CISCO-IPSEC-FLOW-MONITOR-MIB

This is a MIB Module for monitoring the structures in IPSec-based Virtual Private Networks. The MIB has been designed to be adop...

  • Organization:

    Tivoli Systems and Cisco Systems

  • Module:

    CISCO-IPSEC-FLOW-MONITOR-MIB

  • Version:

    2007-10-24

  • File:

    CISCO-IPSEC-FLOW-MONITOR-MIB.yang

  • Abstract:

    This is a MIB Module for monitoring the structures in IPSec-based Virtual Private Networks. The MIB has been designed to be adop...

  • Contact:

    Tivoli Systems
    Research Triangle Park, NC

    Cisco Systems
    170 W Tasman Drive
    San Jose, CA 95134
    USA

    Tel: +1 800 553-NETS
    E-mail: cs-ipsecurity@cisco.com

  • Check for an additional details:

    YANG Catalog

  • Description:

    This is a MIB Module for monitoring the
    structures in IPSec-based Virtual Private Networks.
    The MIB has been designed to be adopted as an IETF
    standard. Hence Cisco-specific features of IPSec
    protocol are excluded from this MIB.

    Acronyms
    The following acronyms are used in this document:

    IPSec: Secure IP Protocol

    VPN: Virtual Private Network

    ISAKMP: Internet Security Association and Key Exchange
    Protocol

    IKE: Internet Key Exchange Protocol

    SA: Security Association

    MM: Main Mode - the process of setting up
    a Phase 1 SA to secure the exchanges
    required to setup Phase 2 SAs

    QM: Quick Mode - the process of setting up
    Phase 2 Security Associations using
    a Phase 1 SA.


    Overview of IPsec MIB

    The MIB contains six major groups of objects which are
    used to manage the IPSec Protocol. These groups include
    a Levels Group, a Phase-1 Group, a Phase-2 Group,
    a History Group, a Failure Group and a TRAP Control Group.
    The following table illustrates the structure of the
    IPSec MIB.

    The Phase 1 group models objects pertaining to
    IKE negotiations and tunnels.

    The Phase 2 group models objects pertaining to
    IPSec data tunnels.

    The History group is to aid applications that do
    trending analysis.

    The Failure group is to enable an operator to
    do troubleshooting and debugging of the VPN Router.
    Further, counters are supported to aid Intrusion
    Detection.

    In addition to the five major MIB Groups, there are
    a number of Notifications. The following table
    illustrates the name and description of the
    IPSec TRAPs.

    For a detailed discussion, please refer to the IETF
    draft draft-ietf-ipsec-flow-monitoring-mib-00.txt.

© 2023 YumaWorks, Inc. All rights reserved.