| cspGcVersion |
.1.3.6.1.4.1.9.9.370.1.1.1 |
|
The version information of the SSL proxy device, for
display only.
|
| cspGcFIPSMode |
.1.3.6.1.4.1.9.9.370.1.1.2 |
|
An indication of whether or not the proxy device is
operating in FIPS (Federal Information Processing
Standards) approved mode.
If 'true', the proxy device is operating in FIPS mode.
When the device operates in FIPS mode, only approved
cryptographic algorithms and key strengths are enabled.
Authentication and other security requirements of FIPS
will also be enforced in this mode.
|
| cspGcRSArc4128md5 |
.1.3.6.1.4.1.9.9.370.1.1.3 |
|
An indication of whether or not the proxy device
supports the cipher suite RSA_WITH_RC4_128_MD5.
If 'true', the cipher suite is supported.
|
| cspGcRSArc4128sha |
.1.3.6.1.4.1.9.9.370.1.1.4 |
|
An indication of whether or not the proxy device
supports the cipher suite RSA_WITH_RC4_128_SHA.
If 'true', the cipher suite is supported.
|
| cspGcRSAdescbcsha |
.1.3.6.1.4.1.9.9.370.1.1.5 |
|
An indication of whether or not the proxy device
supports the cipher suite RSA_WITH_DES_CBC_SHA.
If 'true', the cipher suite is supported.
|
| cspGcRSA3descbcsha |
.1.3.6.1.4.1.9.9.370.1.1.6 |
|
An indication of whether or not the proxy device
supports the cipher suite RSA_WITH_3DES_EDE_CBC_SHA.
If 'true', the cipher suite is supported.
|
| cspGcNotifyProxyServOperStatus |
.1.3.6.1.4.1.9.9.370.1.1.7 |
|
An indication of whether or not a cspServOperStatus
notification should be issued when the operation
status of proxy services changes.
If such a notification is desired, it is the
responsibility of the management entity to ensure that
the SNMP administrative model is configured in such a
way as to allow the notification to be delivered.
|
| cspGcNotifyPSCertExpiring |
.1.3.6.1.4.1.9.9.370.1.1.8 |
|
An indication of whether or not a cspServCertExpiring
notification should be issued when a proxy service
certificate will be expiring in the configured time
interval cspGcPSCertExpireInterval.
If such a notification is desired, it is the
responsibility of the management entity to ensure that
the SNMP administrative model is configured in such a
way as to allow the notification to be delivered.
|
| cspGcPSCertExpireInterval |
.1.3.6.1.4.1.9.9.370.1.1.9 |
|
The proxy service certificate expiration time interval,
used to determine when the cspServCertExpiring
notification should be issued if
cspGcNotifyPSCertExpiring is 'true'.
If this time interval is 0, no proxy service
certification expiration will be checked.
|
| cspPsEntry |
.1.3.6.1.4.1.9.9.370.1.2.1.1 |
|
The proxy service configuration entry.
Each entry indicates the name and the index of a proxy
service, and a set of configuration parameters to be
applied on this proxy service.
A unique name can be assigned to each proxy service.
Optionally, multiple proxy services can be grouped into
a proxy list. All the services in a list have the
same name, and each service is assigned a unique index
within the list.
Each proxy service has a virtual and a server address.
This entry reports the address and port configuration,
and the administrative and operational statuses of each
proxy service. If a service is not operational, the
reason for its being 'down' is also reported.
|
| cspPsPolicyEntry |
.1.3.6.1.4.1.9.9.370.1.3.1.1 |
|
The proxy service policy entry. Each proxy service
policy entry contains the name of each type of policy
configured for the proxy service.
A policy is a set of configuration parameters and rules
to observe for implementing a protocol or an operation.
One or more of the following policies can be configured
for a proxy service:
TCP protocol policy for virtual connections,
TCP protocol policy for server connections,
SSL protocol policy,
HTTP header insertion policy, and
URL rewrite policy.
|
| cspPsKeyCertEntry |
.1.3.6.1.4.1.9.9.370.1.4.1.1 |
|
The proxy service key and certificate configuration
entry. This entry specifies the key usage, optionally
the trust point name, the certificate and the key file
names, the key size and time of generation or import,
and some important attributes of the certificate.
|
| cspTcpPolicyEntry |
.1.3.6.1.4.1.9.9.370.1.5.1.1 |
|
TCP Policy configuration entry. Each entry defines
a set of TCP protocol parameters. A policy can be
applied to one or more proxy services.
|
| cspSslPolicyEntry |
.1.3.6.1.4.1.9.9.370.1.6.1.1 |
|
A SSL policy defines a set of cipher suites to be
supported, and the SSL or TLS protocol parameters.
Each policy can be assigned to one or more proxy
services.
