-- ******************************************************************* -- CISCO-LWAPP-ROGUE-MIB.my -- February 2007, Devesh Pujari, Srinath Candadai -- -- Copyright (c) 2007, 2010-2014 by Cisco Systems Inc. -- All rights reserved. -- ******************************************************************* CISCO-LWAPP-ROGUE-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE, Integer32, Unsigned32 FROM SNMPv2-SMI MODULE-COMPLIANCE, NOTIFICATION-GROUP, OBJECT-GROUP FROM SNMPv2-CONF SnmpAdminString FROM SNMP-FRAMEWORK-MIB StorageType, RowStatus, MacAddress, TruthValue, TEXTUAL-CONVENTION FROM SNMPv2-TC cLApName FROM CISCO-LWAPP-AP-MIB ciscoMgmt FROM CISCO-SMI; ciscoLwappRogueMIB MODULE-IDENTITY LAST-UPDATED "201407140000Z" ORGANIZATION "Cisco Systems Inc." CONTACT-INFO "Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS Email: cs-wnbu-snmp@cisco.com" DESCRIPTION "This MIB is intended to be implemented on all those devices operating as Central Controllers, that terminate the Light Weight Access Point Protocol tunnel from Cisco Light-weight LWAPP Access Points. This MIB provides information about the Rogue APs and Clients that are detected by the controller. The relationship between CC and the LWAPP APs can be depicted as follows: +......+ +......+ +......+ + + + + + + + CC + + CC + + CC + + + + + + + +......+ +......+ +......+ .. . . .. . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + AP + + AP + + AP + + AP + + + + + + + + + +......+ +......+ +......+ +......+ . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + MN + + MN + + MN + + MN + + + + + + + + + +......+ +......+ +......+ +......+ The LWAPP tunnel exists between the controller and the APs. The MNs communicate with the APs through the protocol defined by the 802.11 standard. LWAPP APs, upon bootup, discover and join one of the controllers and the controller pushes the configuration, that includes the WLAN parameters, to the LWAPP APs. The APs then encapsulate all the 802.11 frames from wireless clients inside LWAPP frames and forward the LWAPP frames to the controller. GLOSSARY Access Point ( AP ) An entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. LWAPP APs encapsulate all the 802.11 frames in LWAPP frames and sends them to the controller to which it is logically connected. Light Weight Access Point Protocol ( LWAPP ) This is a generic protocol that defines the communication between the Access Points and the Central Controller. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. Mobile Node and client are used interchangeably. Rogue Any 802.11 device which is not part of the RF network is a Rogue device. Ad-hoc Network A set of mobile devices within direct communication range establishing a network among themselves for transmitting data, without the use of a Access point is called a ad-hoc network. Rogue Ad-hoc Client Any 802.11 client which is part of that ad-hoc network, but not in the trusted list. Service Set Identifier ( SSID ) SSID is a unique identifier that APs and clients use to identify with each other. SSID is a simple means of access control and is not for security. The SSID can be any alphanumeric entry up to 32 characters. RSSI Received Signal Strength Indication (RSSI), the IEEE 802.11 standard defines a mechanism by which RF energy is to be measured by the circuitry on a wireless NIC. Its value is measured in dBm and ranges from -128 to 0. Rogue Location Detection Protocol (RLDP) RLDP is a protocol to detect and automatically contain rogue devices. When the controller discovers a rogue access point, it uses the Rogue Location Discovery Protocol (RLDP) to determine if the rogue is attached to your network. RLDP can be enabled/disabled per controller level. LRAD (LWAPP RADIO) Light Weight Access Point Protocol Radio basically ones own AP. REFERENCE [1] Wireless LAN Medium Access Control ( MAC ) and Physical Layer ( PHY ) Specifications. [2] Draft-obara-capwap-lwapp-00.txt, IETF Light Weight Access Point Protocol." REVISION "201407140000Z" DESCRIPTION "Added new object group - ciscoLwappRogueConfigSup4Group Added new compliance - ciscoLwappRogueMIBComplianceRev4." REVISION "201109070000Z" DESCRIPTION "Added following objects: cLRogueReportInterval cLRogueMinimumRssi cLRogueTransientInterval. Deprecated ciscoLwappRogueMIBComplianceRev2 and added ciscoLwappRogueMIBComplianceRev3." REVISION "201103110000Z" DESCRIPTION "Added following objects: cLRldpAutoContainLevel cLRldpAutoContainOnlyforMonitorModeAps. Deprecated ciscoLwappRogueMIBComplianceRev1 and added ciscoLwappRogueMIBComplianceRev2." REVISION "201007170000Z" DESCRIPTION "Added following tables: cLRogueIgnoreListTable cLRuleConfigTable cLConditionConfigTable cLConditionSsidConfigTable Added following objects: cLRldpAutoContainFeatureOnWiredNetwork cLRldpAutoContainRoguesAdvertisingSsid cLRldpAutoContainAdhocNetworks