EXTREME-IP-SECURITY-MIB: View SNMP OID List / Download MIB

VENDOR: EXTREME NETWORKS


 Home MIB: EXTREME-IP-SECURITY-MIB
Download as:   
SNMPv2-CONFSNMPv2-SMIINET-ADDRESS-MIBEXTREME-BASE-MIBSNMPv2-TC

Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
Keep in mind that standard MIB files can be successfully loaded by systems and programs only if all the required MIB's from the "Imports" section are already loaded.
The tree-like SNMP object navigator requires no explanations because it is very simple to use. And if you stumbled on this MIB from Google note that you can always go back to the home page if you need to perform another MIB or OID lookup.


Object Name OID Type Access Info
 extremeIpSecurity 1.3.6.1.4.1.1916.1.34
Extreme IP Security MIB
       extremeIpSecurityTraps 1.3.6.1.4.1.1916.1.34.1
           extremeIpSecurityTrapsPrefix 1.3.6.1.4.1.1916.1.34.1.0
               extremeIpSecurityViolation 1.3.6.1.4.1.1916.1.34.1.0.1
For vlans/ports on which one or more of the IP Security features have been enabled, this trap will be generated when a packet received on that vlan/port is in violation of the configured IP Security protections
           extremeIpSecurityVlanIfIndex 1.3.6.1.4.1.1916.1.34.1.1 integer32 no-access
The ifIndex of the VLAN on which the violating packet was received.
           extremeIpSecurityVlanDescr 1.3.6.1.4.1.1916.1.34.1.2 displaystring no-access
The description(name) of the VLAN on which the violating packet was received.
           extremeIpSecurityPortIfIndex 1.3.6.1.4.1.1916.1.34.1.3 integer32 no-access
The ifIndex of the port on which the violating packet was received.
           extremeIpSecurityIpAddr 1.3.6.1.4.1.1916.1.34.1.4 ipaddress no-access
Source IP address of the violating packet
           extremeIpSecurityMacAddress 1.3.6.1.4.1.1916.1.34.1.5 macaddress no-access
Source MAC address from the ethernet header of the violating packet
           extremeIpSecurityViolationType 1.3.6.1.4.1.1916.1.34.1.6 integer no-access
The type of IP Security violation that occurred - rogueDhcpServerPacket(1) A rogue DHCP server packet was received. - badIpMacBindingInArpPacket(2) The IP-MAC binding received in the ARP packet does not exist in the DHCP Bindings table or is incorrect. - badIpInArpPacket(3) The Source IP address in the ARP payload is invalid. - badMacInArpPacket(4) One of the MAC addresses in the ARP payload does not match with its counterpart in the ethernet header. - bcastSenderIpInArpPacket(5) The Sender IP address in the ARP payload is Broadcast. - bcastTargetIpInArpPacket(6) The Target IP address in the ARP payload is Broadcast. Enumeration: 'bcastSenderIpInArpPacket': 5, 'badIpInArpPacket': 3, 'badMacInArpPacket': 4, 'rogueDhcpServerPacket': 1, 'badIpMacBindingInArpPacket': 2, 'bcastTargetIpInArpPacket': 6.
       extremeIpSecurityAnomalyTraps 1.3.6.1.4.1.1916.1.34.2
           extremeIpSecurityAnomalyTrapsPrefix 1.3.6.1.4.1.1916.1.34.2.0
               extremeIpSecurityAnomalyIpViolation 1.3.6.1.4.1.1916.1.34.2.0.1
For ports on which the protocol anomaly protection IP features has been enabled, this trap will be generated when a packet received on that port if the packet's source IP == destination IP
               extremeIpSecurityAnomalyL4PortViolation 1.3.6.1.4.1.1916.1.34.2.0.2
For ports on which the protocol anomaly protection L4port features has been enabled, this trap will be generated when a packet received on that port if 1) the packet is a TCP or UDP packetr. AND 2) its source L4 port == destination port
               extremeIpSecurityAnomalyTcpFlagViolation 1.3.6.1.4.1.1916.1.34.2.0.3
