mib-jnx-js-policy.txt

-- *******************************************************************
-- Juniper enterprise specific policy objects MIB.
--
-- Copyright (c) 2007, Juniper Networks, Inc.
-- All rights reserved.
--
-- The contents of this document are subject to change without notice.
-- *******************************************************************

JUNIPER-JS-POLICY-MIB DEFINITIONS ::= BEGIN

    IMPORTS
        jnxJsPolicies                    FROM JUNIPER-JS-SMI    

        Integer32, Counter64,
        Gauge32, Counter32,
        NOTIFICATION-TYPE,
        MODULE-IDENTITY, OBJECT-TYPE     FROM SNMPv2-SMI
        DisplayString, TimeStamp         FROM SNMPv2-TC; 


    jnxJsSecPolicyMIB MODULE-IDENTITY
        LAST-UPDATED  "200705071840Z" -- May 07, 2007
        ORGANIZATION  "Juniper Networks, Inc."
        CONTACT-INFO
            "Juniper Technical Assistance Center
             Juniper Networks, Inc.
             1194 N. Mathilda Avenue
             Sunnyvale, CA 94089

             E-mail: support@juniper.net
             HTTP://www.juniper.net"

        DESCRIPTION
            "This module defines the mib for policy monitoring.

             A security policy, which can be configured from the user 
             interface controls the traffic flow from one zone to another 
             zone by defining the kind(s) of traffic permitted from 
             specified IP sources to specified IP destinations at 
             scheduled times. 

             Juniper security device enforce the security policies rules 
             for the transit traffic in terms of which traffic can pass 
             through the firewall, and the actions taken on the traffic as 
             it passes through the firewall. "
        REVISION        "200612140000Z" -- Dec 14, 2006
        DESCRIPTION     "Creation Date"
    ::= { jnxJsPolicies 1 }   


    jnxJsPolicyNotifications OBJECT IDENTIFIER ::= { jnxJsSecPolicyMIB 0 }
    jnxJsPolicyObjects       OBJECT IDENTIFIER ::= { jnxJsSecPolicyMIB 1 }
    jnxJsPolicyTrapVars      OBJECT IDENTIFIER ::= { jnxJsSecPolicyMIB 2 }

                
    -- ***************************************************************
    --  Security Policy Table
    -- ***************************************************************

    jnxJsPolicyNumber  OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of policies (regardless of their current 
             state) present on this system."
        ::= { jnxJsPolicyObjects 1 }


    jnxJsPolicyTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF JnxJsPolicyEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "The table exposes the security policy entries. Security
             devices/routers provide a network boundary with a single
             point of entry and exit point, which allows the screening
             and directing of traffic through the implementation of
             access policies. The access policies can permit, deny, 
             encrypt, authenticate, prioirtize, schedule and monitor
             the traffic flow through the firewall. 
             
             This table lists entries of policy. The number of policies
             are given by jnxJsPolicyNumber."
    ::= { jnxJsPolicyObjects 2 }

    jnxJsPolicyEntry OBJECT-TYPE
        SYNTAX        JnxJsPolicyEntry 
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "An entry contains a security policy.   

            The security policies are configured under from-zone,
            to-zone direction.  Under a specific zone direction, 
            each security policy contains name, match-criteria,
            action, and other options."

        INDEX     { jnxJsPolicyFromZone, 
                    jnxJsPolicyToZone,
                    jnxJsPolicyName }
        ::= { jnxJsPolicyTable 1 }

    JnxJsPolicyEntry ::= SEQUENCE
    {
        jnxJsPolicyFromZone                    DisplayString,
        jnxJsPolicyToZone                      DisplayString,
        jnxJsPolicyName                        DisplayString,
        jnxJsPolicySequenceNumber              Integer32,    
        jnxJsPolicyAction                      INTEGER,
        jnxJsPolicyScheduler                   DisplayString,
        jnxJsPolicyState                       INTEGER,
        jnxJsPolicyStatsAvailability           INTEGER,
        jnxJsPolicyPerSecBytesThreshold        Integer32,
        jnxJsPolicyPerMinKbytesThreshold       Integer32
    }

    jnxJsPolicyFromZone OBJECT-TYPE
        SYNTAX            DisplayString (SIZE(0..63))
        MAX-ACCESS        not-accessible
        STATUS            current
        DESCRIPTION
            "The attribute displays the from zone name."  
        ::= { jnxJsPolicyEntry 1 }