cLRldpAutoContainTrustedClientsOnRogueAps Deprecated ciscoLwappRogueMIBCompliance and added ciscoLwappRogueMIBComplianceRev1." REVISION "200702060000Z" DESCRIPTION "Initial version of this MIB module." ::= { ciscoMgmt 610 } ciscoLwappRogueMIBNotifs OBJECT IDENTIFIER ::= { ciscoLwappRogueMIB 0 } ciscoLwappRogueMIBObjects OBJECT IDENTIFIER ::= { ciscoLwappRogueMIB 1 } ciscoLwappRogueMIBConform OBJECT IDENTIFIER ::= { ciscoLwappRogueMIB 2 } cLRogueConfig OBJECT IDENTIFIER ::= { ciscoLwappRogueMIBObjects 1 } cLRoguePolicyConfig OBJECT IDENTIFIER ::= { cLRogueConfig 1 } cLRogueRuleConfig OBJECT IDENTIFIER ::= { cLRogueConfig 3 } cLRogueIgnoreListConfig OBJECT IDENTIFIER ::= { cLRogueConfig 4 } cLRldpAutoContainConfig OBJECT IDENTIFIER ::= { cLRogueConfig 5 } cLRogueApConfig OBJECT IDENTIFIER ::= { cLRogueConfig 6 } CLAutoContainActions ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This textual convention represents the action that should be taken with respect to auto containment feature when any of the following are detected by the switch: rogue adhoc network rogues APs that are advertising our SSID trusted clients that are associated to rogue APs alarmOnly(1) - only an alarm will be generated contain(2) - contain automatically" SYNTAX INTEGER { alarmOnly(1), contain(2) } cLRogueAdhocRogueReportEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to turn on and off ad-hoc rogue reporting. Setting this object to 'true' will enable ad-hoc rogue reporting. Setting to 'false' will disable ad-hoc rogue reporting." DEFVAL { true } ::= { cLRoguePolicyConfig 1 } cLRogueReportInterval OBJECT-TYPE SYNTAX Unsigned32 (10..300) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the rogue report interval, which is the interval that monitor mode APs send rogue detection details to the controller." ::= { cLRoguePolicyConfig 2 } cLRogueMinimumRssi OBJECT-TYPE SYNTAX Integer32 (-128..-70) UNITS "dBm" MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the minimum value of RSSI considered for detection of rogues." ::= { cLRoguePolicyConfig 3 } cLRogueTransientInterval OBJECT-TYPE SYNTAX Unsigned32 (0 | 120..1800) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the rogue transient interval. A value of '0' specifies that an AP sends rogue detection details to the controller as soon as it detects a rogue. A non-zero value specifies that an AP sends rogue detection details to the controller if it hears the rogue more than once in the specified interval." ::= { cLRoguePolicyConfig 4 } cLRogueClientNumThreshold OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the number of clients the Rogue AP can have. A value of zero indicates no limitation on the number of clients the Rogue AP can have." ::= { cLRoguePolicyConfig 5 } cLRogueDetectionSecurityLevel OBJECT-TYPE SYNTAX INTEGER { low(1), high(2), critical(3), custom(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the rogue detection security level. When the object has value of 'low', 'high' or 'critical', controller uses pre-defined rogue detection parameters for the specified security level. When the object has value of 'custom', controller uses the user configured rogue detection parameters. low - security level is low high - security level is high critical - security level is critical custom - customized security level" ::= { cLRoguePolicyConfig 6 } cLRogueValidateRogueClientsAgainstMse OBJECT-TYPE SYNTAX INTEGER { disable(1), enable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The object specifies whether the controller validates 'valid' clients which are associating with rogue AP, against MSE. A value of 'enable' indicates that the controller does validates 'valid'clients which are associating with rogue AP, against MSE. A value of 'disable' indicates that the controller does not validates 'valid' clients which are associating with rogue AP, against MSE." ::= { cLRoguePolicyConfig 7 } cLRogueAdhocRogueNotifEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "The object to control the generation of cLRogueAdhocDetected notification. A value of 'true' indicates that the agent generates cLRogueAdhocDetected notification. A value of 'false' indicates that the agent doesn't generate cLRogueAdhocDetected notification." DEFVAL { false } ::= { cLRogueConfig 2 } cLRogueAdhocRogueDetected NOTIFICATION-TYPE OBJECTS { cLApName } STATUS current DESCRIPTION "This notification is generated by the controller when a a rogue is detected. The name of the AP that detected this rogue is sent in the notification." ::= { ciscoLwappRogueMIBNotifs 1 } -- ******************************************************************** -- Rule configuration -- ******************************************************************** cLRuleConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF CLRuleConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table