If no SSL policy is assigned to a proxy service, all
supported cipher suites and all protocol versions
will be enabled by default.
|
| cspTcpCountersClearTime |
.1.3.6.1.4.1.9.9.370.1.7.1 |
|
The last time when the TCP counters were cleared.
If the proxy device does not allow these counters to be
cleared, the timestamp should have a value of zero.
|
| cspTcConnInit |
.1.3.6.1.4.1.9.9.370.1.8.1 |
|
The total number of TCP connections initiated by the
proxy device.
|
| cspTcConnAccept |
.1.3.6.1.4.1.9.9.370.1.8.2 |
|
The total number of TCP connections accepted by the
proxy device.
|
| cspTcConnEstab |
.1.3.6.1.4.1.9.9.370.1.8.3 |
|
The total number of TCP connections established.
|
| cspTcConnDrop |
.1.3.6.1.4.1.9.9.370.1.8.4 |
|
The total number of TCP connections dropped.
|
| cspTcConnClosed |
.1.3.6.1.4.1.9.9.370.1.8.5 |
|
The total number of TCP connections closed.
|
| cspTcSynTimeOuts |
.1.3.6.1.4.1.9.9.370.1.8.6 |
|
The total number of SYN timeouts.
|
| cspTcIdleTimeOuts |
.1.3.6.1.4.1.9.9.370.1.8.7 |
|
The total number of idle timeouts.
|
| cspTcTotalPktSent |
.1.3.6.1.4.1.9.9.370.1.8.8 |
|
The total number of TCP packets sent.
|
| cspTcDataPktSent |
.1.3.6.1.4.1.9.9.370.1.8.9 |
|
The total number of TCP data packets sent.
|
| cspTcDataByteSent |
.1.3.6.1.4.1.9.9.370.1.8.10 |
|
The total amount of data sent.
|
| cspTcTotalPktRcv |
.1.3.6.1.4.1.9.9.370.1.8.11 |
|
The total number of TCP packets received.
|
| cspTcPktRcvSeq |
.1.3.6.1.4.1.9.9.370.1.8.12 |
|
The total number of TCP data packets received in
sequence.
|
| cspTcByteRcvSeq |
.1.3.6.1.4.1.9.9.370.1.8.13 |
|
The total amount of data received in sequence.
|
| cspSslCountersClearTime |
.1.3.6.1.4.1.9.9.370.1.9.1 |
|
The last time when the SSL counters were cleared.
If the proxy device does not allow these counters to be
cleared, the timestamp should have a value of zero.
|
| cspScConnAttempt |
.1.3.6.1.4.1.9.9.370.1.10.1 |
|
The total number of SSL connections attempted.
|
| cspScConnComplete |
.1.3.6.1.4.1.9.9.370.1.10.2 |
|
The total number of SSL connections completed.
|
| cspScConnInHandShake |
.1.3.6.1.4.1.9.9.370.1.10.3 |
|
The number of SSL connections currently in handshake
phase.
|
| cspScConnInDataPhase |
.1.3.6.1.4.1.9.9.370.1.10.4 |
|
The number of SSL connections currently in data phase.
|
| cspScRenegAttempt |
.1.3.6.1.4.1.9.9.370.1.10.5 |
|
The total number of SSL renegotiations attempted.
|
| cspScConnInReneg |
.1.3.6.1.4.1.9.9.370.1.10.6 |
|
The number of SSL connections currently in
renegotiation phase
|
| cspScActiveSessions |
.1.3.6.1.4.1.9.9.370.1.10.7 |
|
The number of active SSL sessions. This number
indicates the number of valid session entries in
the session cache.
|
| cspScMaxHandShakeConns |
.1.3.6.1.4.1.9.9.370.1.10.8 |
|
This indicates the maximum number of connections
present in handshake phase at any point of time
|
| cspScCurrDeviceQLen |
.1.3.6.1.4.1.9.9.370.1.10.9 |
|
The current device queue length. Indicates the number
of requests pending with the device.
|
| cspScMaxDeviceQLen |
.1.3.6.1.4.1.9.9.370.1.10.10 |
|
The maximum device queue length recorded. Indicates
the maximum number of requests queued to the device
at any point of time.
|
| cspScSessionReuses |
.1.3.6.1.4.1.9.9.370.1.10.11 |
|
The number of session reuses. Indicates the number
of times the sessions got reused before the session
timer expired.
|
| cspS3cFullHandShake |
.1.3.6.1.4.1.9.9.370.1.11.1 |
|
The total number of full SSL 3.0 handshakes completed.
|
| cspS3cResumedHandShake |
.1.3.6.1.4.1.9.9.370.1.11.2 |
|
The total number of SSL 3.0 resumed handshakes
completed.
