| cpsGlobalMaxSecureAddress |
.1.3.6.1.4.1.9.9.315.1.1.1 |
|
The maximum number of secure MAC addresses
allowed in the device.
|
| cpsGlobalTotalSecureAddress |
.1.3.6.1.4.1.9.9.315.1.1.2 |
|
The total number of MAC addresses secured
in the device.
|
| cpsGlobalPortSecurityEnable |
.1.3.6.1.4.1.9.9.315.1.1.3 |
|
The global control to enable or disable
port security feature on the device.
|
| cpsGlobalSNMPNotifRate |
.1.3.6.1.4.1.9.9.315.1.1.4 |
|
The global control to set the SNMP Notification
rate for port security feature. This object
specifies the rate at which SNMP Notifications
are generated when cpsIfViolationAction
selected is of the type 'dropNotify'.
A value of 0 indicates that an SNMP Notification
is generated for every security violation.
|
| cpsGlobalSNMPNotifControl |
.1.3.6.1.4.1.9.9.315.1.1.5 |
|
Set to 'true' to enable global SNMP Notification
for port security feature. Setting the object to
'false' will disable SNMP notifications even if
the cpsIfViolationAction is set to 'dropNotify'
on an interface. The default value is 'false'.
|
| cpsGlobalClearSecureMacAddresses |
.1.3.6.1.4.1.9.9.315.1.1.6 |
|
This objects allows the user to delete
secure MAC addresses based on the specified
type.
|
| cpsIfConfigEntry |
.1.3.6.1.4.1.9.9.315.1.2.1.1 |
|
Entry containing port security information for a
particular interface.
|
| cpsSecureMacAddressEntry |
.1.3.6.1.4.1.9.9.315.1.2.2.1 |
|
Entry containing secure MAC address
information for a particular interface.
A secure MAC address can be configured
by the user and can be added by the agent
when the device learns a new secured
MAC address.
Note that the secure MAC addresses can be
configured on an interface even if port
security feature is disabled.
|
| cpsIfVlanSecureMacAddrEntry |
.1.3.6.1.4.1.9.9.315.1.2.3.1 |
|
Entry containing secure MAC address
information for a particular interface.
A secure MAC address can be configured
by the user and can be added by the agent
when the device learns a new secure MAC address.
Note that the secure MAC addresses can be
configured on an interface even if the port
security feature is disabled.
|
| cpsIfVlanEntry |
.1.3.6.1.4.1.9.9.315.1.2.4.1 |
|
Entry containing port security information for
a particular VLAN within a trunk port.
|
| cpsIfPortSecurityEnable |
.1.3.6.1.4.1.9.9.315.1.2.1.1.1 |
|
Indicates whether the port security feature
is enabled on an interface. Upon setting this
object to 'true', the source MAC address that
does not match any cpsSecureMacAddress for the
given interface in cpsSecureMacAddressTable and
the value of cpsIfCurrentSecureMacAddrCount is
equal to cpsIfMaxSecureMacAddr, is considered
as port security violation and an action as
specified in cpsIfViolationAction is taken on
the interface. The value of this object has no
effect when the value of
cpsGlobalPortSecurityEnable is set to 'false'.
|
| cpsIfPortSecurityStatus |
.1.3.6.1.4.1.9.9.315.1.2.1.1.2 |
|
This object represents the operational status
of the port security feature on an interface.
secureup(1) - This indicates port security
is operational.
securedown(2) - This indicates port security is
not operational. This happens
when port security is configured
to be enabled but could not be
enabled due to certain reasons
such as conflict with other
features.
shutdown(3) - This indicates that the port is
shutdown due to port security
violation when the object
cpsIfViolationAction is of type
'shutdown'.
|
| cpsIfMaxSecureMacAddr |
.1.3.6.1.4.1.9.9.315.1.2.1.1.3 |
|
The maximum number (N) of MAC addresses to be
secured on the interface. The first N MAC
addresses learned or configured are made secured.