    jnxJsPolicyToZone OBJECT-TYPE
        SYNTAX            DisplayString (SIZE(0..63))
        MAX-ACCESS        not-accessible
        STATUS            current
        DESCRIPTION
            "The attribute exposes the to-zone name."
        ::= { jnxJsPolicyEntry 2 }

    jnxJsPolicyName OBJECT-TYPE
        SYNTAX            DisplayString (SIZE(0..63))
        MAX-ACCESS        not-accessible
        STATUS            current
        DESCRIPTION
            "The name of the policy defined. It consists of up to 256 ascii 
             characters and uniquely identifies the policy entry."
        ::= { jnxJsPolicyEntry 3 }
        
    jnxJsPolicySequenceNumber OBJECT-TYPE
        SYNTAX          Integer32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The attribute indicates the policy sequence order of the policy
             within a specific from-zone and to-zone pair. Policies are matched
             in a sequence where the ordering is specified by this number."
        ::= { jnxJsPolicyEntry 4 }

    jnxJsPolicyAction OBJECT-TYPE
        SYNTAX            INTEGER {
                              permit    (1),
                              deny      (2),
                              reject    (3)
                          } 
        MAX-ACCESS        read-only
        STATUS            current
        DESCRIPTION
            "The attribute indicates the actions performed when the 
             criteria is matched.
             
             The action permit, deny and reject are used configured policies."
        ::= { jnxJsPolicyEntry 5 }

    jnxJsPolicyScheduler OBJECT-TYPE
        SYNTAX          DisplayString (SIZE(0..63)) 
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The name of the schedule attached to this policy. Certain schedule  
             has a specified duration and this may effect the status of the 
             policy."
        ::= { jnxJsPolicyEntry 6 }
        
    jnxJsPolicyState OBJECT-TYPE
        SYNTAX          INTEGER  {
                            active        (1),
                            inactive      (2),
                            unavailable   (3)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The state of this policy: active, inactive, or unavailable.
             
             The state can be effected by the scheduler if the scheduler
             has a specified duration."
        ::= { jnxJsPolicyEntry 7 }
        
    jnxJsPolicyStatsAvailability OBJECT-TYPE
        SYNTAX          INTEGER  {
                            available     (1),
                            unavailable   (2)
                        }
        MAX-ACCESS      read-only
        STATUS          current 
        DESCRIPTION
            "The statistics availability of this policy.  
             
             The attribute indicates whether the statistics counters are
             available and are actively updated. If available, there would
             exists a matching jnxJsPolicyStatsEntry for the policy."
        ::= { jnxJsPolicyEntry 8 }
        
    jnxJsPolicyPerSecBytesThreshold OBJECT-TYPE
        SYNTAX          Integer32 
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The attribute indicates the threshold value of bytes per second."
        ::= { jnxJsPolicyEntry 9 }

    jnxJsPolicyPerMinKbytesThreshold OBJECT-TYPE
        SYNTAX          Integer32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The attribute indicates the threshold value of kbyte per min."
        ::= { jnxJsPolicyEntry 10 }
 
 
    -- ***************************************************************
    --  Security Policy Statistics Table
    -- ***************************************************************

    jnxJsPolicyStatsTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF JnxJsPolicyStatsEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "The table exposes the security policy statistics entries. These
             statistics can be enabled and disabled by configuration on a
             per policy basis."
    ::= { jnxJsPolicyObjects 3 }

    jnxJsPolicyStatsEntry OBJECT-TYPE
        SYNTAX        JnxJsPolicyStatsEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "An entry contains a security policy.

            The security policies are configured under from-zone,
            to-zone direction.  Under a specific zone direction,
            each security policy contains name, match-criteria,
            action, and other options."

