-- *******************************************************************
-- Juniper enterprise specific policy objects MIB.
--
-- Copyright (c) 2007, Juniper Networks, Inc.
-- All rights reserved.
--
-- The contents of this document are subject to change without notice.
-- *******************************************************************JUNIPER-JS-POLICY-MIB DEFINITIONS::=BEGINIMPORTSjnxJsPolicies FROM JUNIPER-JS-SMI
Integer32,Counter64,Gauge32,Counter32,NOTIFICATION-TYPE,MODULE-IDENTITY,OBJECT-TYPEFROM SNMPv2-SMI
DisplayString,TimeStampFROM SNMPv2-TC;jnxJsSecPolicyMIB MODULE-IDENTITYLAST-UPDATED"200705071840Z"-- May 07, 2007ORGANIZATION"Juniper Networks, Inc."CONTACT-INFO"Juniper Technical Assistance Center
Juniper Networks, Inc.
1194 N. Mathilda Avenue
Sunnyvale, CA 94089
E-mail: support@juniper.net
HTTP://www.juniper.net"DESCRIPTION"This module defines the mib for policy monitoring.
A security policy, which can be configured from the user
interface controls the traffic flow from one zone to another
zone by defining the kind(s) of traffic permitted from
specified IP sources to specified IP destinations at
scheduled times.
Juniper security device enforce the security policies rules
for the transit traffic in terms of which traffic can pass
through the firewall, and the actions taken on the traffic as
it passes through the firewall. "REVISION"200612140000Z"-- Dec 14, 2006DESCRIPTION"Creation Date"::={ jnxJsPolicies 1}jnxJsPolicyNotifications OBJECTIDENTIFIER::={ jnxJsSecPolicyMIB 0}jnxJsPolicyObjects OBJECTIDENTIFIER::={ jnxJsSecPolicyMIB 1}jnxJsPolicyTrapVars OBJECTIDENTIFIER::={ jnxJsSecPolicyMIB 2}-- ***************************************************************-- Security Policy Table-- ***************************************************************jnxJsPolicyNumber OBJECT-TYPESYNTAXInteger32MAX-ACCESSread-only
STATUScurrentDESCRIPTION"The number of policies (regardless of their current
state) present on this system."::={ jnxJsPolicyObjects 1}jnxJsPolicyTable OBJECT-TYPESYNTAXSEQUENCEOF JnxJsPolicyEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The table exposes the security policy entries. Security
devices/routers provide a network boundary with a single
point of entry and exit point, which allows the screening
and directing of traffic through the implementation of
access policies. The access policies can permit, deny,
encrypt, authenticate, prioirtize, schedule and monitor
the traffic flow through the firewall.
This table lists entries of policy. The number of policies
are given by jnxJsPolicyNumber."::={ jnxJsPolicyObjects 2}jnxJsPolicyEntry OBJECT-TYPESYNTAX JnxJsPolicyEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An entry contains a security policy.
The security policies are configured under from-zone,
to-zone direction. Under a specific zone direction,
each security policy contains name, match-criteria,
action, and other options."INDEX{ jnxJsPolicyFromZone,
jnxJsPolicyToZone,
jnxJsPolicyName }::={ jnxJsPolicyTable 1}
JnxJsPolicyEntry ::=SEQUENCE{
jnxJsPolicyFromZone DisplayString,
jnxJsPolicyToZone DisplayString,
jnxJsPolicyName DisplayString,
jnxJsPolicySequenceNumber Integer32,
jnxJsPolicyAction INTEGER,
jnxJsPolicyScheduler DisplayString,
jnxJsPolicyState INTEGER,
jnxJsPolicyStatsAvailability INTEGER,
jnxJsPolicyPerSecBytesThreshold Integer32,
jnxJsPolicyPerMinKbytesThreshold Integer32}jnxJsPolicyFromZone OBJECT-TYPESYNTAXDisplayString(SIZE(0..63))
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The attribute displays the from zone name."::={ jnxJsPolicyEntry 1}jnxJsPolicyToZone OBJECT-TYPESYNTAXDisplayString(SIZE(0..63))MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The attribute exposes the to-zone name."::={ jnxJsPolicyEntry 2}jnxJsPolicyName OBJECT-TYPESYNTAXDisplayString(SIZE(0..63))MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION
"The name of the policy defined. It consists of up to 256 ascii
characters and uniquely identifies the policy entry."::={ jnxJsPolicyEntry 3}jnxJsPolicySequenceNumber OBJECT-TYPESYNTAXInteger32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The attribute indicates the policy sequence order of the policy
within a specific from-zone and to-zone pair. Policies are matched
in a sequence where the ordering is specified by this number."::={ jnxJsPolicyEntry 4}jnxJsPolicyAction OBJECT-TYPESYNTAXINTEGER{permit (1),deny (2),reject (3)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The attribute indicates the actions performed when the
criteria is matched.
The action permit, deny and reject are used configured policies."::={ jnxJsPolicyEntry 5}jnxJsPolicyScheduler OBJECT-TYPESYNTAXDisplayString(SIZE(0..63))MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The name of the schedule attached to this policy. Certain schedule
has a specified duration and this may effect the status of the
policy."::={ jnxJsPolicyEntry 6}jnxJsPolicyState OBJECT-TYPESYNTAXINTEGER{active (1),inactive (2),unavailable (3)}MAX-ACCESSread-onlySTATUScurrent
DESCRIPTION"The state of this policy: active, inactive, or unavailable.