|
| cspS3cHandShakeFailed |
.1.3.6.1.4.1.9.9.370.1.11.3 |
|
The total number of SSL 3.0 connections failed in
handshake phase.
|
| cspS3cDataFailed |
.1.3.6.1.4.1.9.9.370.1.11.4 |
|
The total number of SSL 3.0 sessions failed in
data phase.
|
| cspS3cBadMacRcvd |
.1.3.6.1.4.1.9.9.370.1.11.5 |
|
The total number of received SSL 3.0 records
which have bad MAC (Message Authentication Code).
|
| cspS3cPadErrors |
.1.3.6.1.4.1.9.9.370.1.11.6 |
|
The total number of received SSL 3.0 records
which have pad errors.
|
| cspS3cRSArc4128md5 |
.1.3.6.1.4.1.9.9.370.1.11.7 |
|
The total number of SSL 3.0 connections which used
cipher suite RSA_WITH_RC4_128_MD5.
|
| cspS3cRSArc4128sha |
.1.3.6.1.4.1.9.9.370.1.11.8 |
|
The total number of SSL 3.0 connections which used
cipher suite RSA_WITH_RC4_128_SHA.
|
| cspS3cRSAdescbcsha |
.1.3.6.1.4.1.9.9.370.1.11.9 |
|
The total number of SSL 3.0 connections which used
cipher suite RSA_WITH_DES_CBC_SHA.
|
| cspS3cRSA3desedecbcsha |
.1.3.6.1.4.1.9.9.370.1.11.10 |
|
The total number of SSL 3.0 connections which used
cipher suite RSA_WITH_3DES_EDE_CBC_SHA.
|
| cspTlcFullHandShake |
.1.3.6.1.4.1.9.9.370.1.12.1 |
|
The total number of full TLS 1.0 handshakes completed.
|
| cspTlcResumedHandShake |
.1.3.6.1.4.1.9.9.370.1.12.2 |
|
The total number of resumed TLS 1.0 handshakes
completed.
|
| cspTlcHandShakeFailed |
.1.3.6.1.4.1.9.9.370.1.12.3 |
|
The total number of TLS 1.0 connections failed in
handshake phase.
|
| cspTlcDataFailed |
.1.3.6.1.4.1.9.9.370.1.12.4 |
|
The total number of TLS 1.0 connections failed in
data phase.
|
| cspTlcBadMacRcvd |
.1.3.6.1.4.1.9.9.370.1.12.5 |
|
The total number of received TLS 1.0 records
which have bad MAC (Message Authentication Code.
|
| cspTlcPadErrors |
.1.3.6.1.4.1.9.9.370.1.12.6 |
|
The total number of received TLS 1.0 records
which have pad errors.
|
| cspTlcRSArc4128md5 |
.1.3.6.1.4.1.9.9.370.1.12.7 |
|
The total number of TLS 1.0 connections which used
the cipher suite RSA_WITH_RC4_128_MD5.
|
| cspTlcRSArc4128sha |
.1.3.6.1.4.1.9.9.370.1.12.8 |
|
The total number of TLS 1.0 connections which used
the cipher suite RSA_WITH_RC4_128_SHA.
|
| cspTlcRSAdescbcsha |
.1.3.6.1.4.1.9.9.370.1.12.9 |
|
The total number of TLS 1.0 connections which used
the cipher suite RSA_WITH_DES_CBC_SHA.
|
| cspTlcRSA3desedecbcsha |
.1.3.6.1.4.1.9.9.370.1.12.10 |
|
The total number of TLS 1.0 connections which used
the cipher suite RSA_WITH_3DES_EDE_CBC_SHA.
|
| cspSccBlksEncrypted |
.1.3.6.1.4.1.9.9.370.1.13.1 |
|
The total number of data blocks that got encrypted.
|
| cspSccBlksDecrypted |
.1.3.6.1.4.1.9.9.370.1.13.2 |
|
The total number of data blocks that got decrypted.
|
| cspSccBytesEncrypted |
.1.3.6.1.4.1.9.9.370.1.13.3 |
|
The total number of bytes that got encrypted.
|
| cspSccBytesDecrypted |
.1.3.6.1.4.1.9.9.370.1.13.4 |
|
The total number of bytes that got decrypted.
|
| cspSccPublicKeyOpers |
.1.3.6.1.4.1.9.9.370.1.13.5 |
|
The total number of RSA public key operations
performed.
|
| cspSccPrivateKeyOpers |
.1.3.6.1.4.1.9.9.370.1.13.6 |
|
The total number of RSA private key operations
performed.
|
| cspSccCryptoFails |
.1.3.6.1.4.1.9.9.370.1.13.7 |
|
The total number of failed cryptographic operations.
|
| cspSccDmaErrors |
.1.3.6.1.4.1.9.9.370.1.13.8 |
|
The total number of cryptographic device DMA errors.
