EXTREME-IP-SECURITY-MIB: View SNMP OID List / Download MIB
VENDOR: EXTREME NETWORKS
Home | MIB: EXTREME-IP-SECURITY-MIB | |||
---|---|---|---|---|
Download as: |
Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
|
|||
Object Name | OID | Type | Access | Info |
extremeIpSecurity | 1.3.6.1.4.1.1916.1.34 |
Extreme IP Security MIB |
||
extremeIpSecurityTraps | 1.3.6.1.4.1.1916.1.34.1 | |||
extremeIpSecurityTrapsPrefix | 1.3.6.1.4.1.1916.1.34.1.0 | |||
extremeIpSecurityViolation | 1.3.6.1.4.1.1916.1.34.1.0.1 |
For vlans/ports on which one or more of the IP Security features have been enabled, this trap will be generated when a packet received on that vlan/port is in violation of the configured IP Security protections |
||
extremeIpSecurityVlanIfIndex | 1.3.6.1.4.1.1916.1.34.1.1 | integer32 | no-access |
The ifIndex of the VLAN on which the violating packet was received. |
extremeIpSecurityVlanDescr | 1.3.6.1.4.1.1916.1.34.1.2 | displaystring | no-access |
The description(name) of the VLAN on which the violating packet was received. |
extremeIpSecurityPortIfIndex | 1.3.6.1.4.1.1916.1.34.1.3 | integer32 | no-access |
The ifIndex of the port on which the violating packet was received. |
extremeIpSecurityIpAddr | 1.3.6.1.4.1.1916.1.34.1.4 | ipaddress | no-access |
Source IP address of the violating packet |
extremeIpSecurityMacAddress | 1.3.6.1.4.1.1916.1.34.1.5 | macaddress | no-access |
Source MAC address from the ethernet header of the violating packet |
extremeIpSecurityViolationType | 1.3.6.1.4.1.1916.1.34.1.6 | integer | no-access |
The type of IP Security violation that occurred - rogueDhcpServerPacket(1) A rogue DHCP server packet was received. - badIpMacBindingInArpPacket(2) The IP-MAC binding received in the ARP packet does not exist in the DHCP Bindings table or is incorrect. - badIpInArpPacket(3) The Source IP address in the ARP payload is invalid. - badMacInArpPacket(4) One of the MAC addresses in the ARP payload does not match with its counterpart in the ethernet header. - bcastSenderIpInArpPacket(5) The Sender IP address in the ARP payload is Broadcast. - bcastTargetIpInArpPacket(6) The Target IP address in the ARP payload is Broadcast. Enumeration: 'bcastSenderIpInArpPacket': 5, 'badIpInArpPacket': 3, 'badMacInArpPacket': 4, 'rogueDhcpServerPacket': 1, 'badIpMacBindingInArpPacket': 2, 'bcastTargetIpInArpPacket': 6. |
extremeIpSecurityAnomalyTraps | 1.3.6.1.4.1.1916.1.34.2 | |||
extremeIpSecurityAnomalyTrapsPrefix | 1.3.6.1.4.1.1916.1.34.2.0 | |||
extremeIpSecurityAnomalyIpViolation | 1.3.6.1.4.1.1916.1.34.2.0.1 |
For ports on which the protocol anomaly protection IP features has been enabled, this trap will be generated when a packet received on that port if the packet's source IP == destination IP |
||
extremeIpSecurityAnomalyL4PortViolation | 1.3.6.1.4.1.1916.1.34.2.0.2 |
For ports on which the protocol anomaly protection L4port features has been enabled, this trap will be generated when a packet received on that port if 1) the packet is a TCP or UDP packetr. AND 2) its source L4 port == destination port |
||
extremeIpSecurityAnomalyTcpFlagViolation | 1.3.6.1.4.1.1916.1.34.2.0.3 |
