CISCO-SSL-PROXY-MIB: View SNMP OID List / Download MIB
VENDOR: CISCO
| Home | MIB: CISCO-SSL-PROXY-MIB | |||
|---|---|---|---|---|
| Download as: |
Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
|
|||
| Object Name | OID | Type | Access | Info |
| ciscoSslProxyMIB | 1.3.6.1.4.1.9.9.370 |
This MIB module is for managing a Secure Socket Layer (SSL) Proxy device which terminates and accelarates SSL and Transport Layer Security (TLS) transactions. The proxy device can act as a SSL server or a SSL client depending on the configuration and the application. In one application, the device acts as a proxy SSL server. It terminates SSL handshakes and TCP connections initiated by SSL clients. The device is configured with a key and a certificate bearing the identity of the SSL server. The device uses this identity to establish the SSL session on behalf of the server, offloading the key establishment and data encryption and decryption work. After the SSL session has been successfully established between the client and the proxy device, the device starts to receive and decrypt the encrypted data sent from the client and forward to the server. The device forwards the clear data to the server on a backend connection. Clear data sent from the server is encrypted by the proxy device before it is forwarded to the SSL client. Optionally, the proxy device is configured to reencrypt the decrypted data sent from the client to the server. The proxy device acts as a SSL client to initiate a SSL session to the server. The decrypted data is encrypted within this SSL session to be forwarded to the server. The encrypted data sent from the server to the device is decrypted and then reencrypted before it is forwarded to the client. In another application, the proxy device forwards data generated by one or more sources to the destination via a SSL session. The proxy device acts as a SSL client and intiates a SSL session to the next hop device. When data is received from the source, the proxy device forwards the data to the next hop using the SSL session. The next hop can continue to forward the data if it is not the destination. The proxy device supports a number of proxy services. Each proxy service defines the role of the proxy device, whether it acts as a SSL server or a SSL client. The rest of the configuration include cryptographic and protocol parameters. This MIB is used for monitoring the configuration, statuses and statistics of the proxy services and the protocols including TCP, SSL and TLS. |
||
| cspMIBNotifications | 1.3.6.1.4.1.9.9.370.0 | |||
| cspServOperStatus | 1.3.6.1.4.1.9.9.370.0.1 |
The proxy service operation status change notification. When the Operation Status of a proxy service changes, and cspGcNotifyProxyServOperStatus is 'true', a notification will be issued. The notification contains the current operation status and the down reason of the proxy service. |
||
| cspServCertExpiring | 1.3.6.1.4.1.9.9.370.0.2 |
The proxy service certificate expiring notification. If the time interval cspGcPSCertExpireInterval is positive, and cspGcNotifyPSCertExpiring is 'true', a notification will be issued for every proxy service certificate that will be expiring within this time interval. This notification is issued only once for each of these certificates. If the interval is changed from a positive value to 0, the proxy device will clear its memory of notification issued in the past, and stop issuing new notification. The notification contains the subject name, the serial number and the issuer name of the certificate, the serial number of the issuer's certificate, and the end date on the certificate. |
||
| cspSSLResourceLimitReached | 1.3.6.1.4.1.9.9.370.0.3 |
This notification is issued on the following scenarios: 1) When the value of cpsSslActiveConnPcnt exceeds the value of cspSslConfigHighConnPcnt 2) When the value of cpsSslActiveConn falls below the watermark value represented by cspSslConfigWatermarkPcnt. |
||
| cspMIBObjects | 1.3.6.1.4.1.9.9.370.1 | |||
| cspGlobalConfig | 1.3.6.1.4.1.9.9.370.1.1 | |||
| cspGcVersion | 1.3.6.1.4.1.9.9.370.1.1.1 | snmpadminstring | read-only |
The version information of the SSL proxy device, for display only. |
| cspGcFIPSMode | 1.3.6.1.4.1.9.9.370.1.1.2 | truthvalue | read-write |
An indication of whether or not the proxy device is operating in FIPS (Federal Information Processing Standards) approved mode. If 'true', the proxy device is operating in FIPS mode. When the device operates in FIPS mode, only approved cryptographic algorithms and key strengths are enabled. Authentication and other security requirements of FIPS will also be enforced in this mode. |
| cspGcRSArc4128md5 | 1.3.6.1.4.1.9.9.370.1.1.3 | truthvalue | read-only |
An indication of whether or not the proxy device supports the cipher suite RSA_WITH_RC4_128_MD5. If 'true', the cipher suite is supported. |
| cspGcRSArc4128sha | 1.3.6.1.4.1.9.9.370.1.1.4 | truthvalue | read-only |
An indication of whether or not the proxy device supports the cipher suite RSA_WITH_RC4_128_SHA. If 'true', the cipher suite is supported. |
| cspGcRSAdescbcsha | 1.3.6.1.4.1.9.9.370.1.1.5 | truthvalue | read-only |
An indication of whether or not the proxy device supports the cipher suite RSA_WITH_DES_CBC_SHA. If 'true', the cipher suite is supported. |
| cspGcRSA3descbcsha | 1.3.6.1.4.1.9.9.370.1.1.6 | truthvalue | read-only |
An indication of whether or not the proxy device supports the cipher suite RSA_WITH_3DES_EDE_CBC_SHA. If 'true', the cipher suite is supported. |
| cspGcNotifyProxyServOperStatus | 1.3.6.1.4.1.9.9.370.1.1.7 | truthvalue | read-write |
An indication of whether or not a cspServOperStatus notification should be issued when the operation status of proxy services changes. If such a notification is desired, it is the responsibility of the management entity to ensure that the SNMP administrative model is configured in such a way as to allow the notification to be delivered. |
| cspGcNotifyPSCertExpiring | 1.3.6.1.4.1.9.9.370.1.1.8 | truthvalue | read-write |
An indication of whether or not a cspServCertExpiring notification should be issued when a proxy service certificate will be expiring in the configured time interval cspGcPSCertExpireInterval. If such a notification is desired, it is the responsibility of the management entity to ensure that the SNMP administrative model is configured in such a way as to allow the notification to be delivered. |
| cspGcPSCertExpireInterval | 1.3.6.1.4.1.9.9.370.1.1.9 | integer32 | read-write |
The proxy service certificate expiration time interval, used to determine when the cspServCertExpiring notification should be issued if cspGcNotifyPSCertExpiring is 'true'. If this time interval is 0, no proxy service certification expiration will be checked. |
| cspPsConfig | 1.3.6.1.4.1.9.9.370.1.2 | |||
| cspPsTable | 1.3.6.1.4.1.9.9.370.1.2.1 | no-access |
A list of proxy service configuration entries. |
|