|
| cspSecSessAllocFailed |
.1.3.6.1.4.1.9.9.370.1.14.1 |
|
The total number of times SSL session could not
be allocated.
|
| cspSecSessLimitExceed |
.1.3.6.1.4.1.9.9.370.1.14.2 |
|
The total number of times configured SSL session
limit got exceeded. The new connections will be
rejected if the session limit is exceeded.
|
| cspSecHShakeInitFailed |
.1.3.6.1.4.1.9.9.370.1.14.3 |
|
The total number of times SSL connections failed
even before the handshake phase got started. This
typically indicates that there is some connectivity
problem with the server.
|
| cspSecRenegFailed |
.1.3.6.1.4.1.9.9.370.1.14.4 |
|
The total number of times SSL renegotiation failed.
|
| cspSecFatalAlertsRcvd |
.1.3.6.1.4.1.9.9.370.1.14.5 |
|
The total number of fatal alerts received.
|
| cspSecFatalAlertsSent |
.1.3.6.1.4.1.9.9.370.1.14.6 |
|
The total number of fatal alerts sent.
|
| cspSecNoCipherAlerts |
.1.3.6.1.4.1.9.9.370.1.14.7 |
|
The total number of ALERT_HANDSHAKE_FAIL alerts sent
due to unsupported cipher suites.
|
| cspSecVerMismatchAlerts |
.1.3.6.1.4.1.9.9.370.1.14.8 |
|
The total number of ALERT_PROTOCOL_VERSION alerts
sent due to unsupported version number.
|
| cspSecNoComprsnAlerts |
.1.3.6.1.4.1.9.9.370.1.14.9 |
|
The total number of ALERT_HANDSHAKE_FAIL alerts sent
due to unsupported compression scheme.
|
| cspSecHShakeHndleMemFail |
.1.3.6.1.4.1.9.9.370.1.14.10 |
|
The total number of handshake handle memory allocation
failure.
|
| cspSecStalePakDrop |
.1.3.6.1.4.1.9.9.370.1.14.11 |
|
The total number of stale packets dropped. Indicates
the number of packets received after the SSL connection
is torn down.
|
| cspSecServiceIdDiscard |
.1.3.6.1.4.1.9.9.370.1.14.12 |
|
The total number of connections rejected because of
invalid service identifiers.
|
| cspSecHShakeLimitExceed |
.1.3.6.1.4.1.9.9.370.1.14.13 |
|
The total number of times simultaneous handshake
connection exceeded the capacity. The new connections
will be rejected if the total number of simultaneous
handshake connections exceeds the limit.
|
| cspSecDevConnCtxtFail |
.1.3.6.1.4.1.9.9.370.1.14.14 |
|
The total number of times device context could not
be allocated.
|
| cspSecMemAllocFailed |
.1.3.6.1.4.1.9.9.370.1.14.15 |
|
The total number of times memory allocation failed.
|
| cspSecBuffAllocFailed |
.1.3.6.1.4.1.9.9.370.1.14.16 |
|
The total number of times buffer allocation failed.
|
| cspSecAlertSendFailed |
.1.3.6.1.4.1.9.9.370.1.14.17 |
|
The total number of failure to send alerts. This is
typically because of the memory allocation failure.
|
| cspSecOverloadDropped |
.1.3.6.1.4.1.9.9.370.1.14.18 |
|
The total number of connections rejected because
of overload conditions. This indicates that the
incoming rate is higher than what can be handled.
|
| cspSecConnAborted |
.1.3.6.1.4.1.9.9.370.1.14.19 |
|
The total number of SSL connections aborted.
|
| cspPsCounterEntry |
.1.3.6.1.4.1.9.9.370.1.15.1.1 |
|
The proxy service global counter entry. Each entry
displays the global SSL counters collected for a proxy
service.
|
| cspPsSsl3CounterEntry |
.1.3.6.1.4.1.9.9.370.1.16.1.1 |
|
The proxy service SSL 3.0 counter entry. This entry
reports the counters collected about the SSL 3.0
protocol for each proxy service.
|
| cspPsTls1CounterEntry |
.1.3.6.1.4.1.9.9.370.1.17.1.1 |
|
The proxy service TLS 1.0 counter entry. This entry
displays counters collected about the TLS 1.0 protocol
for each proxy service.
|
| cspCpuStatusEntry |
.1.3.6.1.4.1.9.9.370.1.18.1.1 |
|
The CPU status information entry. Each entry displays
the operational status and usage information about one
CPU on the proxy device. A proxy device can have one
or more CPU's.
|
| cspPsName |
.1.3.6.1.4.1.9.9.370.1.2.1.1.1 |
|
The name of a proxy service. A unique name string
can be assigned to one proxy service or a list of
proxy services.