For ports on which the protocol anomaly protection TCP flags features has been enabled, this trap will be generated when a TCP packet received on that port if 1) (TCP flag SYN is set) and (its TCP source port < 1024). OR 2) (TCP flag == 0) and (TCP seq # == 0). OR 3) (TCP flag FIN/URG/PSH bits sre set) and (TCP seq # == 0). OR 4) Both TCP iflag SYN and FIN are set
               extremeIpSecurityAnomalyTcpFragmentViolation 1.3.6.1.4.1.1916.1.34.2.0.4
For ports on which the protocol anomaly protection TCP fragment features has been enabled, this trap will be generated when a packet received on that port if 1) the packet is a TCP, and its size of the TCP header is less than pre-configured value; or 2) the packet is a TCP and it is a IP fragmented packet (IP offset != 0)
               extremeIpSecurityAnomalyIcmpViolation 1.3.6.1.4.1.1916.1.34.2.0.5
For ports on which the protocol anomaly protection ICMP features has been enabled, this trap will be generated when an ICMP packet received on that port if 1) the size of ICMP (IP payload) is large thant pre-configured value; or 2) it is a fragmented IP/ICMP packet (IP offset != 0)
           esAnomalyPortIfIndex 1.3.6.1.4.1.1916.1.34.2.1 integer32 no-access
The ifIndex of the port on which the violating packet was received.
           esAnomalyVlanIfIndex 1.3.6.1.4.1.1916.1.34.2.2 integer32 no-access
The ifIndex of the VLAN on which the violating packet was received.
           esAnomalyVlanDescr 1.3.6.1.4.1.1916.1.34.2.3 displaystring no-access
The description(name) of the VLAN on which the violating packet was received.
           esAnomalySrcMacAddress 1.3.6.1.4.1.1916.1.34.2.4 macaddress no-access
Source MAC address in the violating packet
           esAnomalyDestMacAddress 1.3.6.1.4.1.1916.1.34.2.5 macaddress no-access
Destination MAC address in the violating packet
           esAnomalySrcIpAddrType 1.3.6.1.4.1.1916.1.34.2.6 inetaddresstype no-access
source IP address type: ipv4 or ipv6
           esAnomalySrcIpAddr 1.3.6.1.4.1.1916.1.34.2.7 inetaddress no-access
source IP address in the violating packet
           esAnomalyDestIpAddrType 1.3.6.1.4.1.1916.1.34.2.8 inetaddresstype no-access
destination IP address type: ipv4 or ipv6
           esAnomalyDestIpAddr 1.3.6.1.4.1.1916.1.34.2.9 inetaddress no-access
destination IP address in the violating packet
           esAnomalyIpProto 1.3.6.1.4.1.1916.1.34.2.10 ipprotocol no-access
IP protocol in the violating packet
           esAnomalySrcL4Port 1.3.6.1.4.1.1916.1.34.2.11 inetportnumber no-access
tcp/udp source port number in the violating packet
           esAnomalyDestL4Port 1.3.6.1.4.1.1916.1.34.2.12 inetportnumber no-access
tcp/udp destination port in the violating packet
           esAnomalyTcpFlag 1.3.6.1.4.1.1916.1.34.2.13 hexoctet no-access
TCP flags in the violating packet
           esAnomalyTcpSeq 1.3.6.1.4.1.1916.1.34.2.14 integer32 no-access
TCP sequence number in the violating packet
           esAnomalyTcpHdrSize 1.3.6.1.4.1.1916.1.34.2.15 integer32 no-access
TCP Header size in the violating packet
           esAnomalyTcpFlagReason 1.3.6.1.4.1.1916.1.34.2.16 tcpflaganomalyreason no-access
TCP flag anomaly reason code
           esAnomalyIcmpReason 1.3.6.1.4.1.1916.1.34.2.17 icmpanomalyreason no-access
ICMP anomaly reason code
           esAnomalyVlanTag 1.3.6.1.4.1.1916.1.34.2.18 vlantag no-access
the vlan tag in the violating packet
           esAnomalyTcpFragmentReason 1.3.6.1.4.1.1916.1.34.2.19 tcpfragmentanomalyreason no-access
TCP fragment anomaly reason code