| 1.3.6.1.4.1.9.9.370.1.2.1.1 | no-access |
The proxy service configuration entry. Each entry indicates the name and the index of a proxy service, and a set of configuration parameters to be applied on this proxy service. A unique name can be assigned to each proxy service. Optionally, multiple proxy services can be grouped into a proxy list. All the services in a list have the same name, and each service is assigned a unique index within the list. Each proxy service has a virtual and a server address. This entry reports the address and port configuration, and the administrative and operational statuses of each proxy service. If a service is not operational, the reason for its being 'down' is also reported. |
||
| cspPsName | 1.3.6.1.4.1.9.9.370.1.2.1.1.1 | snmpadminstring | no-access |
The name of a proxy service. A unique name string can be assigned to one proxy service or a list of proxy services. When the name is assigned to a list of proxy services, each proxy service is identified by a unique index within the list. |
| cspPsListIndex | 1.3.6.1.4.1.9.9.370.1.2.1.1.2 | integer32 | no-access |
The unique index of a proxy service within a list. If the cspPsName string is assigned to a list of proxy services, this index is used to identify a proxy service within the list. If the cspPsName string is unique per proxy service, this index is not used, and the value shall be 0. |
| cspPsServiceType | 1.3.6.1.4.1.9.9.370.1.2.1.1.3 | integer | read-only |
The type of proxy service: 'server(1)' or 'client(2)'. When servicing a 'server' type proxy service, the proxy device acts as a SSL server. It terminates the SSL handshake initiated by a SSL client, and forwards the data sent from the client to the destination. When servicing a 'client' type proxy service, the proxy device acts as a SSL client. It initiates a SSL handshake to a SSL server, and forwards data sent from one or more data sources to the SSL server. Enumeration: 'client': 2, 'server': 1. |
| cspPsVirtualAddressType | 1.3.6.1.4.1.9.9.370.1.2.1.1.4 | inetaddresstype | read-only |
An indication of the type of address contained in cspPsVirtualAddress. |
| cspPsVirtualAddress | 1.3.6.1.4.1.9.9.370.1.2.1.1.5 | inetaddress | read-only |
The virtual address. This address is used by the data source to send data that can be received by the proxy device and forwarded to the destination. |
| cspPsVirtualPort | 1.3.6.1.4.1.9.9.370.1.2.1.1.6 | ciscoport | read-only |
The virtual TCP port number. This port number is used by the data source to send data that can be received by the proxy device and forwarded to the destination. |
| cspPsServerAddressType | 1.3.6.1.4.1.9.9.370.1.2.1.1.7 | inetaddresstype | read-only |
An indication of the type of address contained in cspPsServerAddress. |
| cspPsServerAddress | 1.3.6.1.4.1.9.9.370.1.2.1.1.8 | inetaddress | read-only |
The server address. This address is used by the proxy device to send or forward data to the destination. |
| cspPsServerPort | 1.3.6.1.4.1.9.9.370.1.2.1.1.9 | ciscoport | read-only |
The server TCP port number. This port number is used by the proxy device to send or forward data to the destination. |
| cspPsAdminStatus | 1.3.6.1.4.1.9.9.370.1.2.1.1.10 | integer | read-only |
The administrative status of the proxy service. Each proxy service can be configured to be administratively 'up' or 'down'. If the Adminstrative Status is 'down', the service will not be operational. Enumeration: 'down': 2, 'up': 1. |
| cspPsOperStatus | 1.3.6.1.4.1.9.9.370.1.2.1.1.11 | integer | read-only |
The operational status of a proxy service. For a proxy service to be operational, its administrative status needs to be 'up'. If the administrative status is 'up', the operational status will be changed from 'down' to 'up' automatically once all the required configuration parameters and resources, including necessary keys and certificates, become available. If one or more required resources are removed (e.g. the certificate has expired), the operational status will be changed to 'down' automatically. Enumeration: 'down': 2, 'up': 1. |
| cspPsOperDownReason | 1.3.6.1.4.1.9.9.370.1.2.1.1.12 | integer | read-only |
The reason for the operational status to be 'down'. Possible values are: other(1) : Unknown or undefined reason, notApplicable(2) : Administratively 'down', noConnectivity(3) : No Connectivity to the client, the server, or the gateway, noVirtualAddr(4) : Virtual Address not configured, noServerAddr(5) : Server Address not configured, noCert(6) : Certificate configured, but invalid or missing, certNotConfigured(7): Certificate not configured. Enumeration: 'noCert': 6, 'noConnectivity': 3, 'noServerAddr': 5, 'noVirtualAddr': 4, 'notApplicable': 2, 'other': 1, 'certNotConfigured': 7. |
| cspPsConfigRowStatus | 1.3.6.1.4.1.9.9.370.1.2.1.1.13 | rowstatus | read-only |
The conceptual row status of the proxy service configuration entry. An entry cannot have the status 'active' until values have been assigned to the following objects: cspPsVirtualAddress, cspPsVirtualPort, cspPsServerAddress and cspPsServerPort. This entry can be modified when the status is 'active'. |
| cspPsPolicyConfig | 1.3.6.1.4.1.9.9.370.1.3 | |||
| cspPsPolicyTable | 1.3.6.1.4.1.9.9.370.1.3.1 | no-access |
A list of proxy service policy configuration entries. |
|
| 1.3.6.1.4.1.9.9.370.1.3.1.1 | no-access |
The proxy service policy entry. Each proxy service policy entry contains the name of each type of policy configured for the proxy service. A policy is a set of configuration parameters and rules to observe for implementing a protocol or an operation. One or more of the following policies can be configured for a proxy service: TCP protocol policy for virtual connections, TCP protocol policy for server connections, SSL protocol policy, HTTP header insertion policy, and URL rewrite policy. |
||
| cspPspVirTcpPolicyName | 1.3.6.1.4.1.9.9.370.1.3.1.1.1 | snmpadminstring | read-only |
The name of the TCP protocol policy configured for the virtual side connections. If no TCP policy is configured, the name will be a NULL string. |
| cspPspSerTcpPolicyName | 1.3.6.1.4.1.9.9.370.1.3.1.1.2 | snmpadminstring | read-only |
The name of the TCP protocol policy configured for the server side connections. If no TCP policy is configured, the name will be a NULL string. |
| cspPspSslPolicyName | 1.3.6.1.4.1.9.9.370.1.3.1.1.3 | snmpadminstring | read-only |
The name of the SSL protocol policy configured for the SSL handshake and data encryption and decryption. If no SSL policy is configured, the name will be a NULL string. |
| cspPspHttpHdrPolicyName | 1.3.6.1.4.1.9.9.370.1.3.1.1.4 | snmpadminstring | read-only |
The name of the HTTP header insertion policy. A number of fields can be inserted into the HTTP headers when the proxy service is forwarding data. The policy specifies the header insertion parameters. If no policy is configured, the name will be a NULL string. |
