1FASTPATH-MGMT-SECURITY-MIB DEFINITIONS ::= BEGIN 2 3-- Broadcom Corporation FastPath Mgmt Security MIB 4-- Copyright Broadcom Corporation (2003-2007) All rights reserved. 5 6-- This SNMP Management Information Specification 7-- embodies Broadcom Corporation's confidential and proprietary 8-- intellectual property. Broadcom Corporation retains all title 9-- and ownership in the Specification including any revisions. 10 11-- This Specification is supplied "AS IS", Broadcom Corporation 12-- makes no warranty, either expressed or implied, 13-- as to the use, operation, condition, or performance of the 14-- Specification. 15 16 17IMPORTS 18 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 19 IpAddress, Integer32 FROM SNMPv2-SMI 20 fastPath FROM BROADCOM-REF-MIB 21 DisplayString FROM RFC1213-MIB 22 TruthValue FROM SNMPv2-TC; 23 24 fastPathMgmtSecurity MODULE-IDENTITY 25 LAST-UPDATED "200705230000Z" -- 23 May 2007 12:00:00 GMT 26 ORGANIZATION "Broadcom Corporation" 27 CONTACT-INFO 28 " Customer Support 29 Postal: Broadcom Corporation 30 100, Perimeter Park Drive 31 Morrisville, NC 27560 32 Tel: +1 919 865 2700" 33 DESCRIPTION 34 "The Broadcom Private MIB for FastPath Security" 35 36 -- Revision history. 37 REVISION 38 "200705230000Z" -- 23 May 2007 12:00:00 GMT 39 DESCRIPTION 40 "Broadcom branding related changes." 41 REVISION 42 "200311210000Z" -- 21 Nov 2003 12:00:00 GMT 43 DESCRIPTION 44 "Initial revision." 45 46 ::= { fastPath 11 } 47 48 49 --************************************************************************************** 50 -- agentSSLConfigGroup 51 -- 52 --************************************************************************************** 53 54 agentSSLConfigGroup OBJECT IDENTIFIER ::= { fastPathMgmtSecurity 1 } 55 56 agentSSLAdminMode OBJECT-TYPE 57 SYNTAX INTEGER { 58 enable(1), 59 disable(2) 60 } 61 MAX-ACCESS read-write 62 STATUS current 63 DESCRIPTION 64 "Configures whether the SSL service is enabled on this switch. The 65 default value is disable(2)." 66 ::= { agentSSLConfigGroup 1 } 67 68 agentSSLSecurePort OBJECT-TYPE 69 SYNTAX Integer32 (1..65535) 70 MAX-ACCESS read-write 71 STATUS current 72 DESCRIPTION 73 "Configures the port the SSL service will respond on. The default 74 value is 443." 75 ::= { agentSSLConfigGroup 2 } 76 77 agentSSLProtocolLevel OBJECT-TYPE 78 SYNTAX INTEGER { 79 ssl30(1), -- SSL 3.0 80 tls10(2), -- TSL 1.0 81 both(3) 82 } 83 MAX-ACCESS read-only 84 STATUS current 85 DESCRIPTION 86 "Displays which protocol versions of SSL are enabled on this 87 switch. The default value is both(3)." 88 ::= { agentSSLConfigGroup 3 } 89 90 agentSSLMaxSessions OBJECT-TYPE 91 SYNTAX Integer32 (0..16) 92 MAX-ACCESS read-write 93 STATUS current 94 DESCRIPTION 95 "Configures the maximum number of allowable SSL sessions. The default 96 value is 16." 97 ::= { agentSSLConfigGroup 4 } 98 99 agentSSLHardTimeout OBJECT-TYPE 100 SYNTAX Integer32 (1..168) 101 MAX-ACCESS read-write 102 STATUS current 103 DESCRIPTION 104 "Configures the hard timeout for SSL sessions in hours. The default 105 value is 24 hours." 106 ::= { agentSSLConfigGroup 5 } 107 108 agentSSLSoftTimeout OBJECT-TYPE 109 SYNTAX Integer32 (1..60) 110 MAX-ACCESS read-write 111 STATUS current 112 DESCRIPTION 113 "Configures the soft (activity) timeout for SSL sessions in minutes. 114 The default value is 5 minutes." 115 ::= { agentSSLConfigGroup 6 } 116 117 agentSSLCertificatePresent OBJECT-TYPE 118 SYNTAX TruthValue 119 MAX-ACCESS read-only 120 STATUS current 121 DESCRIPTION 122 "Boolean value indicating whether SSL certificate files exist on the device." 