provides the configuration needed by the controller for classifying rogue APs. The user defines the custom rules which are used to classify the APs under different classification types. When a new rule is created priority will be assigned automatically by controller, highest priority given to rule which are created first. Also if user is changing the priority of a rule manually, the new priority should not be used by any other existing rule." ::= { cLRogueRuleConfig 1 } cLRuleConfigEntry OBJECT-TYPE SYNTAX CLRuleConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry represents a conceptual row (as identified by a rule name)in cLRuleConfigTable." INDEX { cLRuleName } ::= { cLRuleConfigTable 1 } CLRuleConfigEntry ::= SEQUENCE { cLRuleName SnmpAdminString, cLRuleRogueType INTEGER, cLRuleConditionsMatch INTEGER, cLRulePriority Unsigned32, cLRuleEnable TruthValue, cLRuleStorageType StorageType, cLRuleRowStatus RowStatus } cLRuleName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object represents the rule name to identify this entry." ::= { cLRuleConfigEntry 1 } cLRuleRogueType OBJECT-TYPE SYNTAX INTEGER { friendly(1), malicious(2), unclassified(3), custom(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object determines the classification applied to the rogue AP that matches this rule. friendly - known and acknowledged rogue AP. malicious - unknown AP that matches user defined malicious rules. unclassified - an unknown AP that did not match malicious or friendly rules. custom - user can configure rogue detection parameters." DEFVAL { custom } ::= { cLRuleConfigEntry 2 } cLRuleConditionsMatch OBJECT-TYPE SYNTAX INTEGER { all(1), any(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents how the conditions defined by corresponding instances of cLConditionType, are matched under each rule. all - all the conditions defined per rule should be matched any - any conditions defined per rule can be matched." ::= { cLRuleConfigEntry 3 } cLRulePriority OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to define the order in which the rules will be applied. The rules will be applied from lowest to highest and gaps are allowed. Each rule must have and unique value for this object." ::= { cLRuleConfigEntry 4 } cLRuleEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether this rule is enabled or not. A value of 'true' specifies this rule is enabled. A value of 'false' specifies this rule is disabled." ::= { cLRuleConfigEntry 5 } cLRuleStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the storage type for this conceptual row." DEFVAL { nonVolatile } ::= { cLRuleConfigEntry 6 } cLRuleRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the status column for a conceptual row in this table. All writable objects in this row may be modified when the row is active." ::= { cLRuleConfigEntry 7 } -- ******************************************************************** -- Rule/Condition name configuration -- ******************************************************************** cLConditionConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF CLConditionConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table represents the configuration of conditions that can be applied to a rule." ::= { cLRogueRuleConfig 2 } cLConditionConfigEntry OBJECT-TYPE SYNTAX CLConditionConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry represents a conceptual row in cLConditionConfigTable, as identified by a specific condition name to be applied on a specific rule name." INDEX { cLRuleName, cLConditionName } ::= { cLConditionConfigTable 1 } CLConditionConfigEntry ::= SEQUENCE { cLConditionName SnmpAdminString, cLConditionType INTEGER, cLConditionValue Integer32, cLConditionEnable TruthValue, cLConditionStorageType StorageType, cLConditionRowStatus RowStatus, cLConditionRssi Integer32, cLConditionClientCount Unsigned32, cLConditionNoEncryptionEnabled TruthValue, cLConditionManagedSsidEnabled TruthValue, cLConditionDuration Unsigned32 } cLConditionName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..64)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object represents the condition name." ::= { cLConditionConfigEntry 1 } cLConditionType OBJECT-TYPE SYNTAX INTEGER { managedSsid(1), rssi(2), duration(3), clientCount(4), noEncryption(5), userConfigSsid(6) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the condition type for this condition associated with a rule. managedSsid - matches managed SSID rssi - required minimum RSSI duration - limited to this time duration clientCount - number of associated clients noEncryption - no encryption rule userConfigSsid - matches user configured SSID" ::= { cLConditionConfigEntry 2 } cLConditionValue OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the value associated with the condition