| cspPspUrlRewritePolicyName | 1.3.6.1.4.1.9.9.370.1.3.1.1.5 | snmpadminstring | read-only |
The name of the URL rewrite policy. The policy specifies configuration parameters for rewriting URLs in HTTP headers and payload. If no policy is configured, the name will be a NULL string. |
| cspPsKeyCertConfig | 1.3.6.1.4.1.9.9.370.1.4 | |||
| cspPsKeyCertTable | 1.3.6.1.4.1.9.9.370.1.4.1 | no-access |
A list of proxy service key and certificate configuration entries. |
|
| 1.3.6.1.4.1.9.9.370.1.4.1.1 | no-access |
The proxy service key and certificate configuration entry. This entry specifies the key usage, optionally the trust point name, the certificate and the key file names, the key size and time of generation or import, and some important attributes of the certificate. |
||
| cspPskcKeyUsage | 1.3.6.1.4.1.9.9.370.1.4.1.1.1 | integer | no-access |
An indication of the usage of a key assigned to a proxy service. Each proxy service can be assigned one or more keys. The key can be used for signing only, for data encryption and decryption only, or for general purpose (that is, it can be used for both signing and data encryption and decryption). The following values are defined: rsaSigning(1) : RSA key used for signing only, rsaEncryption(2) : RSA key used for data encryption and decryption only, rsaGeneralPurpose(3): RSA key used for both signing and data encryption and decryption. Enumeration: 'rsaEncryption': 2, 'rsaSigning': 1, 'rsaGeneralPurpose': 3. |
| cspPskcTrustPointName | 1.3.6.1.4.1.9.9.370.1.4.1.1.2 | snmpadminstring | read-only |
The name of a trust point assigned to the proxy service. The trust point contains information that can be used for certificate enrollment or for importing keys and certificates. A trust point may also contain identifying information about keys and certificates, and the path and the protocol to be used for the proxy device to communicate with a Certificate Authority which issues certificates for the proxy service. If no trust point is assigned to the proxy service, the name will be a NULL string. |
| cspPskcCertFileName | 1.3.6.1.4.1.9.9.370.1.4.1.1.3 | snmpadminstring | read-only |
The name of the file storing the certificate. If there is no such file, the name will be a NULL string. |
| cspPskcKeyName | 1.3.6.1.4.1.9.9.370.1.4.1.1.4 | snmpadminstring | read-only |
The name of a key assigned to the proxy service. If there is no key assigned, the name will be a NULL string. If the key is stored in a file, the file name may be used to identify the key, and this name will be a NULL string. |
| cspPskcKeyFileName | 1.3.6.1.4.1.9.9.370.1.4.1.1.5 | snmpadminstring | read-only |
The name of the file storing the key. If there is no such file, the name will be a NULL string. |
| cspPskcKeySize | 1.3.6.1.4.1.9.9.370.1.4.1.1.6 | integer | read-only |
The size of the key. The following modulus sizes are defined for RSA keys: 512-bit, 768-bit, 1024-bit, 1536-bit and 2048-bit. Enumeration: 'rsa1024': 4, 'rsa2048': 6, 'rsa1536': 5, 'rsa512': 2, 'other': 1, 'rsa768': 3. |
| cspPskcKeyTime | 1.3.6.1.4.1.9.9.370.1.4.1.1.7 | snmpadminstring | read-only |
The time of generation of the key, if known. If the key is imported to the proxy device, this time can indicate the time of import if the time of generation is unknown. If the time is not known, this will be a NULL string. |
| cspPskcCertStatus | 1.3.6.1.4.1.9.9.370.1.4.1.1.8 | integer | read-only |
The status of the certificate that is used to publish the public key. The following values are defined: Valid(1) : Certificate is valid, Expired(2) : Certificate has expired, Rolling Over(3): Certificate is being renewed. Whether or not an expired certificate can be used for the proxy service is implementation specific. Enumeration: 'rollover': 3, 'valid': 1, 'expired': 2. |
| cspPskcCertSubjName | 1.3.6.1.4.1.9.9.370.1.4.1.1.9 | snmpadminstring | read-only |
The subject name of the certificate assigned to the proxy service. If there is no subject name on the certificate, this will be a NULL string. |
| cspPskcCertSerialNum | 1.3.6.1.4.1.9.9.370.1.4.1.1.10 | snmpadminstring | read-only |
The serial number of the certificate assigned to the proxy service. If there is no serial number on the certificate, this will be a NULL string. |
| cspPskcIssuerName | 1.3.6.1.4.1.9.9.370.1.4.1.1.11 | snmpadminstring | read-only |
The issuer name of the certificate assigned to the proxy service. If the issuer name of the certificate is not known, this will be a NULL string. |
| cspPskcIssuerCertSerialNum | 1.3.6.1.4.1.9.9.370.1.4.1.1.12 | snmpadminstring | read-only |
The serial number of the issuer's certificate. If the serial number of the issuer's certificate is not known, this will be a NULL string. |
| cspPskcCertStartDate | 1.3.6.1.4.1.9.9.370.1.4.1.1.13 | snmpadminstring | read-only |
The time when the certificate starts to be valid, corresponding to the notBefore time on the certificate. |
| cspPskcCertEndDate | 1.3.6.1.4.1.9.9.370.1.4.1.1.14 | snmpadminstring | read-only |
The time when the certificate validity ends, corresponding to the notAfter time on the certificate. |
| cspPskcConfigRowStatus | 1.3.6.1.4.1.9.9.370.1.4.1.1.15 | rowstatus | read-only |
The conceptual row status of the proxy service key and certificate configuration entry. This entry can be modified when the status is 'active'. |
| cspTcpPolicyConfig | 1.3.6.1.4.1.9.9.370.1.5 | |||
| cspTcpPolicyTable | 1.3.6.1.4.1.9.9.370.1.5.1 | no-access |
A list of TCP Policy entries |
|
| 1.3.6.1.4.1.9.9.370.1.5.1.1 | no-access |
TCP Policy configuration entry. Each entry defines a set of TCP protocol parameters. A policy can be applied to one or more proxy services. |
||
| cspTpPolicyName | 1.3.6.1.4.1.9.9.370.1.5.1.1.1 | snmpadminstring | no-access |
The unique name of a TCP policy. |
| cspTpSynTimeOut | 1.3.6.1.4.1.9.9.370.1.5.1.1.2 | integer32 | read-only |
The TCP connection SYN timeout value. This is the amount of time the SSL proxy waits before failing the connection establishment attempt. |
| cspTpInActivityTimeOut | 1.3.6.1.4.1.9.9.370.1.5.1.1.3 | integer32 | read-only |
The TCP connection inactivity timeout value. This is the amount of time the SSL proxy waits for the next packet to arrive on a TCP connection, if no packet is received within this period then the connection is considered to be inactive and aborted. |
| cspTpNagleAlgo | 1.3.6.1.4.1.9.9.370.1.5.1.1.4 | truthvalue | read-only |
If 'true', the Nagle Algorithm is enabled during the SSL or TLS data phase to concatenate a number of small messages to avoid sending small messages into the network. |
| cspTpFinWaitTimeOut | 1.3.6.1.4.1.9.9.370.1.5.1.1.5 | integer32 | read-only |
The TCP connection FIN-WAIT2 state timeout value. This is the amount of time the SSL proxy waits for a FIN from the peer after it has initiated close and is in FIN-WAIT2 state. |
| cspTpReassemTimeOut | 1.3.6.1.4.1.9.9.370.1.5.1.1.6 | integer32 | read-only |