When the name is assigned to a list of proxy services,
each proxy service is identified by a unique index
within the list.
|
| cspPsListIndex |
.1.3.6.1.4.1.9.9.370.1.2.1.1.2 |
|
The unique index of a proxy service within a list.
If the cspPsName string is assigned to a list of
proxy services, this index is used to identify
a proxy service within the list.
If the cspPsName string is unique per proxy service,
this index is not used, and the value shall be 0.
|
| cspPsServiceType |
.1.3.6.1.4.1.9.9.370.1.2.1.1.3 |
|
The type of proxy service: 'server(1)' or 'client(2)'.
When servicing a 'server' type proxy service, the proxy
device acts as a SSL server. It terminates the SSL
handshake initiated by a SSL client, and forwards the
data sent from the client to the destination.
When servicing a 'client' type proxy service, the proxy
device acts as a SSL client. It initiates a SSL
handshake to a SSL server, and forwards data sent from
one or more data sources to the SSL server.
|
| cspPsVirtualAddressType |
.1.3.6.1.4.1.9.9.370.1.2.1.1.4 |
|
An indication of the type of address contained in
cspPsVirtualAddress.
|
| cspPsVirtualAddress |
.1.3.6.1.4.1.9.9.370.1.2.1.1.5 |
|
The virtual address. This address is used by the data
source to send data that can be received by the proxy
device and forwarded to the destination.
|
| cspPsVirtualPort |
.1.3.6.1.4.1.9.9.370.1.2.1.1.6 |
|
The virtual TCP port number. This port number is used
by the data source to send data that can be received
by the proxy device and forwarded to the destination.
|
| cspPsServerAddressType |
.1.3.6.1.4.1.9.9.370.1.2.1.1.7 |
|
An indication of the type of address contained in
cspPsServerAddress.
|
| cspPsServerAddress |
.1.3.6.1.4.1.9.9.370.1.2.1.1.8 |
|
The server address. This address is used by the proxy
device to send or forward data to the destination.
|
| cspPsServerPort |
.1.3.6.1.4.1.9.9.370.1.2.1.1.9 |
|
The server TCP port number. This port number is used
by the proxy device to send or forward data to the
destination.
|
| cspPsAdminStatus |
.1.3.6.1.4.1.9.9.370.1.2.1.1.10 |
|
The administrative status of the proxy service.
Each proxy service can be configured to be
administratively 'up' or 'down'. If the Adminstrative
Status is 'down', the service will not be operational.
|
| cspPsOperStatus |
.1.3.6.1.4.1.9.9.370.1.2.1.1.11 |
|
The operational status of a proxy service. For a
proxy service to be operational, its administrative
status needs to be 'up'.
If the administrative status is 'up', the
operational status will be changed from 'down' to
'up' automatically once all the required configuration
parameters and resources, including necessary keys and
certificates, become available.
If one or more required resources are removed (e.g.
the certificate has expired), the operational status
will be changed to 'down' automatically.
|
| cspPsOperDownReason |
.1.3.6.1.4.1.9.9.370.1.2.1.1.12 |
|
The reason for the operational status to be 'down'.
Possible values are:
other(1) : Unknown or undefined reason,
notApplicable(2) : Administratively 'down',
noConnectivity(3) : No Connectivity to the client,
the server, or the gateway,
noVirtualAddr(4) : Virtual Address not configured,
noServerAddr(5) : Server Address not configured,
noCert(6) : Certificate configured, but
invalid or missing,
certNotConfigured(7): Certificate not configured.
|
| cspPsConfigRowStatus |
.1.3.6.1.4.1.9.9.370.1.2.1.1.13 |
|
The conceptual row status of the proxy service
configuration entry.
An entry cannot have the status 'active' until values
have been assigned to the following objects:
cspPsVirtualAddress,
cspPsVirtualPort,
cspPsServerAddress and
cspPsServerPort.
This entry can be modified when the status is 'active'.
|
| cspPspVirTcpPolicyName |
.1.3.6.1.4.1.9.9.370.1.3.1.1.1 |
|
The name of the TCP protocol policy configured for
the virtual side connections. If no TCP policy is
configured, the name will be a NULL string.
|
| cspPspSerTcpPolicyName |
.1.3.6.1.4.1.9.9.370.1.3.1.1.2 |
|
The name of the TCP protocol policy configured for
the server side connections. If no TCP policy is
configured, the name will be a NULL string.
|
| cspPspSslPolicyName |
.1.3.6.1.4.1.9.9.370.1.3.1.1.3 |
|
The name of the SSL protocol policy configured for
the SSL handshake and data encryption and decryption.