type as specified by the corresponding cLConditionType instance. If cLConditionType is 'userConfigSsid', then corresponding 'cLConditionValue' can only take on the value of zero." ::= { cLConditionConfigEntry 3 } cLConditionEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates whether matching against this condition is enabled or not. A value of 'true' indicates matching against this condition is enabled. A value of 'false' indicates matching against this condition is disabled." ::= { cLConditionConfigEntry 4 } cLConditionStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the storage type for this conceptual row." DEFVAL { nonVolatile } ::= { cLConditionConfigEntry 5 } cLConditionRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the status column for a conceptual row in this table. All writable objects except cLConditionType in this row may be modified when the row is active." ::= { cLConditionConfigEntry 6 } cLConditionRssi OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the minimum value of RSSI that a rogue AP must have in order to match cLConditionType of 'rssi'." DEFVAL { 0 } ::= { cLConditionConfigEntry 7 } cLConditionClientCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the minimum value of client count that a rogue AP must have in order to match cLConditionType of 'clientCount'." DEFVAL { 0 } ::= { cLConditionConfigEntry 8 } cLConditionNoEncryptionEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether or not encryption is enabled. A value of 'true' indicates that encryption is not enabled. A value of 'false' indicates that encryption is enabled for this condition." DEFVAL { true } ::= { cLConditionConfigEntry 9 } cLConditionManagedSsidEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether or not managed SSID is enabled. A value of 'true' indicates managed SSID is enabled. A value of 'false' indicates managed SSID is not enabled for this condition." DEFVAL { true } ::= { cLConditionConfigEntry 10 } cLConditionDuration OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the minimum value of duration, in seconds, a rogue AP must be present in order to match cLConditionType of 'duration'." DEFVAL { 0 } ::= { cLConditionConfigEntry 11 } -- ******************************************************************** -- Rule/Condition SSID configuration -- ******************************************************************** cLConditionSsidConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF CLConditionSsidConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table represents the configuration of SSID for a rule. This is applicable to conditions within a rule which has the corresponding cLConditionType taking on the value of 'userConfigSsid'." ::= { cLRogueRuleConfig 3 } cLConditionSsidConfigEntry OBJECT-TYPE SYNTAX CLConditionSsidConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry represents a conceptual row in cLConditionSsidConfigTable." INDEX { cLRuleName, cLConditionName, cLConditionSsidValue } ::= { cLConditionSsidConfigTable 1 } CLConditionSsidConfigEntry ::= SEQUENCE { cLConditionSsidValue SnmpAdminString, cLConditionSsidStorageType StorageType, cLConditionSsidRowStatus RowStatus } cLConditionSsidValue OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object represents the SSID value for this condition associated with a rule." ::= { cLConditionSsidConfigEntry 1 } cLConditionSsidStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the storage type for this conceptual row." DEFVAL { nonVolatile } ::= { cLConditionSsidConfigEntry 2 } cLConditionSsidRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the status column for a conceptual row in this table. All writable objects in this row may not be modified when the row is active." ::= { cLConditionSsidConfigEntry 3 } -- ******************************************************************** -- Rogue Ignore List Configuration -- ******************************************************************** cLRogueIgnoreListTable OBJECT-TYPE SYNTAX SEQUENCE OF CLRogueIgnoreListEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table lists the APs, as identified by the AP's mac address, which should not be treated as rogue by the controller. These APs are the autonomous access points that have been manually added to WCS." ::= { cLRogueIgnoreListConfig 1 } cLRogueIgnoreListEntry OBJECT-TYPE SYNTAX CLRogueIgnoreListEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry represents a conceptual row in this table. There will be a row for each entry of the autonomous APs which are manually added to WCS. When the autonomous AP is no longer managed by WCS, the corresponding row entry will be removed." INDEX { cLRogueIgnoreListMACAddress } ::= { cLRogueIgnoreListTable 1 } CLRogueIgnoreListEntry ::= SEQUENCE { cLRogueIgnoreListMACAddress MacAddress, cLRogueIgnoreListStorageType