The TCP connection reassembly timeout value. This is the amount of time the SSL proxy waits during the TCP out of order traffic reassembly process for the next expected in sequence segment to arrive. |
| cspTpRcvBufShrLim | 1.3.6.1.4.1.9.9.370.1.5.1.1.7 | integer32 | read-only |
The receive buffer share limit per connection. This is used by SSL proxy to calculate the maximum window to advertise during the 3 way handshake, and is also the maximum share of the receive buffer pool that would be allocated for this connection. |
| cspTpTransBufShrLim | 1.3.6.1.4.1.9.9.370.1.5.1.1.8 | integer32 | read-only |
The transmit buffer share limit per connection. This is the maximum share of the send buffer pool that would be allocated for this connection. |
| cspTpMss | 1.3.6.1.4.1.9.9.370.1.5.1.1.9 | integer32 | read-only |
The TCP maximum segment size. This is the MSS value offered by the SSL proxy during 3-way handshake |
| cspTpPathMtuDisc | 1.3.6.1.4.1.9.9.370.1.5.1.1.10 | truthvalue | read-only |
If 'true', the Path MTU Discovery algorithm is enabled. |
| cspTpConfigRowStatus | 1.3.6.1.4.1.9.9.370.1.5.1.1.11 | rowstatus | read-only |
The conceptual row status of the TCP policy configuration entry. This entry can be modified when the status is 'active'. |
| cspSslPolicyConfig | 1.3.6.1.4.1.9.9.370.1.6 | |||
| cspSslPolicyTable | 1.3.6.1.4.1.9.9.370.1.6.1 | no-access |
A list of SSL protocol policy configuration entries. |
|
| 1.3.6.1.4.1.9.9.370.1.6.1.1 | no-access |
A SSL policy defines a set of cipher suites to be supported, and the SSL or TLS protocol parameters. Each policy can be assigned to one or more proxy services. If no SSL policy is assigned to a proxy service, all supported cipher suites and all protocol versions will be enabled by default. |
||
| cspSpPolicyName | 1.3.6.1.4.1.9.9.370.1.6.1.1.1 | snmpadminstring | no-access |
The unique name of a SSL protocol policy. |
| cspSpRSArc4128md5 | 1.3.6.1.4.1.9.9.370.1.6.1.1.2 | truthvalue | read-only |
An indication of whether or not the cipher suite RSA_WITH_RC4_128_MD5 is configured. If 'true', the cipher suite is configured. |
| cspSpRSArc4128sha | 1.3.6.1.4.1.9.9.370.1.6.1.1.3 | truthvalue | read-only |
An indication of whether or not the cipher suite RSA_WITH_RC4_128_SHA is configured. If 'true', the cipher suite is configured. |
| cspSpRSAdescbcsha | 1.3.6.1.4.1.9.9.370.1.6.1.1.4 | truthvalue | read-only |
An indication of whether or not the cipher suite RSA_WITH_DES_CBC_SHA is configured. If 'true', the cipher suite is configured. |
| cspSpRSA3descbcsha | 1.3.6.1.4.1.9.9.370.1.6.1.1.5 | truthvalue | read-only |
An indication of whether or not the cipher suite RSA_WITH_3DES_EDE_CBC_SHA is configured. If 'true', the cipher suite is configured. |
| cspSpProtocol | 1.3.6.1.4.1.9.9.370.1.6.1.1.6 | integer | read-only |
The set of SSL and TLS protocols to be supported. The following values are defined: other(1) : An unspecified protocol, SSL 3.0(2) : Support SSL 3.0 protocol only, TLS 1.0(3) : Support TLS 1.0 protocol only, ssl3AndTls1(3) : Support both SSL 3.0 and TLS 1.0 Enumeration: 'ssl3': 2, 'other': 1, 'tls1': 3, 'ssl3AndTls1': 4. |
| cspSpCloseProtocol | 1.3.6.1.4.1.9.9.370.1.6.1.1.7 | truthvalue | read-only |
An indication of whether or not the SSL close protocol is enforced. If 'true', the close protocol is enforced. A close-notify alert message is sent to the peer, and a close-notify alert message is expected from the peer. If 'false', the close protocol is not enforced. The proxy service sends a close-notify alert message to the peer; however, the proxy service does not expect a close-notify alert from the peer before tearing down the session. |
| cspSpSessionCache | 1.3.6.1.4.1.9.9.370.1.6.1.1.8 | integer32 | read-only |
The SSL session cache size. The session cache is used to store a number of most recently used session identifiers. Session identifiers can be reused if a new connection requests to use a session identifier that is found in the cache. This object specifies the maximum size of the cache. |
| cspSpSessionTimeOut | 1.3.6.1.4.1.9.9.370.1.6.1.1.9 | integer32 | read-only |
The SSL session timeout value. The session entry will be removed from the session cache after the configured timeout. Once the session entry is removed, subsequent connections cannot reuse the session. If this timeout value is 0, entries in the session cache will not timeout. |
| cspSpConfigRowStatus | 1.3.6.1.4.1.9.9.370.1.6.1.1.10 | rowstatus | read-only |
The row status of the SSL policy configuration entry. This entry can be modified when the status is 'active'. |
| cspTcpCountersInfo | 1.3.6.1.4.1.9.9.370.1.7 | |||
| cspTcpCountersClearTime | 1.3.6.1.4.1.9.9.370.1.7.1 | timestamp | read-only |
The last time when the TCP counters were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero. |
| cspTcpCounters | 1.3.6.1.4.1.9.9.370.1.8 | |||
| cspTcConnInit | 1.3.6.1.4.1.9.9.370.1.8.1 | counter32 | read-only |
The total number of TCP connections initiated by the proxy device. |
| cspTcConnAccept | 1.3.6.1.4.1.9.9.370.1.8.2 | counter32 | read-only |
The total number of TCP connections accepted by the proxy device. |
| cspTcConnEstab | 1.3.6.1.4.1.9.9.370.1.8.3 | counter32 | read-only |
The total number of TCP connections established. |
| cspTcConnDrop | 1.3.6.1.4.1.9.9.370.1.8.4 | counter32 | read-only |
The total number of TCP connections dropped. |
| cspTcConnClosed | 1.3.6.1.4.1.9.9.370.1.8.5 | counter32 | read-only |
The total number of TCP connections closed. |
| cspTcSynTimeOuts | 1.3.6.1.4.1.9.9.370.1.8.6 | counter32 | read-only |
The total number of SYN timeouts. |
| cspTcIdleTimeOuts | 1.3.6.1.4.1.9.9.370.1.8.7 | counter32 | read-only |
The total number of idle timeouts. |
| cspTcTotalPktSent | 1.3.6.1.4.1.9.9.370.1.8.8 | counter32 | read-only |
The total number of TCP packets sent. |
| cspTcDataPktSent | 1.3.6.1.4.1.9.9.370.1.8.9 | counter32 | read-only |
The total number of TCP data packets sent. |
| cspTcDataByteSent | 1.3.6.1.4.1.9.9.370.1.8.10 | counter32 | read-only |
The total amount of data sent. |
| cspTcTotalPktRcv | 1.3.6.1.4.1.9.9.370.1.8.11 | counter32 | read-only |
The total number of TCP packets received. |
| cspTcPktRcvSeq | 1.3.6.1.4.1.9.9.370.1.8.12 | counter32 | read-only |
The total number of TCP data packets received in sequence. |
| cspTcByteRcvSeq | 1.3.6.1.4.1.9.9.370.1.8.13 | counter32 | read-only |
The total amount of data received in sequence. |
| cspSslCountersInfo | 1.3.6.1.4.1.9.9.370.1.9 | |||
| cspSslCountersClearTime | 1.3.6.1.4.1.9.9.370.1.9.1 | timestamp | read-only |
The last time when the SSL counters were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero. |
| cspSslCounters | 1.3.6.1.4.1.9.9.370.1.10 | |||
| cspScConnAttempt | 1.3.6.1.4.1.9.9.370.1.10.1 | counter32 | read-only |
The total number of SSL connections attempted. |
| cspScConnComplete | 1.3.6.1.4.1.9.9.370.1.10.2 | counter32 | read-only |
The total number of SSL connections completed. |
| cspScConnInHandShake | 1.3.6.1.4.1.9.9.370.1.10.3 | gauge32 | read-only |
