardedRateResume , hwBaseSecurityStormControlInterface , hwBaseSecDefdPortVlanShutdown , hwBaseSecDefdPortVlanUndoShutdown , hwBaseSocAttackTrap , hwBaseSocAttackResumeTrap } STATUS current DESCRIPTION "Total alarm of protection are resumed." ::= { hwBaseSecurityGroups 6 } hwMeSecurityObjectGroup OBJECT-GROUP OBJECTS { hwStrackTotalPacket , hwStrackEndTime , hwStrackSourceMac , hwStrackPacketPVlan , hwStrackPacketCVlan , hwStrackPacketIfName , hwArpsSourceInterface , hwArpsSourceIp , hwArpsSourceMac , hwArpsPVlan , hwArpsCVlan , hwArpsPacketDropNum , hwArpsAlarmThreshold , hwArpsBlockTime , hwIpsgPacketDropNum , hwIpsgAlarmThreshold , hwIpsgSourceInterface , hwIcmpPacketDropNum , hwIcmpAlarmThreshold , hwIcmpSourceInterface } STATUS current DESCRIPTION "The alarm parameter of huawei base security group." ::= { hwBaseSecurityGroups 7 } hwMeSecurityTrapGroup NOTIFICATION-GROUP NOTIFICATIONS { hwStrackUserInfo , hwStrackIfVlanInfo , hwArpsGatewayConflict , hwArpsEntryCheck , hwArpsPacketCheck , hwArpsDaiDropALarm , hwArpGlobleSpeedLimitALarm , hwArpIfSpeedLimitALarm , hwArpVlanSpeedLimitALarm , hwArpMissGlobleSpeedLimitALarm , hwArpMissIfSpeedLimitALarm , hwArpMissVlanSpeedLimitALarm , hwArpSourceIpSpeedLimitALarm , hwArpMissSourceIpSpeedLimitALarm , hwArpIfRateLimitBlockALarm , hwIpsgDropALarm , hwIcmpGlobleDropALarm , hwIcmpIfDropALarm } STATUS current DESCRIPTION "Total alarm of protection are resumed." ::= { hwBaseSecurityGroups 8 } hwDefdPortVlanObjectGroup OBJECT-GROUP OBJECTS{ hwDefdPortVlanIfName , hwDefdPortVlanId , hwDefdPortVlanCheckProtocol } STATUS current DESCRIPTION "The alarm parameter of l2 ring-route ." ::= { hwBaseSecurityGroups 9 } hwSocAttackTrapGroup OBJECT-GROUP OBJECTS { hwSocAttackPossib, hwSocAttackReason, hwSocAttackIfName, hwSocAttackSubIfName, hwSocAttackVlanIndex, hwSocAttackUserQinQIndex, hwSocAttackMacAddr, hwSocAttackIPAddr } STATUS current DESCRIPTION "The alarm parameter of Security Operation Center" ::= { hwBaseSecurityGroups 11 } hwBaseSecurityStormControlInterfaceObjects OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 13 } hwBaseSecurityStormControlInterfaceTable OBJECT-TYPE SYNTAX SEQUENCE OF HwBaseSecurityStormControlInterfaceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A Table about storm-control interface information." ::= { hwBaseSecurityStormControlInterfaceObjects 1 } hwBaseSecurityStormControlInterfaceEntry OBJECT-TYPE SYNTAX HwBaseSecurityStormControlInterfaceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Description." INDEX { hwBaseSecurityStormControlInterfaceChassisId, hwBaseSecurityStormControlInterfaceSlotId } ::= { hwBaseSecurityStormControlInterfaceTable 1 } HwBaseSecurityStormControlInterfaceEntry ::= SEQUENCE { hwBaseSecurityStormControlInterfaceChassisId Integer32, hwBaseSecurityStormControlInterfaceSlotId Integer32, hwBaseSecurityStormControlInterfaceName OCTET STRING } hwBaseSecurityStormControlInterfaceChassisId OBJECT-TYPE SYNTAX Integer32 (1..128) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The chassis ID indicates the slot on which chassis is configured with storm control." ::= { hwBaseSecurityStormControlInterfaceEntry 1 } hwBaseSecurityStormControlInterfaceSlotId OBJECT-TYPE SYNTAX Integer32 (1..128) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The slot configured with storm control." ::= { hwBaseSecurityStormControlInterfaceEntry 2 } hwBaseSecurityStormControlInterfaceName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..63)) MAX-ACCESS read-only STATUS current DESCRIPTION "The interface name." ::= { hwBaseSecurityStormControlInterfaceEntry 3 } END -- -- HUAWEI-SECURITY-MIB.mib