If no SSL policy is configured, the name will be a NULL
string.
|
| cspPspHttpHdrPolicyName |
.1.3.6.1.4.1.9.9.370.1.3.1.1.4 |
|
The name of the HTTP header insertion policy. A number
of fields can be inserted into the HTTP headers when
the proxy service is forwarding data. The policy
specifies the header insertion parameters. If no policy
is configured, the name will be a NULL string.
|
| cspPspUrlRewritePolicyName |
.1.3.6.1.4.1.9.9.370.1.3.1.1.5 |
|
The name of the URL rewrite policy. The policy
specifies configuration parameters for rewriting URLs
in HTTP headers and payload. If no policy is configured,
the name will be a NULL string.
|
| cspPskcKeyUsage |
.1.3.6.1.4.1.9.9.370.1.4.1.1.1 |
|
An indication of the usage of a key assigned to a
proxy service. Each proxy service can be assigned one
or more keys.
The key can be used for signing only, for data
encryption and decryption only, or for general purpose
(that is, it can be used for both signing and data
encryption and decryption).
The following values are defined:
rsaSigning(1) : RSA key used for signing only,
rsaEncryption(2) : RSA key used for data encryption
and decryption only,
rsaGeneralPurpose(3): RSA key used for both signing and
data encryption and decryption.
|
| cspPskcTrustPointName |
.1.3.6.1.4.1.9.9.370.1.4.1.1.2 |
|
The name of a trust point assigned to the proxy
service. The trust point contains information that
can be used for certificate enrollment or for importing
keys and certificates.
A trust point may also contain identifying information
about keys and certificates, and the path and the
protocol to be used for the proxy device to
communicate with a Certificate Authority which
issues certificates for the proxy service.
If no trust point is assigned to the proxy service,
the name will be a NULL string.
|
| cspPskcCertFileName |
.1.3.6.1.4.1.9.9.370.1.4.1.1.3 |
|
The name of the file storing the certificate. If
there is no such file, the name will be a NULL string.
|
| cspPskcKeyName |
.1.3.6.1.4.1.9.9.370.1.4.1.1.4 |
|
The name of a key assigned to the proxy service.
If there is no key assigned, the name will be a NULL
string. If the key is stored in a file, the file name
may be used to identify the key, and this name will be
a NULL string.
|
| cspPskcKeyFileName |
.1.3.6.1.4.1.9.9.370.1.4.1.1.5 |
|
The name of the file storing the key. If there is no
such file, the name will be a NULL string.
|
| cspPskcKeySize |
.1.3.6.1.4.1.9.9.370.1.4.1.1.6 |
|
The size of the key.
The following modulus sizes are defined for RSA keys:
512-bit, 768-bit, 1024-bit, 1536-bit and 2048-bit.
|
| cspPskcKeyTime |
.1.3.6.1.4.1.9.9.370.1.4.1.1.7 |
|
The time of generation of the key, if known. If the key
is imported to the proxy device, this time can indicate
the time of import if the time of generation is unknown.
If the time is not known, this will be a NULL string.
|
| cspPskcCertStatus |
.1.3.6.1.4.1.9.9.370.1.4.1.1.8 |
|
The status of the certificate that is used to publish
the public key.
The following values are defined:
Valid(1) : Certificate is valid,
Expired(2) : Certificate has expired,
Rolling Over(3): Certificate is being renewed.
Whether or not an expired certificate can be used for
the proxy service is implementation specific.
|
| cspPskcCertSubjName |
.1.3.6.1.4.1.9.9.370.1.4.1.1.9 |
|
The subject name of the certificate assigned to the
proxy service. If there is no subject name on the
certificate, this will be a NULL string.
|
| cspPskcCertSerialNum |
.1.3.6.1.4.1.9.9.370.1.4.1.1.10 |
|
The serial number of the certificate assigned to the
proxy service. If there is no serial number on the
certificate, this will be a NULL string.
|
| cspPskcIssuerName |
.1.3.6.1.4.1.9.9.370.1.4.1.1.11 |
|
The issuer name of the certificate assigned to the
proxy service. If the issuer name of the certificate is
not known, this will be a NULL string.
|
| cspPskcIssuerCertSerialNum |
.1.3.6.1.4.1.9.9.370.1.4.1.1.12 |
|
The serial number of the issuer's certificate.