The number of SSL connections currently in handshake phase. |
| cspScConnInDataPhase | 1.3.6.1.4.1.9.9.370.1.10.4 | gauge32 | read-only |
The number of SSL connections currently in data phase. |
| cspScRenegAttempt | 1.3.6.1.4.1.9.9.370.1.10.5 | counter32 | read-only |
The total number of SSL renegotiations attempted. |
| cspScConnInReneg | 1.3.6.1.4.1.9.9.370.1.10.6 | gauge32 | read-only |
The number of SSL connections currently in renegotiation phase |
| cspScActiveSessions | 1.3.6.1.4.1.9.9.370.1.10.7 | gauge32 | read-only |
The number of active SSL sessions. This number indicates the number of valid session entries in the session cache. |
| cspScMaxHandShakeConns | 1.3.6.1.4.1.9.9.370.1.10.8 | gauge32 | read-only |
This indicates the maximum number of connections present in handshake phase at any point of time |
| cspScCurrDeviceQLen | 1.3.6.1.4.1.9.9.370.1.10.9 | gauge32 | read-only |
The current device queue length. Indicates the number of requests pending with the device. |
| cspScMaxDeviceQLen | 1.3.6.1.4.1.9.9.370.1.10.10 | gauge32 | read-only |
The maximum device queue length recorded. Indicates the maximum number of requests queued to the device at any point of time. |
| cspScSessionReuses | 1.3.6.1.4.1.9.9.370.1.10.11 | counter32 | read-only |
The number of session reuses. Indicates the number of times the sessions got reused before the session timer expired. |
| cspSsl3Counters | 1.3.6.1.4.1.9.9.370.1.11 | |||
| cspS3cFullHandShake | 1.3.6.1.4.1.9.9.370.1.11.1 | counter32 | read-only |
The total number of full SSL 3.0 handshakes completed. |
| cspS3cResumedHandShake | 1.3.6.1.4.1.9.9.370.1.11.2 | counter32 | read-only |
The total number of SSL 3.0 resumed handshakes completed. |
| cspS3cHandShakeFailed | 1.3.6.1.4.1.9.9.370.1.11.3 | counter32 | read-only |
The total number of SSL 3.0 connections failed in handshake phase. |
| cspS3cDataFailed | 1.3.6.1.4.1.9.9.370.1.11.4 | counter32 | read-only |
The total number of SSL 3.0 sessions failed in data phase. |
| cspS3cBadMacRcvd | 1.3.6.1.4.1.9.9.370.1.11.5 | counter32 | read-only |
The total number of received SSL 3.0 records which have bad MAC (Message Authentication Code). |
| cspS3cPadErrors | 1.3.6.1.4.1.9.9.370.1.11.6 | counter32 | read-only |
The total number of received SSL 3.0 records which have pad errors. |
| cspS3cRSArc4128md5 | 1.3.6.1.4.1.9.9.370.1.11.7 | counter32 | read-only |
The total number of SSL 3.0 connections which used cipher suite RSA_WITH_RC4_128_MD5. |
| cspS3cRSArc4128sha | 1.3.6.1.4.1.9.9.370.1.11.8 | counter32 | read-only |
The total number of SSL 3.0 connections which used cipher suite RSA_WITH_RC4_128_SHA. |
| cspS3cRSAdescbcsha | 1.3.6.1.4.1.9.9.370.1.11.9 | counter32 | read-only |
The total number of SSL 3.0 connections which used cipher suite RSA_WITH_DES_CBC_SHA. |
| cspS3cRSA3desedecbcsha | 1.3.6.1.4.1.9.9.370.1.11.10 | counter32 | read-only |
The total number of SSL 3.0 connections which used cipher suite RSA_WITH_3DES_EDE_CBC_SHA. |
| cspTls1Counters | 1.3.6.1.4.1.9.9.370.1.12 | |||
| cspTlcFullHandShake | 1.3.6.1.4.1.9.9.370.1.12.1 | counter32 | read-only |
The total number of full TLS 1.0 handshakes completed. |
| cspTlcResumedHandShake | 1.3.6.1.4.1.9.9.370.1.12.2 | counter32 | read-only |
The total number of resumed TLS 1.0 handshakes completed. |
| cspTlcHandShakeFailed | 1.3.6.1.4.1.9.9.370.1.12.3 | counter32 | read-only |
The total number of TLS 1.0 connections failed in handshake phase. |
| cspTlcDataFailed | 1.3.6.1.4.1.9.9.370.1.12.4 | counter32 | read-only |
The total number of TLS 1.0 connections failed in data phase. |
| cspTlcBadMacRcvd | 1.3.6.1.4.1.9.9.370.1.12.5 | counter32 | read-only |
The total number of received TLS 1.0 records which have bad MAC (Message Authentication Code. |
| cspTlcPadErrors | 1.3.6.1.4.1.9.9.370.1.12.6 | counter32 | read-only |
The total number of received TLS 1.0 records which have pad errors. |
| cspTlcRSArc4128md5 | 1.3.6.1.4.1.9.9.370.1.12.7 | counter32 | read-only |
The total number of TLS 1.0 connections which used the cipher suite RSA_WITH_RC4_128_MD5. |
| cspTlcRSArc4128sha | 1.3.6.1.4.1.9.9.370.1.12.8 | counter32 | read-only |
The total number of TLS 1.0 connections which used the cipher suite RSA_WITH_RC4_128_SHA. |
| cspTlcRSAdescbcsha | 1.3.6.1.4.1.9.9.370.1.12.9 | counter32 | read-only |
The total number of TLS 1.0 connections which used the cipher suite RSA_WITH_DES_CBC_SHA. |
| cspTlcRSA3desedecbcsha | 1.3.6.1.4.1.9.9.370.1.12.10 | counter32 | read-only |
The total number of TLS 1.0 connections which used the cipher suite RSA_WITH_3DES_EDE_CBC_SHA. |
| cspSslCryptoCounters | 1.3.6.1.4.1.9.9.370.1.13 | |||
| cspSccBlksEncrypted | 1.3.6.1.4.1.9.9.370.1.13.1 | counter32 | read-only |
The total number of data blocks that got encrypted. |
| cspSccBlksDecrypted | 1.3.6.1.4.1.9.9.370.1.13.2 | counter32 | read-only |
The total number of data blocks that got decrypted. |
| cspSccBytesEncrypted | 1.3.6.1.4.1.9.9.370.1.13.3 | counter32 | read-only |
The total number of bytes that got encrypted. |
| cspSccBytesDecrypted | 1.3.6.1.4.1.9.9.370.1.13.4 | counter32 | read-only |
The total number of bytes that got decrypted. |
| cspSccPublicKeyOpers | 1.3.6.1.4.1.9.9.370.1.13.5 | counter32 | read-only |
The total number of RSA public key operations performed. |
| cspSccPrivateKeyOpers | 1.3.6.1.4.1.9.9.370.1.13.6 | counter32 | read-only |
The total number of RSA private key operations performed. |
| cspSccCryptoFails | 1.3.6.1.4.1.9.9.370.1.13.7 | counter32 | read-only |
The total number of failed cryptographic operations. |
| cspSccDmaErrors | 1.3.6.1.4.1.9.9.370.1.13.8 | counter32 | read-only |
The total number of cryptographic device DMA errors. |
| cspSslErrorCounters | 1.3.6.1.4.1.9.9.370.1.14 | |||
| cspSecSessAllocFailed | 1.3.6.1.4.1.9.9.370.1.14.1 | counter32 | read-only |
The total number of times SSL session could not be allocated. |
| cspSecSessLimitExceed | 1.3.6.1.4.1.9.9.370.1.14.2 | counter32 | read-only |
The total number of times configured SSL session limit got exceeded. The new connections will be rejected if the session limit is exceeded. |
| cspSecHShakeInitFailed | 1.3.6.1.4.1.9.9.370.1.14.3 | counter32 | read-only |
The total number of times SSL connections failed even before the handshake phase got started. This typically indicates that there is some connectivity problem with the server. |
| cspSecRenegFailed | 1.3.6.1.4.1.9.9.370.1.14.4 | counter32 | read-only |
The total number of times SSL renegotiation failed. |
| cspSecFatalAlertsRcvd | 1.3.6.1.4.1.9.9.370.1.14.5 | counter32 | read-only |
The total number of fatal alerts received. |
| cspSecFatalAlertsSent | 1.3.6.1.4.1.9.9.370.1.14.6 | counter32 | read-only |
The total number of fatal alerts sent. |
| cspSecNoCipherAlerts | 1.3.6.1.4.1.9.9.370.1.14.7 | counter32 | read-only |
The total number of ALERT_HANDSHAKE_FAIL alerts sent due to unsupported cipher suites. |