For ports on which the protocol anomaly protection TCP flags features has been enabled, this trap will be generated when a TCP packet received on that port if 1) (TCP flag SYN is set) and (its TCP source port < 1024). OR 2) (TCP flag == 0) and (TCP seq # == 0). OR 3) (TCP flag FIN/URG/PSH bits sre set) and (TCP seq # == 0). OR 4) Both TCP iflag SYN and FIN are set |
||
extremeIpSecurityAnomalyTcpFragmentViolation | 1.3.6.1.4.1.1916.1.34.2.0.4 |
For ports on which the protocol anomaly protection TCP fragment features has been enabled, this trap will be generated when a packet received on that port if 1) the packet is a TCP, and its size of the TCP header is less than pre-configured value; or 2) the packet is a TCP and it is a IP fragmented packet (IP offset != 0) |
||
extremeIpSecurityAnomalyIcmpViolation | 1.3.6.1.4.1.1916.1.34.2.0.5 |
For ports on which the protocol anomaly protection ICMP features has been enabled, this trap will be generated when an ICMP packet received on that port if 1) the size of ICMP (IP payload) is large thant pre-configured value; or 2) it is a fragmented IP/ICMP packet (IP offset != 0) |
||
esAnomalyPortIfIndex | 1.3.6.1.4.1.1916.1.34.2.1 | integer32 | no-access |
The ifIndex of the port on which the violating packet was received. |
esAnomalyVlanIfIndex | 1.3.6.1.4.1.1916.1.34.2.2 | integer32 | no-access |
The ifIndex of the VLAN on which the violating packet was received. |
esAnomalyVlanDescr | 1.3.6.1.4.1.1916.1.34.2.3 | displaystring | no-access |
The description(name) of the VLAN on which the violating packet was received. |
esAnomalySrcMacAddress | 1.3.6.1.4.1.1916.1.34.2.4 | macaddress | no-access |
Source MAC address in the violating packet |
esAnomalyDestMacAddress | 1.3.6.1.4.1.1916.1.34.2.5 | macaddress | no-access |
Destination MAC address in the violating packet |
esAnomalySrcIpAddrType | 1.3.6.1.4.1.1916.1.34.2.6 | inetaddresstype | no-access |
source IP address type: ipv4 or ipv6 |
esAnomalySrcIpAddr | 1.3.6.1.4.1.1916.1.34.2.7 | inetaddress | no-access |
source IP address in the violating packet |
esAnomalyDestIpAddrType | 1.3.6.1.4.1.1916.1.34.2.8 | inetaddresstype | no-access |
destination IP address type: ipv4 or ipv6 |
esAnomalyDestIpAddr | 1.3.6.1.4.1.1916.1.34.2.9 | inetaddress | no-access |
destination IP address in the violating packet |
esAnomalyIpProto | 1.3.6.1.4.1.1916.1.34.2.10 | ipprotocol | no-access |
IP protocol in the violating packet |
esAnomalySrcL4Port | 1.3.6.1.4.1.1916.1.34.2.11 | inetportnumber | no-access |
tcp/udp source port number in the violating packet |
esAnomalyDestL4Port | 1.3.6.1.4.1.1916.1.34.2.12 | inetportnumber | no-access |
tcp/udp destination port in the violating packet |
esAnomalyTcpFlag | 1.3.6.1.4.1.1916.1.34.2.13 | hexoctet | no-access |
TCP flags in the violating packet |
esAnomalyTcpSeq | 1.3.6.1.4.1.1916.1.34.2.14 | integer32 | no-access |
TCP sequence number in the violating packet |
esAnomalyTcpHdrSize | 1.3.6.1.4.1.1916.1.34.2.15 | integer32 | no-access |
TCP Header size in the violating packet |
esAnomalyTcpFlagReason | 1.3.6.1.4.1.1916.1.34.2.16 | tcpflaganomalyreason | no-access |
TCP flag anomaly reason code |
esAnomalyIcmpReason | 1.3.6.1.4.1.1916.1.34.2.17 | icmpanomalyreason | no-access |
ICMP anomaly reason code |
esAnomalyVlanTag | 1.3.6.1.4.1.1916.1.34.2.18 | vlantag | no-access |
the vlan tag in the violating packet |
esAnomalyTcpFragmentReason | 1.3.6.1.4.1.1916.1.34.2.19 | tcpfragmentanomalyreason | no-access |
TCP fragment anomaly reason code |