Changing this object value from N to M is not
allowed if M is smaller than N, and M is less
than the value of cpsIfCurrentSecureMacAddrCount
on the interface. One way to change the number in
this case is by deleting sufficient number of
secure mac addresses configured or learned on the
device. Also, sum of this object value for all the
interfaces is less than or equal to
cpsGlobalMaxSecureAddress.
|
| cpsIfCurrentSecureMacAddrCount |
.1.3.6.1.4.1.9.9.315.1.2.1.1.4 |
|
The current number of MAC addresses secured
on this interface.
|
| cpsIfSecureMacAddrAgingTime |
.1.3.6.1.4.1.9.9.315.1.2.1.1.5 |
|
The interval in which the interface is
secured. After the expiration of the
time, the corresponding cpsSecureMacAddressEntry
from the cpsSecureMacAddressTable will be
removed. If the value of this object is 0,
the aging mechanism is disabled.
|
| cpsIfSecureMacAddrAgingType |
.1.3.6.1.4.1.9.9.315.1.2.1.1.6 |
|
The aging type determines the way the
secure MAC addresses are aged out.
absolute(1) - all the secure MAC addresses
will be aged out after
cpsIfSecureMacAddrAgingTime
minutes since the time the
secure MAC address is learned
or configured.
inactivity(2) - all the secure MAC addresses
will age out and will be removed
from the cpsSecureMacAddressTable
only if there is no data traffic
from the secure source MAC address
for the specified time period.
|
| cpsIfStaticMacAddrAgingEnable |
.1.3.6.1.4.1.9.9.315.1.2.1.1.7 |
|
Indicates whether the secure MAC address aging
mechanism is enabled on static MAC address entries
in cpsSecureMacAddressTable.
Setting this object value to 'false' will cause
the static MAC addresses to remain in the
cpsSecureMacAddressTable regardless of the aging
time and type configured on the interface.
Setting this object value to 'true' will cause
the static MAC addresses to be aged out from
cpsSecureMacAddressTable according to the aging
time and type specified on the interface.
|
| cpsIfViolationAction |
.1.3.6.1.4.1.9.9.315.1.2.1.1.8 |
|
Determines the action that the device will
take if the traffic matches the port security
violation.
shutdown(1) - the interface will be forced to
shut down.
dropNotify(2) - the matched traffic will be
dropped and
cpsSecureMacAddrViolation
notification will be generated.
drop(3) - the matched traffic will be
dropped.
|
| cpsIfViolationCount |
.1.3.6.1.4.1.9.9.315.1.2.1.1.9 |
|
This object indicates the number of violations
occurred on a secure interface. The counter will
be initialized to zero when the port security
feature is enabled on an interface. This MIB
object is only instantiated if the device can
provide this violation statistics on the
interface.
|
| cpsIfSecureLastMacAddress |
.1.3.6.1.4.1.9.9.315.1.2.1.1.10 |
|
This object indicates the last secure MAC
address that is learned or configured on
this interface.
|
| cpsIfClearSecureAddresses |
.1.3.6.1.4.1.9.9.315.1.2.1.1.11 |
|
Set to 'true' to delete all secure addresses on
this interface. Setting this object to 'false'
has no effect. This object always returns 'false'
when read.
|
| cpsIfUnicastFloodingEnable |
.1.3.6.1.4.1.9.9.315.1.2.1.1.12 |
|
Setting this object to true(1) will configure
the interface not to block unicast flooded
traffic when the secure address count reaches the
threshold.