| cspSecVerMismatchAlerts | 1.3.6.1.4.1.9.9.370.1.14.8 | counter32 | read-only |
The total number of ALERT_PROTOCOL_VERSION alerts sent due to unsupported version number. |
| cspSecNoComprsnAlerts | 1.3.6.1.4.1.9.9.370.1.14.9 | counter32 | read-only |
The total number of ALERT_HANDSHAKE_FAIL alerts sent due to unsupported compression scheme. |
| cspSecHShakeHndleMemFail | 1.3.6.1.4.1.9.9.370.1.14.10 | counter32 | read-only |
The total number of handshake handle memory allocation failure. |
| cspSecStalePakDrop | 1.3.6.1.4.1.9.9.370.1.14.11 | counter32 | read-only |
The total number of stale packets dropped. Indicates the number of packets received after the SSL connection is torn down. |
| cspSecServiceIdDiscard | 1.3.6.1.4.1.9.9.370.1.14.12 | counter32 | read-only |
The total number of connections rejected because of invalid service identifiers. |
| cspSecHShakeLimitExceed | 1.3.6.1.4.1.9.9.370.1.14.13 | counter32 | read-only |
The total number of times simultaneous handshake connection exceeded the capacity. The new connections will be rejected if the total number of simultaneous handshake connections exceeds the limit. |
| cspSecDevConnCtxtFail | 1.3.6.1.4.1.9.9.370.1.14.14 | counter32 | read-only |
The total number of times device context could not be allocated. |
| cspSecMemAllocFailed | 1.3.6.1.4.1.9.9.370.1.14.15 | counter32 | read-only |
The total number of times memory allocation failed. |
| cspSecBuffAllocFailed | 1.3.6.1.4.1.9.9.370.1.14.16 | counter32 | read-only |
The total number of times buffer allocation failed. |
| cspSecAlertSendFailed | 1.3.6.1.4.1.9.9.370.1.14.17 | counter32 | read-only |
The total number of failure to send alerts. This is typically because of the memory allocation failure. |
| cspSecOverloadDropped | 1.3.6.1.4.1.9.9.370.1.14.18 | counter32 | read-only |
The total number of connections rejected because of overload conditions. This indicates that the incoming rate is higher than what can be handled. |
| cspSecConnAborted | 1.3.6.1.4.1.9.9.370.1.14.19 | counter32 | read-only |
The total number of SSL connections aborted. |
| cspPsCounters | 1.3.6.1.4.1.9.9.370.1.15 | |||
| cspPsCountersTable | 1.3.6.1.4.1.9.9.370.1.15.1 | no-access |
A list of proxy service global counter entries |
|
| 1.3.6.1.4.1.9.9.370.1.15.1.1 | no-access |
The proxy service global counter entry. Each entry displays the global SSL counters collected for a proxy service. |
||
| cspPscClearTime | 1.3.6.1.4.1.9.9.370.1.15.1.1.1 | timestamp | read-only |
The last time when counters in this entry were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero. |
| cspPscConnAttempt | 1.3.6.1.4.1.9.9.370.1.15.1.1.2 | counter32 | read-only |
The total number of SSL connections attempted. |
| cspPscConnComplete | 1.3.6.1.4.1.9.9.370.1.15.1.1.3 | counter32 | read-only |
The total number of SSL connections completed. |
| cspPscFullHandShake | 1.3.6.1.4.1.9.9.370.1.15.1.1.4 | counter32 | read-only |
The total number of full handshakes completed. |
| cspPscResumedHandShake | 1.3.6.1.4.1.9.9.370.1.15.1.1.5 | counter32 | read-only |
The total number of resumed handshakes completed. |
| cspPscConnInHandShake | 1.3.6.1.4.1.9.9.370.1.15.1.1.6 | gauge32 | read-only |
The number of connections currently in handshake phase. |
| cspPscConnInDataPhase | 1.3.6.1.4.1.9.9.370.1.15.1.1.7 | gauge32 | read-only |
The number of connections currently in data phase. |
| cspPscRenegAttempt | 1.3.6.1.4.1.9.9.370.1.15.1.1.8 | counter32 | read-only |
The total number of SSL renegotiations attempted. |
| cspPscConnInReneg | 1.3.6.1.4.1.9.9.370.1.15.1.1.9 | gauge32 | read-only |
The number of connections currently in renegotiation phase. |
| cspPscBlksEncrypted | 1.3.6.1.4.1.9.9.370.1.15.1.1.10 | counter32 | read-only |
The total number of data blocks that got encrypted. |
| cspPscBlksDecrypted | 1.3.6.1.4.1.9.9.370.1.15.1.1.11 | counter32 | read-only |
The total number of data blocks that got decrypted. |
| cspPscBytesEncrypted | 1.3.6.1.4.1.9.9.370.1.15.1.1.12 | counter32 | read-only |
The total number of bytes that got encrypted. |
| cspPscBytesDecrypted | 1.3.6.1.4.1.9.9.370.1.15.1.1.13 | counter32 | read-only |
The total number of bytes that got decrypted. |
| cspPscValidSessions | 1.3.6.1.4.1.9.9.370.1.15.1.1.14 | counter32 | read-only |
The total number of current valid sessions in the session cache. |
| cspPscSessLimitExceed | 1.3.6.1.4.1.9.9.370.1.15.1.1.15 | counter32 | read-only |
The total number of times configured SSL session limit got exceeded. The new connections will be rejected if the session limit is exceeded. |
| cspPscHandShakeFailed | 1.3.6.1.4.1.9.9.370.1.15.1.1.16 | counter32 | read-only |
The total number of times SSL connections failed in handshake phase. |
| cspPscDataFailed | 1.3.6.1.4.1.9.9.370.1.15.1.1.17 | counter32 | read-only |
The total number of times SSL connections failed in data phase. |
| cspPscFatalAlertsRcvd | 1.3.6.1.4.1.9.9.370.1.15.1.1.18 | counter32 | read-only |
The total number of fatal alerts received. |
| cspPscFatalAlertsSent | 1.3.6.1.4.1.9.9.370.1.15.1.1.19 | counter32 | read-only |
The total number of fatal alerts sent. |
| cspPscBadMacRcvd | 1.3.6.1.4.1.9.9.370.1.15.1.1.20 | counter32 | read-only |
The total number of received SSL records which have bad MAC (Message Authentication Code). |
| cspPscPadErrors | 1.3.6.1.4.1.9.9.370.1.15.1.1.21 | counter32 | read-only |
The total number of received SSL records which have pad errors. |
| cspPscNoCipherAlerts | 1.3.6.1.4.1.9.9.370.1.15.1.1.22 | counter32 | read-only |
The total number of alerts sent due to unsupported cipher suites. |
| cspPscNoComprsnAlerts | 1.3.6.1.4.1.9.9.370.1.15.1.1.23 | counter32 | read-only |
The total number of alerts sent due to unsupported compression scheme. |
| cspPscVerMismatchAlerts | 1.3.6.1.4.1.9.9.370.1.15.1.1.24 | counter32 | read-only |
The total number of alerts sent due to unsupported SSL or TLS version. |
| cspPsSsl3Counters | 1.3.6.1.4.1.9.9.370.1.16 | |||
| cspPsSsl3CountersTable | 1.3.6.1.4.1.9.9.370.1.16.1 | no-access |
A list of proxy service SSL 3.0 counter entries. |
|
| 1.3.6.1.4.1.9.9.370.1.16.1.1 | no-access |
The proxy service SSL 3.0 counter entry. This entry reports the counters collected about the SSL 3.0 protocol for each proxy service. |
||
| cspPs3cClearTime | 1.3.6.1.4.1.9.9.370.1.16.1.1.1 | timestamp | read-only |
The last time when counters in this entry were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have the value of zero. |
| cspPs3cFullHandShake | 1.3.6.1.4.1.9.9.370.1.16.1.1.2 | counter32 | read-only |
The total number of SSL 3.0 full handshakes completed. |
| cspPs3cResumedHandShake | 1.3.6.1.4.1.9.9.370.1.16.1.1.3 | counter32 | read-only |
The total number of SSL 3.0 resumed handshakes completed. |
| cspPs3cHandShakeFailed | 1.3.6.1.4.1.9.9.370.1.16.1.1.4 | counter32 | read-only |
The total number of SSL 3.0 connections failed in handshake phase. |
| cspPs3cDataFailed | 1.3.6.1.4.1.9.9.370.1.16.1.1.5 | counter32 | read-only |