If the serial number of the issuer's certificate is not
known, this will be a NULL string.
|
| cspPskcCertStartDate |
.1.3.6.1.4.1.9.9.370.1.4.1.1.13 |
|
The time when the certificate starts to be valid,
corresponding to the notBefore time on the certificate.
|
| cspPskcCertEndDate |
.1.3.6.1.4.1.9.9.370.1.4.1.1.14 |
|
The time when the certificate validity ends,
corresponding to the notAfter time on the certificate.
|
| cspPskcConfigRowStatus |
.1.3.6.1.4.1.9.9.370.1.4.1.1.15 |
|
The conceptual row status of the proxy service key and
certificate configuration entry. This entry can be
modified when the status is 'active'.
|
| cspTpPolicyName |
.1.3.6.1.4.1.9.9.370.1.5.1.1.1 |
|
The unique name of a TCP policy.
|
| cspTpSynTimeOut |
.1.3.6.1.4.1.9.9.370.1.5.1.1.2 |
|
The TCP connection SYN timeout value. This is the
amount of time the SSL proxy waits before failing the
connection establishment attempt.
|
| cspTpInActivityTimeOut |
.1.3.6.1.4.1.9.9.370.1.5.1.1.3 |
|
The TCP connection inactivity timeout value. This is
the amount of time the SSL proxy waits for the next
packet to arrive on a TCP connection, if no packet is
received within this period then the connection is
considered to be inactive and aborted.
|
| cspTpNagleAlgo |
.1.3.6.1.4.1.9.9.370.1.5.1.1.4 |
|
If 'true', the Nagle Algorithm is enabled during the
SSL or TLS data phase to concatenate a number of small
messages to avoid sending small messages into the
network.
|
| cspTpFinWaitTimeOut |
.1.3.6.1.4.1.9.9.370.1.5.1.1.5 |
|
The TCP connection FIN-WAIT2 state timeout value.
This is the amount of time the SSL proxy waits
for a FIN from the peer after it has initiated close
and is in FIN-WAIT2 state.
|
| cspTpReassemTimeOut |
.1.3.6.1.4.1.9.9.370.1.5.1.1.6 |
|
The TCP connection reassembly timeout value. This is
the amount of time the SSL proxy waits during the TCP
out of order traffic reassembly process for the next
expected in sequence segment to arrive.
|
| cspTpRcvBufShrLim |
.1.3.6.1.4.1.9.9.370.1.5.1.1.7 |
|
The receive buffer share limit per connection. This
is used by SSL proxy to calculate the maximum window
to advertise during the 3 way handshake, and is also
the maximum share of the receive buffer pool that
would be allocated for this connection.
|
| cspTpTransBufShrLim |
.1.3.6.1.4.1.9.9.370.1.5.1.1.8 |
|
The transmit buffer share limit per connection. This
is the maximum share of the send buffer pool that
would be allocated for this connection.
|
| cspTpMss |
.1.3.6.1.4.1.9.9.370.1.5.1.1.9 |
|
The TCP maximum segment size. This is the MSS value
offered by the SSL proxy during 3-way handshake
|
| cspTpPathMtuDisc |
.1.3.6.1.4.1.9.9.370.1.5.1.1.10 |
|
If 'true', the Path MTU Discovery algorithm is
enabled.
|
| cspTpConfigRowStatus |
.1.3.6.1.4.1.9.9.370.1.5.1.1.11 |
|
The conceptual row status of the TCP policy
configuration entry. This entry can be modified when
the status is 'active'.
|
| cspSpPolicyName |
.1.3.6.1.4.1.9.9.370.1.6.1.1.1 |
|
The unique name of a SSL protocol policy.
|
| cspSpRSArc4128md5 |
.1.3.6.1.4.1.9.9.370.1.6.1.1.2 |
|
An indication of whether or not the cipher suite
RSA_WITH_RC4_128_MD5 is configured. If 'true', the
cipher suite is configured.
|
| cspSpRSArc4128sha |
.1.3.6.1.4.1.9.9.370.1.6.1.1.3 |
|
An indication of whether or not the cipher suite
RSA_WITH_RC4_128_SHA is configured. If 'true', the
cipher suite is configured.
|
| cspSpRSAdescbcsha |
.1.3.6.1.4.1.9.9.370.1.6.1.1.4 |
|
An indication of whether or not the cipher suite
RSA_WITH_DES_CBC_SHA is configured. If 'true', the
cipher suite is configured.
|
| cspSpRSA3descbcsha |
.1.3.6.1.4.1.9.9.370.1.6.1.1.5 |
|
An indication of whether or not the cipher suite
RSA_WITH_3DES_EDE_CBC_SHA is configured. If 'true',
the cipher suite is configured.
|
| cspSpProtocol |
.1.3.6.1.4.1.9.9.370.1.6.1.1.6 |
|
The set of SSL and TLS protocols to be supported.
The following values are defined:
other(1) : An unspecified protocol,
SSL 3.0(2) : Support SSL 3.0 protocol only,
TLS 1.0(3) : Support TLS 1.0 protocol only,
ssl3AndTls1(3) : Support both SSL 3.0 and TLS 1.0
|
| cspSpCloseProtocol |
.1.3.6.1.4.1.9.9.370.1.6.1.1.7 |
|
An indication of whether or not the SSL close protocol
is enforced.
If 'true', the close protocol is enforced. A
close-notify alert message is sent to the peer, and a
close-notify alert message is expected from the peer.