Setting this object to false(2) will configure
the interface to block unicast flooded traffic
when the secure address count reaches the
threshold.
|
| cpsIfShutdownTimeout |
.1.3.6.1.4.1.9.9.315.1.2.1.1.13 |
|
The interval in which the cpsIfPortSecurityStatus
may remain in shutdown(3). After the expiration of
the time, all the security configuration of this
port is re-installed and the port is enabled. If
the value of this object is 0, the port is shut
down permanently.
|
| cpsIfClearSecureMacAddresses |
.1.3.6.1.4.1.9.9.315.1.2.1.1.14 |
|
This objects allows the user to delete
secure MAC addresses based on the type specified.
|
| cpsIfStickyEnable |
.1.3.6.1.4.1.9.9.315.1.2.1.1.15 |
|
Set to 'true' to enable and 'false' to
disable Sticky port security feature on this
interface. Enabling this feature allows the
device to secure learned MAC addresses on this
interface permanently. In order to remove the
sticky addresses on this interface, user has to
manually delete the sticky MAC address(es) or
disable the sticky feature itself. Manual deletion
of all addresses can be accomplished by
cpsIfClearSecureMacAddresses object. Manual
of single address can be accomplished by
cpsIfVlanSecureMacAddrRowStatus object.
|
| cpsIfInvalidSrcRateLimitEnable |
.1.3.6.1.4.1.9.9.315.1.2.1.1.16 |
|
Set to 'true' to enable and 'false' to disable
rate limiting for invalid source MAC addresses
received on this interface. Enabling this feature
will help to rate limit packets which comes with
invalid src MAC address on this interface.
|
| cpsIfInvalidSrcRateLimitValue |
.1.3.6.1.4.1.9.9.315.1.2.1.1.17 |
|
If cpsIfInvalidSrcRateLimitEnable is set to
'true' then this value is used to limit the
rate at which packets with invalid source MAC
addresses are processed on this interface. Upon
exceeding the rate, the port is shutdown. If
cpsIfInvalidSrcRateLimitEnable is set to 'false'
then this value will be -1.
|
| cpsSecureMacAddress |
.1.3.6.1.4.1.9.9.315.1.2.2.1.1 |
|
This object indicates a secure MAC
address configured or learned on an
interface.
|
| cpsSecureMacAddrType |
.1.3.6.1.4.1.9.9.315.1.2.2.1.2 |
|
This object indicates if the secure MAC address
is a configured (static) or learned (dynamic)
address on this interface.
|
| cpsSecureMacAddrRemainingAge |
.1.3.6.1.4.1.9.9.315.1.2.2.1.3 |
|
This object indicates the remaining age
of the secure MAC address if aging is
enabled on that port. A value of 0 indicates
that aging is disabled for this MAC address
entry.
|
| cpsSecureMacAddrRowStatus |
.1.3.6.1.4.1.9.9.315.1.2.2.1.4 |
|
This object is a conceptual row entry that allows to add
or delete entries to or from the cpsSecureMacAddressTable.
1. When creating an entry in this table 'createAndGo'
method is used and the value of this object is set to
'active'. Deactivation of an 'active' entry is not
allowed.
2. When deleting an entry in this table 'destroy' method
is used.
|
| cpsIfVlanSecureMacAddress |
.1.3.6.1.4.1.9.9.315.1.2.3.1.1 |
|
This object indicates a secure MAC
address configured or learned on an
interface.
|
| cpsIfVlanSecureVlanIndex |
.1.3.6.1.4.1.9.9.315.1.2.3.1.2 |
|
This object indicates the vlan
configured on an interface.
|
| cpsIfVlanSecureMacAddrType |
.1.3.6.1.4.1.9.9.315.1.2.3.1.3 |
|
This object indicates if the secure MAC address
is a configured 'static' or learned 'dynamic' or
learned and retained across reboots 'sticky'.
|
| cpsIfVlanSecureMacAddrRemainAge |
.1.3.6.1.4.1.9.9.315.1.2.3.1.4 |
|
This object indicates the remaining age
of the secure MAC address if aging is
enabled on that port. A value of 0 indicates
that aging is disabled for this MAC address
entry.
|
| cpsIfVlanSecureMacAddrRowStatus |
.1.3.6.1.4.1.9.9.315.1.2.3.1.5 |
|
This object is a conceptual row entry that allows adding
or deleting entries to or from the
cpsIfVlanSecureMacAddressTable.