The total number of SSL 3.0 connections failed in data phase. |
| cspPs3cBadMacRcvd | 1.3.6.1.4.1.9.9.370.1.16.1.1.6 | counter32 | read-only |
The total number of received SSL 3.0 records which have bad MAC (Message Authentication Code). |
| cspPs3cPadErrors | 1.3.6.1.4.1.9.9.370.1.16.1.1.7 | counter32 | read-only |
The total number of received SSL 3.0 records which have pad errors. |
| cspPs3cRSArc4128md5 | 1.3.6.1.4.1.9.9.370.1.16.1.1.8 | counter32 | read-only |
The total number of SSL 3.0 connections that used the cipher suite RSA_WITH_RC4_128_MD5. |
| cspPs3cRSArc4128sha | 1.3.6.1.4.1.9.9.370.1.16.1.1.9 | counter32 | read-only |
The total number of SSL 3.0 connections that used the cipher suite RSA_WITH_RC4_128_SHA. |
| cspPs3cRSAdescbcsha | 1.3.6.1.4.1.9.9.370.1.16.1.1.10 | counter32 | read-only |
The total number of SSL 3.0 connections that used the cipher suite RSA_WITH_DES_CBC_SHA. |
| cspPs3cRSA3desedecbcsha | 1.3.6.1.4.1.9.9.370.1.16.1.1.11 | counter32 | read-only |
The total number of SSL 3.0 connections that used the cipher suite RSA_WITH_3DES_EDE_CBC_SHA. |
| cspPsTls1Counters | 1.3.6.1.4.1.9.9.370.1.17 | |||
| cspPsTls1CountersTable | 1.3.6.1.4.1.9.9.370.1.17.1 | no-access |
A list of proxy service TLS 1.0 counter entries. |
|
| 1.3.6.1.4.1.9.9.370.1.17.1.1 | no-access |
The proxy service TLS 1.0 counter entry. This entry displays counters collected about the TLS 1.0 protocol for each proxy service. |
||
| cspPt1cClearTime | 1.3.6.1.4.1.9.9.370.1.17.1.1.1 | timestamp | read-only |
The last time when counters in this entry were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero. |
| cspPt1cFullHandShake | 1.3.6.1.4.1.9.9.370.1.17.1.1.2 | counter32 | read-only |
The total number of TLS 1.0 full handshakes completed. |
| cspPt1cResumedHandShake | 1.3.6.1.4.1.9.9.370.1.17.1.1.3 | counter32 | read-only |
The total number of TLS 1.0 resumed handshakes completed. |
| cspPt1cHandShakeFailed | 1.3.6.1.4.1.9.9.370.1.17.1.1.4 | counter32 | read-only |
The total number of TLS 1.0 connections failed in handshake phase. |
| cspPt1cDataFailed | 1.3.6.1.4.1.9.9.370.1.17.1.1.5 | counter32 | read-only |
The total number of TLS 1.0 connections failed in data phase. |
| cspPt1cBadMacRcvd | 1.3.6.1.4.1.9.9.370.1.17.1.1.6 | counter32 | read-only |
The total number of received TLS 1.0 records which have bad MAC (Message Authentication Code). |
| cspPt1cPadErrors | 1.3.6.1.4.1.9.9.370.1.17.1.1.7 | counter32 | read-only |
The total number of received TLS 1.0 records which have pad errors. |
| cspPt1cRSArc4128md5 | 1.3.6.1.4.1.9.9.370.1.17.1.1.8 | counter32 | read-only |
The total number of TLS 1.0 connections that used the cipher suite RSA_WITH_RC4_128_MD5. |
| cspPt1cRSArc4128sha | 1.3.6.1.4.1.9.9.370.1.17.1.1.9 | counter32 | read-only |
The total number of TLS 1.0 connections that used the cipher suite RSA_WITH_RC4_128_SHA. |
| cspPt1cRSAdescbcsha | 1.3.6.1.4.1.9.9.370.1.17.1.1.10 | counter32 | read-only |
The total number of TLS 1.0 connections that used the cipher suite RSA_WITH_DES_CBC_SHA. |
| cspPt1cRSA3desedecbcsha | 1.3.6.1.4.1.9.9.370.1.17.1.1.11 | counter32 | read-only |
The total number of TLS 1.0 connections that used the cipher suite RSA_WITH_3DES_EDE_CBC_SHA. |
| cspCpuStatusInfo | 1.3.6.1.4.1.9.9.370.1.18 | |||
| cspCpuStatusTable | 1.3.6.1.4.1.9.9.370.1.18.1 | no-access |
A list of CPU status information entries. |
|
| 1.3.6.1.4.1.9.9.370.1.18.1.1 | no-access |
The CPU status information entry. Each entry displays the operational status and usage information about one CPU on the proxy device. A proxy device can have one or more CPU's. |
||
| cspCpuName | 1.3.6.1.4.1.9.9.370.1.18.1.1.1 | snmpadminstring | no-access |
The unique name of a CPU on the proxy device. |
| cspCpuStatus | 1.3.6.1.4.1.9.9.370.1.18.1.1.2 | integer | read-only |
The operational status of the CPU. Enumeration: 'down': 2, 'up': 1. |
| cspCpuClearTime | 1.3.6.1.4.1.9.9.370.1.18.1.1.3 | timestamp | read-only |
The last time when the CPU counters were cleared. If the proxy device does not allow these counters to be cleared, the timestamp should have a value of zero. |
| cspCpuProcessUtil | 1.3.6.1.4.1.9.9.370.1.18.1.1.4 | gauge32 | read-only |
The percentage of CPU time utilized at process level. |
| cspCpuInterruptUtil | 1.3.6.1.4.1.9.9.370.1.18.1.1.5 | gauge32 | read-only |
The percentage of CPU time utilized at interrupt level. |
| cspCpuProcessUtilIn5Sec | 1.3.6.1.4.1.9.9.370.1.18.1.1.6 | gauge32 | read-only |
The percentage of CPU time utilized at process level within the past five seconds. |
| cspCpuProcessUtilIn1Min | 1.3.6.1.4.1.9.9.370.1.18.1.1.7 | gauge32 | read-only |
The percentage of CPU time utilized at process level within the past minute. |
| cspCpuProcessUtilIn5Min | 1.3.6.1.4.1.9.9.370.1.18.1.1.8 | gauge32 | read-only |
The percentage of CPU time utilized at process level within the past five minutes. |
| cspCpuInterruptUtilIn5Sec | 1.3.6.1.4.1.9.9.370.1.18.1.1.9 | gauge32 | read-only |
The percentage of CPU time utilized at interrupt level within the past five seconds. |
| cspCpuInterruptUtilIn1Min | 1.3.6.1.4.1.9.9.370.1.18.1.1.10 | gauge32 | read-only |
The percentage of CPU time utilized at interrupt level within the past minute. |
| cspCpuInterruptUtilIn5Min | 1.3.6.1.4.1.9.9.370.1.18.1.1.11 | gauge32 | read-only |
The percentage of CPU time utilized at interrupt level within the past five minutes. |
| cspHttpHeaderInsertedInfo | 1.3.6.1.4.1.9.9.370.1.19 | |||
| cspHttpHeaderInsertedSslInfoStats | 1.3.6.1.4.1.9.9.370.1.19.1 | |||
| cspNumOfSslInfoSuccessInserted | 1.3.6.1.4.1.9.9.370.1.19.1.1 | counter32 | read-only |
This object represents the total number of times SSL headers were successfully inserted. The number of individual SSL session headers and SSL server header within a SSL header insertion are not counted separately. |
| cspNumOfSslInfoFailedInserted | 1.3.6.1.4.1.9.9.370.1.19.1.2 | counter32 | read-only |
This object represents the number of failed insertions of SSL information into HTTP headers. |
| cspNumOfSpoofHttpHeaderDeleted | 1.3.6.1.4.1.9.9.370.1.19.1.3 | counter32 | read-only |
This object represents the number of times a header in the incoming HTTP request was deleted because of possible header spoofing. |
| cspNumOfSslSessHeaderExtracted | 1.3.6.1.4.1.9.9.370.1.19.1.4 | counter32 | read-only |
This object represents the number of SSL session headers extracted. |
| cspNumOfSslSessHeaderFailedExtracted | 1.3.6.1.4.1.9.9.370.1.19.1.5 | counter32 | read-only |
This object represents the number of SSL session headers that failed to be extracted. |
| cspNumOfSslServerCertHeaderExtracted | 1.3.6.1.4.1.9.9.370.1.19.1.6 | counter32 | read-only |
This object represents the total number of SSL server certificate headers extracted successfully. |
| cspNumOfSslServerCerHeaderFailedExtracted | 1.3.6.1.4.1.9.9.370.1.19.1.7 | counter32 | read-only |
This object represents the number of SSL server certificate headers that failed to be extracted. |