StorageType, cLRogueIgnoreListRowStatus RowStatus } cLRogueIgnoreListMACAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "This is the MAC Address of the AP to be put in the rogue ignore list." ::= { cLRogueIgnoreListEntry 1 } cLRogueIgnoreListStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the storage type for this conceptual row." DEFVAL { nonVolatile } ::= { cLRogueIgnoreListEntry 2 } cLRogueIgnoreListRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This is the status of the conceptual row. All writable objects in this row may not be modified when the row is active." ::= { cLRogueIgnoreListEntry 3 } -- ******************************************************************** -- Auto Containment configuration -- ******************************************************************** cLRldpAutoContainFeatureOnWiredNetwork OBJECT-TYPE SYNTAX INTEGER { disable(1), enable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object represents the RLDP Auto contain feature status. disable - automatic containment of rogues on wired network is disabled enable - automatic containment of rogues on wired network is enabled NOTE: Using this feature may have legal consequences!!!" DEFVAL { disable } ::= { cLRldpAutoContainConfig 1 } cLRldpAutoContainRoguesAdvertisingSsid OBJECT-TYPE SYNTAX CLAutoContainActions MAX-ACCESS read-write STATUS current DESCRIPTION "This is the action with respect to auto containment feature, that should be taken when switch detects rogues that are advertising our SSID. NOTE: Using this feature may have legal consequences!!!" DEFVAL { alarmOnly } ::= { cLRldpAutoContainConfig 2 } cLRldpAutoContainAdhocNetworks OBJECT-TYPE SYNTAX CLAutoContainActions MAX-ACCESS read-write STATUS current DESCRIPTION "This is the action with respect to auto containment feature, that should be taken when adhoc networks are detected by the switch. NOTE: Using this feature may have legal consequences!!!" DEFVAL { alarmOnly } ::= { cLRldpAutoContainConfig 3 } cLRldpAutoContainTrustedClientsOnRogueAps OBJECT-TYPE SYNTAX CLAutoContainActions MAX-ACCESS read-write STATUS current DESCRIPTION "This is the action with respect to auto containment feature, that should be taken when trusted clients that are associated to rogue APs are detected by the switch. NOTE: Using this feature may have legal consequences!!!" DEFVAL { alarmOnly } ::= { cLRldpAutoContainConfig 4 } cLRldpAutoContainLevel OBJECT-TYPE SYNTAX Integer32 (1..4) MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to specify the level of auto containment. The level actually denotes the number of APs that should be used by the controller for auto containment." DEFVAL { 1 } ::= { cLRldpAutoContainConfig 5 } cLRldpAutoContainOnlyforMonitorModeAps OBJECT-TYPE SYNTAX INTEGER { disable(1), enable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to specify if auto containment should be done only using monitor mode APs or not. disable - auto containment will be done using all APs irrespective of the mode enable - auto containment will be done only using monitor mode APs." DEFVAL { disable } ::= { cLRldpAutoContainConfig 6 } -- ******************************************************************** -- Rogue AP List Configuration -- ******************************************************************** cLRogueApTable OBJECT-TYPE SYNTAX SEQUENCE OF CLRogueApEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table lists the configured rogue APs in the system." ::= { cLRogueApConfig 1 } cLRogueApEntry OBJECT-TYPE SYNTAX CLRogueApEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry containing contains management information of a particular rogue AP. An entry can be created, or deleted by using cLRogueApRowStatus." INDEX { cLRogueApMACAddress } ::= { cLRogueApTable 1 } CLRogueApEntry ::= SEQUENCE { cLRogueApMACAddress MacAddress, cLRogueApClassType INTEGER, cLRogueApState INTEGER, cLRogueApStorageType StorageType, cLRogueApRowStatus RowStatus } cLRogueApMACAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "MAC Address of a rogue AP." ::= { cLRogueApEntry 1 } cLRogueApClassType OBJECT-TYPE SYNTAX INTEGER { friendly(1), malicious(2), unclassified(3), custom(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the type of a rogue AP. friendly - existing known, Acknowledge, and Trust missing rogue states are classified as Friendly. malicious - unknown AP that could be a threat. unclassified - an unknown AP or rogue AP is identified but it does not belong to Friendly or Malicious rogue types. custom - AP that matches user defined custom rules." DEFVAL { custom } ::= { cLRogueApEntry 2 } cLRogueApState OBJECT-TYPE SYNTAX INTEGER { pending(1), alert(2), detectedLrad(3), known(4), acknowledge(5), contained(6), threat(7), containedPending(8), knownContained(9), trustedMissing(10), initializing(11) } MAX-ACCESS