1FASTPATH-MGMT-SECURITY-MIB DEFINITIONS ::= BEGIN
2
3-- Broadcom Corporation FastPath Mgmt Security MIB
4-- Copyright Broadcom Corporation (2003-2007) All rights reserved.
5
6-- This SNMP Management Information Specification
7-- embodies Broadcom Corporation's confidential and proprietary
8-- intellectual property.  Broadcom Corporation retains all title
9-- and ownership in the Specification including any revisions.
10
11-- This Specification is supplied "AS IS", Broadcom Corporation
12-- makes no warranty, either expressed or implied,
13-- as to the use, operation, condition, or performance of the
14-- Specification.
15
16
17IMPORTS
18    MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
19    IpAddress, Integer32                FROM SNMPv2-SMI
20    fastPath                            FROM BROADCOM-REF-MIB
21    DisplayString                       FROM RFC1213-MIB
22    TruthValue                          FROM SNMPv2-TC;
23
24    fastPathMgmtSecurity MODULE-IDENTITY
25        LAST-UPDATED "200705230000Z" -- 23 May 2007 12:00:00 GMT
26        ORGANIZATION "Broadcom Corporation"
27        CONTACT-INFO
28          "                      Customer Support
29          Postal:                Broadcom Corporation
30                                 100, Perimeter Park Drive
31                                 Morrisville, NC 27560
32          Tel:                   +1 919 865 2700"
33        DESCRIPTION
34          "The Broadcom Private MIB for FastPath Security"
35
36        -- Revision history.
37        REVISION
38          "200705230000Z" -- 23 May 2007 12:00:00 GMT
39        DESCRIPTION
40          "Broadcom branding related changes."
41        REVISION
42          "200311210000Z" -- 21 Nov 2003 12:00:00 GMT
43        DESCRIPTION
44          "Initial revision."
45
46    ::= { fastPath 11 }
47
48
49    --**************************************************************************************
50    -- agentSSLConfigGroup
51    --
52    --**************************************************************************************
53
54    agentSSLConfigGroup                        OBJECT IDENTIFIER ::= { fastPathMgmtSecurity 1 }
55
56    agentSSLAdminMode OBJECT-TYPE
57         SYNTAX      INTEGER {
58                     enable(1),
59                     disable(2)
60                     }
61         MAX-ACCESS  read-write
62         STATUS      current
63         DESCRIPTION
64                     "Configures whether the SSL service is enabled on this switch.  The
65                      default value is disable(2)."
66         ::= { agentSSLConfigGroup 1 }
67
68    agentSSLSecurePort OBJECT-TYPE
69         SYNTAX      Integer32 (1..65535)
70         MAX-ACCESS  read-write
71         STATUS      current
72         DESCRIPTION
73                     "Configures the port the SSL service will respond on.  The default
74                      value is 443."
75         ::= { agentSSLConfigGroup 2 }
76
77    agentSSLProtocolLevel OBJECT-TYPE
78         SYNTAX      INTEGER {
79                     ssl30(1), -- SSL 3.0
80                     tls10(2), -- TSL 1.0
81                     both(3)
82                     }
83         MAX-ACCESS  read-only
84         STATUS      current
85         DESCRIPTION
86                     "Displays which protocol versions of SSL are enabled on this
87                     switch.  The default value is both(3)."
88         ::= { agentSSLConfigGroup 3 }
89
90    agentSSLMaxSessions OBJECT-TYPE
91         SYNTAX      Integer32 (0..16)
92         MAX-ACCESS  read-write
93         STATUS      current
94         DESCRIPTION
95                     "Configures the maximum number of allowable SSL sessions.  The default
96                      value is 16."
97         ::= { agentSSLConfigGroup 4 }
98
99    agentSSLHardTimeout OBJECT-TYPE
100         SYNTAX      Integer32 (1..168)
101         MAX-ACCESS  read-write
102         STATUS      current
103         DESCRIPTION
104                     "Configures the hard timeout for SSL sessions in hours.  The default
105                      value is 24 hours."
106         ::= { agentSSLConfigGroup 5 }
107
108    agentSSLSoftTimeout OBJECT-TYPE
109         SYNTAX      Integer32 (1..60)
110         MAX-ACCESS  read-write
111         STATUS      current
112         DESCRIPTION
113                     "Configures the soft (activity) timeout for SSL sessions in minutes.
114                      The default value is 5 minutes."
115         ::= { agentSSLConfigGroup 6 }
116
117    agentSSLCertificatePresent OBJECT-TYPE
118         SYNTAX      TruthValue
119         MAX-ACCESS  read-only
120         STATUS      current
121         DESCRIPTION
122                     "Boolean value indicating whether SSL certificate files exist on the device."