| cspNumOfTimesSslHeaderTruncated | 1.3.6.1.4.1.9.9.370.1.19.1.8 | counter32 | read-only |
This object represents the number of times SSL headers were truncated because the size of SSL data inserted exceeds maximum length value. |
| cspHttpHeaderInsertedSslClientCertStats | 1.3.6.1.4.1.9.9.370.1.19.2 | |||
| cspNumOfSslClientCertHeaderExtracted | 1.3.6.1.4.1.9.9.370.1.19.2.1 | counter32 | read-only |
This object represents the total number of SSL client certificate headers extracted successfully. |
| cspNumOfSslClientCertHeaderFailedExtracted | 1.3.6.1.4.1.9.9.370.1.19.2.2 | counter32 | read-only |
This object represents the number of SSL client certificate headers that failed to be extracted. |
| cspHttpRedirectInfo | 1.3.6.1.4.1.9.9.370.1.20 | |||
| cspHttpRedirectClientCertAuthFailedStats | 1.3.6.1.4.1.9.9.370.1.20.1 | |||
| cspCertNotYetValidRedirect | 1.3.6.1.4.1.9.9.370.1.20.1.1 | counter32 | read-only |
This object represents the number of HTTP redirects with reason client certificate is not valid yet. |
| cspCertExpiredRedirect | 1.3.6.1.4.1.9.9.370.1.20.1.2 | counter32 | read-only |
This object represents the number of HTTP redirects with reason expired client certificate. |
| cspIssuerCertNotFoundRedirect | 1.3.6.1.4.1.9.9.370.1.20.1.3 | counter32 | read-only |
This object represents the number of HTTP redirects because issuer certificate could not be found. This occurs if the issuer certificate of an untrusted certificate cannot be found. |
| cspCertRevokedRedirect | 1.3.6.1.4.1.9.9.370.1.20.1.4 | counter32 | read-only |
This object represents the number of HTTP redirects with reason revoked client certificate. |
| cspNoClientCertSentRedirect | 1.3.6.1.4.1.9.9.370.1.20.1.5 | counter32 | read-only |
This object represents the number of HTTP redirects with reason client certificate was not sent. |
| cspNoCrlAvailableRedirect | 1.3.6.1.4.1.9.9.370.1.20.1.6 | counter32 | read-only |
This object represents the number of HTTP redirects with reason no CRL available during revocation check. |
| cspCrlExpiredRedirect | 1.3.6.1.4.1.9.9.370.1.20.1.7 | counter32 | read-only |
This object represents the number of HTTP redirects with reason CRL expired during revocation check. |
| cspCertSignatureFailedRedirect | 1.3.6.1.4.1.9.9.370.1.20.1.8 | counter32 | read-only |
This object represents the number of HTTP redirects with reason invalid certificate signature. |
| cspOtherCertErrorRedirect | 1.3.6.1.4.1.9.9.370.1.20.1.9 | counter32 | read-only |
This object represents the number of HTTP redirects with reason other certificate errors. |
| cspSslResourceNotifInfo | 1.3.6.1.4.1.9.9.370.1.21 | |||
| cspSslTrapType | 1.3.6.1.4.1.9.9.370.1.21.1 | integer | no-access |
This object indicates the type of trap issued by cspSSLResourceLimitReached notification. Enumeration: 'risingHighThresh': 1, 'fallingHighThresh': 3. |
| cspSslMaxConn | 1.3.6.1.4.1.9.9.370.1.21.2 | unsigned32 | read-write |
This object specifies the maximum allowed SSL (SSLv3 and TLSv1) connections per system as configured by the user. |
| cspSslActiveConn | 1.3.6.1.4.1.9.9.370.1.21.3 | gauge32 | read-only |
This object indicates the active SSL (SSLv3 and TLSv1) connections per system. |
| cspSslConfigHighConnPcnt | 1.3.6.1.4.1.9.9.370.1.21.4 | unsigned32 | read-write |
This object specifies the percentage of the maximum SSL connections per system as configured by the user. |
| cspSslActiveConnPcnt | 1.3.6.1.4.1.9.9.370.1.21.5 | unsigned32 | read-only |
This object indicates the percentage of the active SSL connections per system based on cspSslActiveConn. The notification will be send when the cspSslActiveConnPcnt count exceeds cspSslConfigHighConnPcnt. |
| cspSslConfigWatermarkConnPcnt | 1.3.6.1.4.1.9.9.370.1.21.6 | unsigned32 | read-write |
This object specifies the SSL connections watermark threshold value (in percentage) per system allowed as configured by the user. The value of cspSslConfigWatermarkPcnt should be less than cspSslConfigHighConnPcnt. |
| cspMIBConformance | 1.3.6.1.4.1.9.9.370.2 | |||
| cspMIBCompliances | 1.3.6.1.4.1.9.9.370.2.1 | |||
| cspMIBCompliance | 1.3.6.1.4.1.9.9.370.2.1.1 |
The compliance statement for entities which implement the Cisco SSL Proxy MIB. |
||
| cspMIBComplianceRev1 | 1.3.6.1.4.1.9.9.370.2.1.2 |
The compliance statement for entities which implement the Cisco SSL Proxy MIB. |
||
| cspMIBComplianceRev2 | 1.3.6.1.4.1.9.9.370.2.1.3 |
The compliance statement for entities which implement the Cisco SSL Proxy MIB. |
||
| cspMIBGroups | 1.3.6.1.4.1.9.9.370.2.2 | |||
| cspGlobalConfigGroup | 1.3.6.1.4.1.9.9.370.2.2.1 |
A collection of global configuration objects. |
||
| cspProxyServiceConfigGroup | 1.3.6.1.4.1.9.9.370.2.2.2 |
A collection of configuration objects for a proxy service. |
||
| cspPolicyConfigGroup | 1.3.6.1.4.1.9.9.370.2.2.3 |
A collection of configuration objects for a policy. |
||
| cspTcpGroup | 1.3.6.1.4.1.9.9.370.2.2.4 |
A collection of TCP protocol objects. |
||
| cspSslGroup | 1.3.6.1.4.1.9.9.370.2.2.5 |
A collection of SSL handshake protocol statistics. |
||
| cspSsl3Group | 1.3.6.1.4.1.9.9.370.2.2.6 |
A collection of SSL 3.0 protocol statistics. |
||
| cspTls1Group | 1.3.6.1.4.1.9.9.370.2.2.7 |
A collection of TLS 1.0 protocol statistics. |
||
| cspSslCryptoGroup | 1.3.6.1.4.1.9.9.370.2.2.8 |
A collection of cryptographic statistics. |
||
| cspSslErrorGroup | 1.3.6.1.4.1.9.9.370.2.2.9 |
A collection of SSL protocol error counters. |
||
| cspProxyServiceStatsGroup | 1.3.6.1.4.1.9.9.370.2.2.10 |
A collection of proxy service statistics. |
||
| cspProxyServiceSsl3Group | 1.3.6.1.4.1.9.9.370.2.2.11 |
A collection of SSL 3.0 statistics for a proxy service. |
||
| cspProxyServiceTls1Group | 1.3.6.1.4.1.9.9.370.2.2.12 |
A collection of TLS 1.0 statistics for a proxy service. |
||
| cspCpuStatusGroup | 1.3.6.1.4.1.9.9.370.2.2.13 |
A collection of statuses and usage information about each CPU on the SSL proxy device. |
||
| cspProxyServiceNotificationGroup | 1.3.6.1.4.1.9.9.370.2.2.14 |
A collection of notifications for signaling important proxy service events. |
||
| cspHttpHeaderInsertedSslInfoGroup | 1.3.6.1.4.1.9.9.370.2.2.15 |
A collection of stats related to the insertion of SSL session and SSL server certificate information into HTTP header. |
||
| cspHttpHeaderInsertedSslClientCertGroup | 1.3.6.1.4.1.9.9.370.2.2.16 |
A collection of stats related to the insertion of SSL client certificate information into HTTP header. |
||
| cspHttpRedirectInfoGroup | 1.3.6.1.4.1.9.9.370.2.2.17 |
A collection of counters for http redirect due to client certificate authentication failure type. |
||
| cspSslResourceLimitNotifObjectsGroup | 1.3.6.1.4.1.9.9.370.2.2.18 |
Collection of the objects for connection notification related configuration and information. |
||
| cspSslResourceLimitNotifGroup | 1.3.6.1.4.1.9.9.370.2.2.19 |
A collection of notifications for signaling important resource limit exceed signalling. |
||