Академический Документы
Профессиональный Документы
Культура Документы
REFERENCIAS:
http://www.cisco.com/en/US/docs/security/ips/7.0/installation/guide/hw_troublesh
ooting.html#wpmkr1315148
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en
Supported MIBs
CISCO-CIDS-MIB
Description:
"Cisco Intrusion Detection System MIB.
Provides trap definitions for the evAlert and evError
elements of the IDIOM (Intrusion Detection and
Operations Messages) document and read support
for the Intrusion Detection System (sensor)
health information, such as if the sensor is
in a memory critical stage."
CISCO-PROCESS-MIB
Description:
"The MIB module to describe active system processes.
Virtual Machine refers to those OS which can run the
code or process of a different executional model OS.
Virtual Process assume the executional model
of a OS which is different from Native OS. Virtual
Processes are also referred as Tasks.
Thread is a sequence of instructions to be executed
within a program. Thread which adhere to POSIX standard
is referred as a POSIX thread."
CISCO-ENHANCED-MEMPOOL-MIB
Description:
"New MIB module for monitoring the memory pools
of all physical entities on a managed system."
CISCO-ENTITY-ALARM-MIB
Description:
"This MIB module defines the managed objects that support the
monitoring of alarms generated by physical entities contained
by the system, including chassis, slots, modules, ports, power
supplies, and fans. In order to monitor alarms generated by a
physical entity, it must be represented by a row in the
entPhysicalTable (see ENTITY-MIB)."
SSL MODULE:
http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ssl/2.1/rele
ase/notes/OL_5277.html
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en
CISCO-CRYPTO-ACCELERATOR-MIB
"The MIB module for monitoring the identity, status,
activity and faults of crypto accelerator (CA) modules
used in devices implementing security services.
The purpose of this MIB is to facilitate the following:
1) facilitate the discovery of hardware crypto
accelerator modules installed in a security device
2) monitor the activity, faults and performance of
hardware crypto accelerators and help the Network
Management Station (NMS) correlate the performance
of the CA modules with that of the security services
(IPsec, SSL, SSH, PKI etc) using the modules.
CISCO-ENTITY-FRU-CONTROL-MIB
"The CISCO-ENTITY-FRU-CONTROL-MIB is used to monitor
and configure operational status of
Field Replaceable Units (FRUs) and other managable
physical entities of the system listed in the
Entity-MIB (RFC 2737) entPhysicalTable.
FRUs include assemblies such as power supplies, fans,
processor modules, interface modules, etc."
CISCO-FIREWALL-MIB
MIB module for monitoring Cisco Firewalls.
CISCO-IPSEC-FLOW-MONITOR-MIB
"This is a MIB Module for monitoring the
structures in IPSec-based Virtual Private Networks.
The MIB has been designed to be adopted as an IETF
standard. Hence Cisco-specific features of IPSec
protocol are excluded from this MIB.
Acronyms
The following acronyms are used in this document:
IPSec: Secure IP Protocol
VPN: Virtual Private Network
ISAKMP: Internet Security Association and Key Exchange
Protocol
IKE: Internet Key Exchange Protocol
SA: Security Association
MM: Main Mode - the process of setting up
a Phase 1 SA to secure the exchanges
required to setup Phase 2 SAs
QM: Quick Mode - the process of setting up
Phase 2 Security Associations using
a Phase 1 SA.
CISCO-L4L7MODULE-RESOURCE-LIMIT-MIB
"The MIB module for managing resource classes
and configuring limits(max/min) to different
resources. The resource referenced in this MIB
are in addition to resource information availale
in other MIBs. This MIB is applicable to
L4-L7 modules which supports managing
resource limits using a centralized approach.
The resources (but not limited to) configured are
of following categories:
- TCP/IP Connections
- MAC Addresses
- syslog buffer, ACL Memmory
- NAT Translations etc
ciscoL4L7ResourceClassTable is used for adding/deleting
resource classes. Resource class is identified
by a name to which limits of multiple resources can
be configured.
ciscoL4L7ResourceLimitTable is used for adding/deleting
limits to resources in a resource class. This limit
is either maximum value and/or minimum value.
ciscoL4L7ResourceRateLimitTable is used for adding/deleting
rate limits to resources in a resource class.
Terminologies used:
ARP - Address Resolution Protocol.
ACL - Access Control List.
NAT - Network Address Translation.
NBAR - Network Based Application Recognition.
BPDU - Bridge Protocol Data Unit."
CISCO-MEMORY-POOL-MIB
MIB module for monitoring memory pools
CISCO-NAT-EXT-MIB
"The total number of address translation entries that
are currently available in the NAT device. This indicates
the aggregate of the translation entries created from
both the static and dynamic address translation
mechanisms.
CISCO-PROCESS-MIB
"The MIB module to describe active system processes.
Virtual Machine refers to those OS which can run the
code or process of a different executional model OS.
Virtual Process assume the executional model
of a OS which is different from Native OS. Virtual
Processes are also referred as Tasks.