123         ::= { agentSSLConfigGroup 7 }
124
125    agentSSLCertificateControl OBJECT-TYPE
126         SYNTAX      INTEGER {
127                     noop(1),
128                     generate(2),
129                     delete(3)
130                     }
131         MAX-ACCESS  read-write
132         STATUS      current
133         DESCRIPTION
134                     "Controls certificate generation and deletion. Always returns noop(1)."
135         ::= { agentSSLConfigGroup 8 }
136
137    agentSSLCertificateGenerationStatus OBJECT-TYPE
138         SYNTAX      TruthValue
139         MAX-ACCESS  read-only
140         STATUS      current
141         DESCRIPTION
142                     "Indicates whether certificate files are currently being generated."
143         ::= { agentSSLConfigGroup 9 }
144
145    --**************************************************************************************
146    -- agentSSHConfigGroup
147    --
148    --**************************************************************************************
149
150    agentSSHConfigGroup                        OBJECT IDENTIFIER ::= { fastPathMgmtSecurity 2 }
151
152    agentSSHAdminMode OBJECT-TYPE
153         SYNTAX      INTEGER {
154                     enable(1),
155                     disable(2)
156                     }
157         MAX-ACCESS  read-write
158         STATUS      current
159         DESCRIPTION
160                     "Configures whether the SSH service is enabled on this switch.  The
161                      default value is disable(2)."
162         ::= { agentSSHConfigGroup 1 }
163
164    agentSSHProtocolLevel OBJECT-TYPE
165         SYNTAX      INTEGER {
166                     ssh10(1), -- SSH 1.0
167                     ssh20(2), -- SSH 2.0
168                     both(3)
169                     }
170         MAX-ACCESS  read-only
171         STATUS      current
172         DESCRIPTION
173                     "Displays which protocol versions of SSH are enabled on this
174                     switch.  The default value is both(3)."
175         ::= { agentSSHConfigGroup 2 }
176
177    agentSSHSessionsCount OBJECT-TYPE
178         SYNTAX      Integer32
179         MAX-ACCESS  read-only
180         STATUS      current
181         DESCRIPTION
182                     "Current number of active SSH sessions on this switch."
183         ::= { agentSSHConfigGroup 3 }
184
185   agentSSHMaxSessionsCount OBJECT-TYPE
186         SYNTAX       Integer32 (0..5)
187         MAX-ACCESS   read-write
188         STATUS       current
189         DESCRIPTION
190                     "Max number of SSH sessions permitted on this switch."
191         ::= { agentSSHConfigGroup 4 }
192
193   agentSSHSessionTimeout OBJECT-TYPE
194         SYNTAX       Integer32 (1..3932159)
195         MAX-ACCESS   read-write
196         STATUS       current
197         DESCRIPTION
198                     "SSH idle timeout value for this switch in seconds.  The
199                     upper limit represents 65535 minutes and 59 seconds."
200         ::= { agentSSHConfigGroup 5 }
201
202    agentSSHKeysPresent OBJECT-TYPE
203         SYNTAX      INTEGER {
204                     dsa(1),
205                     rsa(2),
206                     both(3),
207                     none(4)
208                     }
209         MAX-ACCESS  read-only
210         STATUS      current
211         DESCRIPTION
212                     "Indicates what key files are present on the device, if any."
213         ::= { agentSSHConfigGroup 6 }
214
215    agentSSHKeyGenerationStatus OBJECT-TYPE
216         SYNTAX      INTEGER {
217                     dsa(1),
218                     rsa(2),
219                     both(3),
220                     none(4)
221                     }
222         MAX-ACCESS  read-only
223         STATUS      current
224         DESCRIPTION
225                     "Indicates what key files are currently being generated, if any."
226         ::= { agentSSHConfigGroup 7 }
227
228    agentSSHRSAKeyControl OBJECT-TYPE
229         SYNTAX      INTEGER {
230                     noop(1),
231                     generate(2),
232                     delete(3)
233                     }
234         MAX-ACCESS  read-write
235         STATUS      current
236         DESCRIPTION
237                     "Controls RSA key generation and deletion.  Always returns noop(1)."
238         ::= { agentSSHConfigGroup 8 }
239
240    agentSSHDSAKeyControl OBJECT-TYPE
241         SYNTAX      INTEGER {
242                     noop(1),
243                     generate(2),
244                     delete(3)
245                     }
246         MAX-ACCESS  read-write
247         STATUS      current
248         DESCRIPTION
249                     "Controls DSA key generation and deletion.  Always returns noop(1)."
250         ::= { agentSSHConfigGroup 9 }
251
252END
253