The state can be effected by the scheduler if the scheduler
has a specified duration."::={ jnxJsPolicyEntry 7}jnxJsPolicyStatsAvailability OBJECT-TYPESYNTAXINTEGER{available (1),unavailable (2)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The statistics availability of this policy.
The attribute indicates whether the statistics counters are
available and are actively updated. If available, there would
exists a matching jnxJsPolicyStatsEntry for the policy."::={ jnxJsPolicyEntry 8}jnxJsPolicyPerSecBytesThreshold OBJECT-TYPESYNTAXInteger32MAX-ACCESSread-onlySTATUScurrent
DESCRIPTION"The attribute indicates the threshold value of bytes per second."::={ jnxJsPolicyEntry 9}jnxJsPolicyPerMinKbytesThreshold OBJECT-TYPESYNTAXInteger32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The attribute indicates the threshold value of kbyte per min."::={ jnxJsPolicyEntry 10}-- ***************************************************************-- Security Policy Statistics Table-- ***************************************************************jnxJsPolicyStatsTable OBJECT-TYPESYNTAXSEQUENCEOF JnxJsPolicyStatsEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The table exposes the security policy statistics entries. These
statistics can be enabled and disabled by configuration on a
per policy basis."::={ jnxJsPolicyObjects 3}jnxJsPolicyStatsEntry OBJECT-TYPE
SYNTAX JnxJsPolicyStatsEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An entry contains a security policy.
The security policies are configured under from-zone,
to-zone direction. Under a specific zone direction,
each security policy contains name, match-criteria,
action, and other options."INDEX{ jnxJsPolicyFromZone,
jnxJsPolicyToZone,
jnxJsPolicyName }::={ jnxJsPolicyStatsTable 1}
JnxJsPolicyStatsEntry ::=SEQUENCE{
jnxJsPolicyStatsCreationTime TimeStamp,
jnxJsPolicyStatsInputBytes Counter64,
jnxJsPolicyStatsInputByteRate Gauge32,
jnxJsPolicyStatsOutputBytes Counter64,
jnxJsPolicyStatsOutputByteRate Gauge32,
jnxJsPolicyStatsInputPackets Counter32,
jnxJsPolicyStatsInputPacketRate Gauge32,
jnxJsPolicyStatsOutputPackets Counter32,
jnxJsPolicyStatsOutputPacketRate Gauge32,
jnxJsPolicyStatsNumSessions Counter32,
jnxJsPolicyStatsSessionRate Gauge32,
jnxJsPolicyStatsSessionDeleted Counter32,
jnxJsPolicyStatsLookups Counter32,
jnxJsPolicyStatsCountAlarm Counter32}jnxJsPolicyStatsCreationTime OBJECT-TYPESYNTAXTimeStampMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The creation timestamp of the policy statistics entry. The
timestamp is modified during the creation and deletion of the
policy statistics entry. When the timestamp changes, the policy
entry statistics is assumed to be a new statistics entry and not
associated with previous statistic entry of the same indices."::={ jnxJsPolicyStatsEntry 1}jnxJsPolicyStatsInputBytes OBJECT-TYPESYNTAXCounter64MAX-ACCESSread-onlySTATUScurrentDESCRIPTION
"The number of input bytes enters the FW through this policy."::={ jnxJsPolicyStatsEntry 2}jnxJsPolicyStatsInputByteRate OBJECT-TYPESYNTAXGauge32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of input bytes per second or the rate that enters the FW
through this policy."::={ jnxJsPolicyStatsEntry 3}jnxJsPolicyStatsOutputBytes OBJECT-TYPESYNTAXCounter64MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of output bytes associated with this policy."::={ jnxJsPolicyStatsEntry 4}jnxJsPolicyStatsOutputByteRate OBJECT-TYPESYNTAXGauge32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of output bytes per second or the rate associated
with this policy."::={ jnxJsPolicyStatsEntry 5}jnxJsPolicyStatsInputPackets OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of input packets enters the FW through this policy."::={ jnxJsPolicyStatsEntry 6}jnxJsPolicyStatsInputPacketRate OBJECT-TYPESYNTAXGauge32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of input packets per second or the input packet rate
of the FW through this policy."::={ jnxJsPolicyStatsEntry 7}jnxJsPolicyStatsOutputPackets OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of output packets associated with this policy."
::={ jnxJsPolicyStatsEntry 8}jnxJsPolicyStatsOutputPacketRate OBJECT-TYPESYNTAXGauge32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of output packets per second or the rate
associated with this policy."::={ jnxJsPolicyStatsEntry 9}jnxJsPolicyStatsNumSessions OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of sessions associated with this policy."::={ jnxJsPolicyStatsEntry 10}jnxJsPolicyStatsSessionRate OBJECT-TYPESYNTAXGauge32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The rate of the sessions associated with this policy."::={ jnxJsPolicyStatsEntry 11}
jnxJsPolicyStatsSessionDeleted OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of sessions associated with this policy."::={ jnxJsPolicyStatsEntry 12}jnxJsPolicyStatsLookups OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of policy lookups performed."::={ jnxJsPolicyStatsEntry 13}jnxJsPolicyStatsCountAlarm OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of alarm counted when the traffic exceeds
certain threshold configuration."::={ jnxJsPolicyStatsEntry 14}-- ***************************************************************
-- definition of access authentication related traps.-- FIX : To be implemented.-- ***************************************************************END