123 ::= { agentSSLConfigGroup 7 } 124 125 agentSSLCertificateControl OBJECT-TYPE 126 SYNTAX INTEGER { 127 noop(1), 128 generate(2), 129 delete(3) 130 } 131 MAX-ACCESS read-write 132 STATUS current 133 DESCRIPTION 134 "Controls certificate generation and deletion. Always returns noop(1)." 135 ::= { agentSSLConfigGroup 8 } 136 137 agentSSLCertificateGenerationStatus OBJECT-TYPE 138 SYNTAX TruthValue 139 MAX-ACCESS read-only 140 STATUS current 141 DESCRIPTION 142 "Indicates whether certificate files are currently being generated." 143 ::= { agentSSLConfigGroup 9 } 144 145 --************************************************************************************** 146 -- agentSSHConfigGroup 147 -- 148 --************************************************************************************** 149 150 agentSSHConfigGroup OBJECT IDENTIFIER ::= { fastPathMgmtSecurity 2 } 151 152 agentSSHAdminMode OBJECT-TYPE 153 SYNTAX INTEGER { 154 enable(1), 155 disable(2) 156 } 157 MAX-ACCESS read-write 158 STATUS current 159 DESCRIPTION 160 "Configures whether the SSH service is enabled on this switch. The 161 default value is disable(2)." 162 ::= { agentSSHConfigGroup 1 } 163 164 agentSSHProtocolLevel OBJECT-TYPE 165 SYNTAX INTEGER { 166 ssh10(1), -- SSH 1.0 167 ssh20(2), -- SSH 2.0 168 both(3) 169 } 170 MAX-ACCESS read-only 171 STATUS current 172 DESCRIPTION 173 "Displays which protocol versions of SSH are enabled on this 174 switch. The default value is both(3)." 175 ::= { agentSSHConfigGroup 2 } 176 177 agentSSHSessionsCount OBJECT-TYPE 178 SYNTAX Integer32 179 MAX-ACCESS read-only 180 STATUS current 181 DESCRIPTION 182 "Current number of active SSH sessions on this switch." 183 ::= { agentSSHConfigGroup 3 } 184 185 agentSSHMaxSessionsCount OBJECT-TYPE 186 SYNTAX Integer32 (0..5) 187 MAX-ACCESS read-write 188 STATUS current 189 DESCRIPTION 190 "Max number of SSH sessions permitted on this switch." 191 ::= { agentSSHConfigGroup 4 } 192 193 agentSSHSessionTimeout OBJECT-TYPE 194 SYNTAX Integer32 (1..3932159) 195 MAX-ACCESS read-write 196 STATUS current 197 DESCRIPTION 198 "SSH idle timeout value for this switch in seconds. The 199 upper limit represents 65535 minutes and 59 seconds." 200 ::= { agentSSHConfigGroup 5 } 201 202 agentSSHKeysPresent OBJECT-TYPE 203 SYNTAX INTEGER { 204 dsa(1), 205 rsa(2), 206 both(3), 207 none(4) 208 } 209 MAX-ACCESS read-only 210 STATUS current 211 DESCRIPTION 212 "Indicates what key files are present on the device, if any." 213 ::= { agentSSHConfigGroup 6 } 214 215 agentSSHKeyGenerationStatus OBJECT-TYPE 216 SYNTAX INTEGER { 217 dsa(1), 218 rsa(2), 219 both(3), 220 none(4) 221 } 222 MAX-ACCESS read-only 223 STATUS current 224 DESCRIPTION 225 "Indicates what key files are currently being generated, if any." 226 ::= { agentSSHConfigGroup 7 } 227 228 agentSSHRSAKeyControl OBJECT-TYPE 229 SYNTAX INTEGER { 230 noop(1), 231 generate(2), 232 delete(3) 233 } 234 MAX-ACCESS read-write 235 STATUS current 236 DESCRIPTION 237 "Controls RSA key generation and deletion. Always returns noop(1)." 238 ::= { agentSSHConfigGroup 8 } 239 240 agentSSHDSAKeyControl OBJECT-TYPE 241 SYNTAX INTEGER { 242 noop(1), 243 generate(2), 244 delete(3) 245 } 246 MAX-ACCESS read-write 247 STATUS current 248 DESCRIPTION 249 "Controls DSA key generation and deletion. Always returns noop(1)." 250 ::= { agentSSHConfigGroup 9 } 251 252END 253