read-create STATUS current DESCRIPTION "This objects specifies the state in which the rogue AP is. pending - a read-only value indicates that rogue AP can not be state to any of the following type. alert - rogue AP can be a potential threat. Trap will be sent out to trap recipients. detectedLrad - a read-only value indicates that a LRAD that got detected as rogue. known - a read-only value indicates that an internal AP which is not on the same switch. acknowledge - a read-only value indicates that an external AP whose existence is acceptable and not a threat(probably from vendor other than cisco). contained - containment is initiated and ongoing. threat - rogue AP is found on wired network. containedPending - a read-only value indicates that no AP resources available for containment. knownContained - a read-only value indicates that no longer used. trustedMissing - rogue AP is friendly but there is no slot for friendly AP. initializing - a read-only value indicates that rogue AP is being initialized. For a friendly rogue AP, only two states are valid: 'known' and 'acknowledge'. 'known', 'knownContained' and 'trustedMissing' can appear in known rogue list. Known rogues can be pre-provisioned and known rogues state can be changed to 'alert'." DEFVAL { alert } ::= { cLRogueApEntry 3 } cLRogueApStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the storage type for this conceptual row." DEFVAL { nonVolatile } ::= { cLRogueApEntry 4 } cLRogueApRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of the conceptual row. All writable objects in this row may be modified when the row is active." ::= { cLRogueApEntry 5 } -- ******************************************************************** -- MIB Compliance Statements -- ******************************************************************** ciscoLwappRogueMIBCompliances OBJECT IDENTIFIER ::= { ciscoLwappRogueMIBConform 1 } ciscoLwappRogueMIBGroups OBJECT IDENTIFIER ::= { ciscoLwappRogueMIBConform 2 } ciscoLwappRogueMIBCompliance MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappRogueMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappRogueConfigGroup, ciscoLwappRogueNotifsGroup } ::= { ciscoLwappRogueMIBCompliances 1 } ciscoLwappRogueMIBComplianceRev1 MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappRogueMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappRogueConfigGroup, ciscoLwappRogueNotifsGroup, ciscoLwappRogueConfigSup1Group } OBJECT cLRogueIgnoreListRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLRuleRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLConditionRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLConditionSsidRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLRogueIgnoreListStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRuleStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionSsidStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { ciscoLwappRogueMIBCompliances 2 } ciscoLwappRogueMIBComplianceRev2 MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappRogueMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappRogueConfigGroup, ciscoLwappRogueNotifsGroup, ciscoLwappRogueConfigSup2Group } OBJECT cLRogueIgnoreListRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLRuleRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLConditionRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLConditionSsidRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLRogueIgnoreListStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRuleStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionSsidStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { ciscoLwappRogueMIBCompliances 3 } ciscoLwappRogueMIBComplianceRev3 MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappRogueMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappRogueConfigGroup, ciscoLwappRogueNotifsGroup, ciscoLwappRogueConfigSup3Group } OBJECT cLRogueIgnoreListRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLRuleRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLConditionRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLConditionSsidRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLRogueIgnoreListStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRuleStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionSsidStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { ciscoLwappRogueMIBCompliances 4 } ciscoLwappRogueMIBComplianceRev4 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappRogueMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappRogueConfigGroup, ciscoLwappRogueNotifsGroup, ciscoLwappRogueConfigSup3Group } GROUP ciscoLwappRogueConfigSup4Group DESCRIPTION "This group is mandatory for platforms which support rogue functionality." OBJECT cLRogueIgnoreListRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLRuleRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLConditionRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLConditionSsidRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLRogueIgnoreListStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRuleStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionSsidStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRogueClientNumThreshold MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRogueDetectionSecurityLevel MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRogueValidateRogueClientsAgainstMse MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionRssi MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionClientCount MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionNoEncryptionEnabled MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionManagedSsidEnabled MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLConditionDuration MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRogueApClassType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRogueApState MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRogueApStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT cLRogueApRowStatus SYNTAX INTEGER { active(1) } WRITE-SYNTAX INTEGER { createAndGo(4), destroy(6) } MIN-ACCESS read-only DESCRIPTION "Write access is not required. Support for createAndWait and notInService is not required." ::= { ciscoLwappRogueMIBCompliances 5 } -- Units of Conformance ciscoLwappRogueConfigGroup OBJECT-GROUP OBJECTS { cLRogueAdhocRogueReportEnable, cLRogueAdhocRogueNotifEnabled } STATUS current DESCRIPTION "This collection of objects represent the rogue configuration on the controller." ::= { ciscoLwappRogueMIBGroups 1 } ciscoLwappRogueNotifsGroup NOTIFICATION-GROUP NOTIFICATIONS { cLRogueAdhocRogueDetected } STATUS current DESCRIPTION "This collection of objects specifies the notifications for rogue detection." ::= { ciscoLwappRogueMIBGroups 2 } ciscoLwappRogueConfigSup1Group OBJECT-GROUP OBJECTS { cLRogueIgnoreListStorageType, cLRogueIgnoreListRowStatus, cLRuleRogueType, cLRuleConditionsMatch, cLRulePriority, cLRuleEnable, cLRuleStorageType, cLRuleRowStatus, cLConditionType, cLConditionValue, cLConditionEnable, cLConditionStorageType, cLConditionRowStatus, cLConditionSsidStorageType, cLConditionSsidRowStatus, cLRldpAutoContainFeatureOnWiredNetwork, cLRldpAutoContainRoguesAdvertisingSsid, cLRldpAutoContainAdhocNetworks, cLRldpAutoContainTrustedClientsOnRogueAps } STATUS deprecated DESCRIPTION "This collection of objects represent the rogue configuration on the controller. ciscoLwappRogueConfigSup1Group object is superseded by ciscoLwappRogueConfigSup2Group." ::= { ciscoLwappRogueMIBGroups 3 } ciscoLwappRogueConfigSup2Group OBJECT-GROUP OBJECTS { cLRogueIgnoreListStorageType, cLRogueIgnoreListRowStatus, cLRuleRogueType, cLRuleConditionsMatch, cLRulePriority, cLRuleEnable, cLRuleStorageType, cLRuleRowStatus, cLConditionType, cLConditionValue, cLConditionEnable, cLConditionStorageType, cLConditionRowStatus, cLConditionSsidStorageType, cLConditionSsidRowStatus, cLRldpAutoContainFeatureOnWiredNetwork, cLRldpAutoContainRoguesAdvertisingSsid, cLRldpAutoContainAdhocNetworks, cLRldpAutoContainTrustedClientsOnRogueAps, cLRldpAutoContainLevel, cLRldpAutoContainOnlyforMonitorModeAps } STATUS deprecated DESCRIPTION "This collection of objects represent the rogue configuration on the controller. ciscoLwappRogueConfigSup2Group object is superseded by ciscoLwappRogueConfigSup3Group." ::= { ciscoLwappRogueMIBGroups 4 } ciscoLwappRogueConfigSup3Group OBJECT-GROUP OBJECTS { cLRogueIgnoreListStorageType, cLRogueIgnoreListRowStatus, cLRuleRogueType, cLRuleConditionsMatch, cLRulePriority, cLRuleEnable, cLRuleStorageType, cLRuleRowStatus, cLConditionType, cLConditionValue, cLConditionEnable, cLConditionStorageType, cLConditionRowStatus, cLConditionSsidStorageType, cLConditionSsidRowStatus, cLRldpAutoContainFeatureOnWiredNetwork, cLRldpAutoContainRoguesAdvertisingSsid, cLRldpAutoContainAdhocNetworks, cLRldpAutoContainTrustedClientsOnRogueAps, cLRldpAutoContainLevel, cLRldpAutoContainOnlyforMonitorModeAps, cLRogueReportInterval, cLRogueMinimumRssi, cLRogueTransientInterval } STATUS current DESCRIPTION "This collection of objects represent the rogue configuration on the controller." ::= { ciscoLwappRogueMIBGroups 5 } ciscoLwappRogueConfigSup4Group OBJECT-GROUP OBJECTS { cLRogueApClassType, cLRogueApState, cLRogueApStorageType, cLRogueApRowStatus, cLRogueClientNumThreshold, cLRogueDetectionSecurityLevel, cLRogueValidateRogueClientsAgainstMse, cLConditionRssi, cLConditionClientCount, cLConditionNoEncryptionEnabled, cLConditionManagedSsidEnabled, cLConditionDuration } STATUS current DESCRIPTION "This collection of objects represent the rogue configuration on the controller." ::= { ciscoLwappRogueMIBGroups 6 } END