Thread is a sequence of instructions to be executed
within a program. Thread which adhere to POSIX standard
is referred as a POSIX thread."
CISCO-REMOTE-ACCESS-MONITOR-MIB
Acronyms and Definitions
The following acronyms and terms are used in this
document:
IPSec: Secure IP Protocol
VPN: Virtual Private Network
RAS: Remote Access Service
ISP: Internet Service Provider.
LAN: Local Area Network
Group: A collection of remote access users grouped
and managed together as a single entity for
administrative convenience.
Session: A Remote Access Session.
ENTITY-MIB
"The MIB module for representing multiple logical
entities supported by a single SNMP agent.
Copyright (C) The Internet Society (2005). This
version of this MIB module is part of RFC 4133; see
the RFC itself for full legal notices."
IF-MIB
"The number of network interfaces (regardless of their
current state) present on this system."
NAT-MIB
"A unique id that is assigned to each session by
a NAT enabled device."
RFC1213-MIB
"Total information about the module hardware and software"
SNMPv2-MIB
"The MIB module for SNMP entities."
TCP-MIB
"Total innformation regarding TCP Connections"
UDP-MIB
"Total innformation regarding TCP Connections"
CISCO-IP-PROTOCOL-FILTER-MIB
"The MIB module is for management of information
to support packet filtering on IP protocols.
The cippfIpProfileTable allows users to create
delete, and get information about filter profiles.
Filter profiles are uniquely identified by the
profile names. Filter profiles can either be of
Simple or Extended usage types, and the usage type
cannot be changed once it has been created.
The cippfIfIpProfileTable applies the filtering
profiles to device interfaces running IP. A filter
profile can be applied to multiple interfaces.
The cippfIpFilterTable contains ordered lists of
IP filters for all the filtering profiles.
Filters and profiles are related if they are of
the same filter profile name. Filters can only
be created if their associated filter profiles
already exist in the cippfIpProfileTable.
Filters of the same profile name belongs to a
common profile.
The cippfIfIpProfileTable can be configured with
information independent from the other. However,
if the name of a profile in the cippfIfIpProfileTable
matches that of any profile in the
cippfIpProfileTable and the profile name of any
filter entry in the cippfIpFilterTable, the profile
is 'active' and the filter entry is being applied
to IP traffic passing through the attached device
interfaces. Therefore, any change to the filters
in the cippfIpFilterTable or the profile itself in
the cippfIpProfileTable will affect all the
attached interfaces."
IP-MIB
"Total innformation regarding IP Connections source & destination"
IP-FORWARD-MIB
"The MIB module for the management of CIDR multipath IP
Routes"
CISCO-IPSEC-FLOW-MONITOR-MIB
"This is a MIB Module for monitoring the
structures in IPSec-based Virtual Private Networks.
The MIB has been designed to be adopted as an IETF
standard. Hence Cisco-specific features of IPSec
protocol are excluded from this MIB.
Acronyms
The following acronyms are used in this document:
IPSec: Secure IP Protocol
VPN: Virtual Private Network
ISAKMP: Internet Security Association and Key Exchange
Protocol
IKE: Internet Key Exchange Protocol
SA: Security Association
MM: Main Mode - the process of setting up
a Phase 1 SA to secure the exchanges
required to setup Phase 2 SAs
QM: Quick Mode - the process of setting up
Phase 2 Security Associations using
a Phase 1 SA.
CISCO-GENERAL-TRAPS
A reload trap signifies that the sending
protocol entity is reinitializing itself such
that the agent s configuration or the protocol
entity implementation may be altered.
CISCO-ENTITY-REDUNDANCY-MIB
This management information module supports
configuration, control and monitoring of redundancy
protection for various kinds of components on
Cisco managed devices.
It is meant to be generic enough to handle basic
redundancy control and monitoring for many types of
redundant member components and redundancy architectures
as long as there is an Entity MIB entPhysicalIndex and
entPhysicalVendorType assigned to each member component.
It is designed so that the tables can be augmented in
other extension MIBS which build upon this MIB by
adding additional objects that may be specific to a
particular type of redundancy or member component.
This MIB can also be used in cases where some types of
redundancy groups and members don't require explicit
user configuration. One example may be redundant fan
assemblies. In those cases, the managed system should
internally assign group and member indexes, so that
it can provide read-only access to the group and member
tables. This allows MIB monitoring for these types of
redundant entities.
CISCO-ENTITY-ALARM-MIB
"This MIB module defines the managed objects that support the
monitoring of alarms generated by physical entities contained
by the system, including chassis, slots, modules, ports, power
supplies, and fans. In order to monitor alarms generated by a
physical entity, it must be represented by a row in the
entPhysicalTable (see ENTITY-MIB)."
ENTITY-MIB
"The MIB module for representing multiple logical
entities supported by a single SNMP agent.
Copyright (C) The Internet Society (2005). This
version of this MIB module is part of RFC 4133; see
the RFC itself for full legal notices."