1. When creating an entry in this table the 'createAndGo'
method is used and the value of this object is set to
'active'. Deactivation of an 'active' entry is not
allowed.
2. When deleting an entry in this table 'destroy' method
is used.
|
| cpsIfVlanIndex |
.1.3.6.1.4.1.9.9.315.1.2.4.1.1 |
|
The ID of a VLAN within this trunk port.
|
| cpsIfVlanMaxSecureMacAddr |
.1.3.6.1.4.1.9.9.315.1.2.4.1.2 |
|
The maximum number of MAC addresses to
be secured in the VLAN indicated by
cpsIfVlanIndex on this interface.
If cpsIfVlanMaxSecureMacAddr is not set,
its value is 1.
If cpsIfVlanMaxSecureMacAddr is not set, then
the cpsIfMaxSecureMacAddr applies to this
VLAN.
If cpsIfVlanMaxSecureMacAddr is set
and is less than cpsIfMaxSecureMacAddr, then
the cpsIfVlanMaxSecureMacAddr applies to this
VLAN.
If cpsIfVlanMaxSecureMacAddr is set
and is greater than cpsIfMaxSecureMacAddr, then
the cpsIfMaxSecureMacAddr applies to this
VLAN.
|
| cpsIfVlanCurSecureMacAddrCount |
.1.3.6.1.4.1.9.9.315.1.2.4.1.3 |
|
The current number of MAC addresses secured
in the VLAN indicated by cpsIfVlanIndex on this
interface.
|
| cpsGlobalGroup |
.1.3.6.1.4.1.9.9.315.2.2.1 |
|
A collection of objects for use with the Port
Security feature.
|
| cpsInterfaceGroup |
.1.3.6.1.4.1.9.9.315.2.2.2 |
|
********* THIS GROUP IS DEPRECATED **********
A collection of objects for use with the Port
Security feature.
|
| cpsExtInterfaceGroup |
.1.3.6.1.4.1.9.9.315.2.2.3 |
|
A collection of objects providing the additional
information for the Port Security feature.
|
| cpsNotificationGroup |
.1.3.6.1.4.1.9.9.315.2.2.4 |
|
A collection of notifications for use
with the Port Security feature.
|
| cpsExtConfigInterfaceGroup |
.1.3.6.1.4.1.9.9.315.2.2.10 |
|
********* THIS GROUP IS DEPRECATED **********
A collection of objects providing the additional
information for the Port Security feature.
|
| cpsInterfaceGroup1 |
.1.3.6.1.4.1.9.9.315.2.2.9 |
|
********* THIS GROUP IS DEPRECATED **********
A collection of objects for use with the Port
Security configuration.
|
| cpsIfVlanSecureMacAddrGroup |
.1.3.6.1.4.1.9.9.315.2.2.8 |
|
A collection of objects for use with the Port
Security feature.
|
| cpsUnicastFloodingInterfaceGroup |
.1.3.6.1.4.1.9.9.315.2.2.5 |
|
A collection of objects providing the
unicast flooding information for the
Port Security feature.
|
| cpsShutdownTimeoutInterfaceGroup |
.1.3.6.1.4.1.9.9.315.2.2.6 |
|
A collection of objects providing the
shutdown timeout information for the
Port Security feature.
|
| cpsInterfaceGroup2 |
.1.3.6.1.4.1.9.9.315.2.2.13 |
|
A collection of objects for use with the Port
Security configuration.
|
| cpsIfVlanGroup |
.1.3.6.1.4.1.9.9.315.2.2.11 |
|
A collection of objects providing additional trunk
VLAN information for the Port Security feature on a
given interface.
|
| cpsGlobalClearAddressGroup |
.1.3.6.1.4.1.9.9.315.2.2.12 |
|
A collection of objects for clearing addresses
on the device.
|