        INDEX     { jnxJsPolicyFromZone,
                    jnxJsPolicyToZone,
                    jnxJsPolicyName }
        ::= { jnxJsPolicyStatsTable 1 }

    JnxJsPolicyStatsEntry ::= SEQUENCE
    {
        jnxJsPolicyStatsCreationTime           TimeStamp,
        jnxJsPolicyStatsInputBytes             Counter64,
        jnxJsPolicyStatsInputByteRate          Gauge32,
        jnxJsPolicyStatsOutputBytes            Counter64,
        jnxJsPolicyStatsOutputByteRate         Gauge32,
        jnxJsPolicyStatsInputPackets           Counter32,
        jnxJsPolicyStatsInputPacketRate        Gauge32,
        jnxJsPolicyStatsOutputPackets          Counter32,
        jnxJsPolicyStatsOutputPacketRate       Gauge32,
        jnxJsPolicyStatsNumSessions            Counter32,
        jnxJsPolicyStatsSessionRate            Gauge32,
        jnxJsPolicyStatsSessionDeleted         Counter32,
        jnxJsPolicyStatsLookups                Counter32,
        jnxJsPolicyStatsCountAlarm             Counter32
    }

    jnxJsPolicyStatsCreationTime OBJECT-TYPE
        SYNTAX          TimeStamp 
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The creation timestamp of the policy statistics entry. The
             timestamp is modified during the creation and deletion of the
             policy statistics entry. When the timestamp changes, the policy
             entry statistics is assumed to be a new statistics entry and not
             associated with previous statistic entry of the same indices."
        ::= { jnxJsPolicyStatsEntry 1 }

    jnxJsPolicyStatsInputBytes OBJECT-TYPE
        SYNTAX          Counter64 
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of input bytes enters the FW through this policy."
        ::= { jnxJsPolicyStatsEntry 2 }

    jnxJsPolicyStatsInputByteRate OBJECT-TYPE
        SYNTAX          Gauge32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of input bytes per second or the rate that enters the FW 
             through this policy."
        ::= { jnxJsPolicyStatsEntry 3 }

    jnxJsPolicyStatsOutputBytes OBJECT-TYPE
        SYNTAX          Counter64 
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of output bytes associated with this policy."
        ::= { jnxJsPolicyStatsEntry 4 }

    jnxJsPolicyStatsOutputByteRate OBJECT-TYPE
        SYNTAX          Gauge32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of output bytes per second or the rate associated 
             with this policy."
        ::= { jnxJsPolicyStatsEntry 5 }

    jnxJsPolicyStatsInputPackets OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of input packets enters the FW through this policy."
        ::= { jnxJsPolicyStatsEntry 6 }

    jnxJsPolicyStatsInputPacketRate OBJECT-TYPE
        SYNTAX          Gauge32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of input packets per second or the input packet rate 
             of the FW through this policy."
        ::= { jnxJsPolicyStatsEntry 7 }

    jnxJsPolicyStatsOutputPackets OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of output packets associated with this policy."
        ::= { jnxJsPolicyStatsEntry 8 }

    jnxJsPolicyStatsOutputPacketRate OBJECT-TYPE
        SYNTAX          Gauge32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of output packets per second or the rate 
             associated with this policy."
        ::= { jnxJsPolicyStatsEntry 9 }

    jnxJsPolicyStatsNumSessions OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of sessions associated with this policy."
        ::= { jnxJsPolicyStatsEntry 10 }

    jnxJsPolicyStatsSessionRate OBJECT-TYPE
        SYNTAX          Gauge32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The rate of the sessions associated with this policy."
        ::= { jnxJsPolicyStatsEntry 11 }

    jnxJsPolicyStatsSessionDeleted OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of sessions associated with this policy."
        ::= { jnxJsPolicyStatsEntry 12 }

    jnxJsPolicyStatsLookups OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of policy lookups performed."
        ::= { jnxJsPolicyStatsEntry 13 }

    jnxJsPolicyStatsCountAlarm OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "The number of alarm counted when the traffic exceeds 
             certain threshold configuration."
        ::= { jnxJsPolicyStatsEntry 14 }



    -- ***************************************************************
    -- definition of access authentication related traps.
    -- FIX : To be implemented.
    -- ***************************************************************


END
OID .1.3.6.1.4.1.2636.3.39.1.4.1OID .1.3.6.1.4.1.2636.3.39.1.4.1.0OID .1.3.6.1.4.1.2636.3.39.1.4.1.1OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.1OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.1OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.2OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.3OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.4OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.5OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.6OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.7OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.8OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.9OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.2.1.10OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.1OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.2OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.3OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.4OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.5OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.6OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.7OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.8OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.9OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.10OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.11OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.12OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.13OID .1.3.6.1.4.1.2636.3.39.1.4.1.1.3.1.14OID .1.3.6.1.4.1.2636.3.39.1.4.1.2