If 'false', the close protocol is not enforced. The
proxy service sends a close-notify alert message to
the peer; however, the proxy service does not expect
a close-notify alert from the peer before tearing down
the session.
|
| cspSpSessionCache |
.1.3.6.1.4.1.9.9.370.1.6.1.1.8 |
|
The SSL session cache size. The session cache is used
to store a number of most recently used session
identifiers.
Session identifiers can be reused if a new connection
requests to use a session identifier that is found in
the cache. This object specifies the maximum size of
the cache.
|
| cspSpSessionTimeOut |
.1.3.6.1.4.1.9.9.370.1.6.1.1.9 |
|
The SSL session timeout value. The session entry
will be removed from the session cache after the
configured timeout. Once the session entry is
removed, subsequent connections cannot reuse the
session.
If this timeout value is 0, entries in the session
cache will not timeout.
|
| cspSpConfigRowStatus |
.1.3.6.1.4.1.9.9.370.1.6.1.1.10 |
|
The row status of the SSL policy configuration entry.
This entry can be modified when the status is 'active'.
|
| cspPscClearTime |
.1.3.6.1.4.1.9.9.370.1.15.1.1.1 |
|
The last time when counters in this entry were
cleared.
If the proxy device does not allow these counters to be
cleared, the timestamp should have a value of zero.
|
| cspPscConnAttempt |
.1.3.6.1.4.1.9.9.370.1.15.1.1.2 |
|
The total number of SSL connections attempted.
|
| cspPscConnComplete |
.1.3.6.1.4.1.9.9.370.1.15.1.1.3 |
|
The total number of SSL connections completed.
|
| cspPscFullHandShake |
.1.3.6.1.4.1.9.9.370.1.15.1.1.4 |
|
The total number of full handshakes completed.
|
| cspPscResumedHandShake |
.1.3.6.1.4.1.9.9.370.1.15.1.1.5 |
|
The total number of resumed handshakes completed.
|
| cspPscConnInHandShake |
.1.3.6.1.4.1.9.9.370.1.15.1.1.6 |
|
The number of connections currently in handshake
phase.
|
| cspPscConnInDataPhase |
.1.3.6.1.4.1.9.9.370.1.15.1.1.7 |
|
The number of connections currently in data phase.
|
| cspPscRenegAttempt |
.1.3.6.1.4.1.9.9.370.1.15.1.1.8 |
|
The total number of SSL renegotiations attempted.
|
| cspPscConnInReneg |
.1.3.6.1.4.1.9.9.370.1.15.1.1.9 |
|
The number of connections currently in renegotiation
phase.
|
| cspPscBlksEncrypted |
.1.3.6.1.4.1.9.9.370.1.15.1.1.10 |
|
The total number of data blocks that got encrypted.
|
| cspPscBlksDecrypted |
.1.3.6.1.4.1.9.9.370.1.15.1.1.11 |
|
The total number of data blocks that got decrypted.
|
| cspPscBytesEncrypted |
.1.3.6.1.4.1.9.9.370.1.15.1.1.12 |
|
The total number of bytes that got encrypted.
|
| cspPscBytesDecrypted |
.1.3.6.1.4.1.9.9.370.1.15.1.1.13 |
|
The total number of bytes that got decrypted.
|
| cspPscValidSessions |
.1.3.6.1.4.1.9.9.370.1.15.1.1.14 |
|
The total number of current valid sessions in the
session cache.
|
| cspPscSessLimitExceed |
.1.3.6.1.4.1.9.9.370.1.15.1.1.15 |
|
The total number of times configured SSL session
limit got exceeded. The new connections will be
rejected if the session limit is exceeded.
|
| cspPscHandShakeFailed |
.1.3.6.1.4.1.9.9.370.1.15.1.1.16 |
|
The total number of times SSL connections failed
in handshake phase.
|
| cspPscDataFailed |
.1.3.6.1.4.1.9.9.370.1.15.1.1.17 |
|
The total number of times SSL connections failed
in data phase.
|
| cspPscFatalAlertsRcvd |
.1.3.6.1.4.1.9.9.370.1.15.1.1.18 |
|
The total number of fatal alerts received.
|
| cspPscFatalAlertsSent |
.1.3.6.1.4.1.9.9.370.1.15.1.1.19 |
|
The total number of fatal alerts sent.
|
| cspPscBadMacRcvd |
.1.3.6.1.4.1.9.9.370.1.15.1.1.20 |
|
The total number of received SSL records which
have bad MAC (Message Authentication Code).
|
| cspPscPadErrors |
.1.3.6.1.4.1.9.9.370.1.15.1.1.21 |
|
The total number of received SSL records which
have pad errors.
|
| cspPscNoCipherAlerts |
.1.3.6.1.4.1.9.9.370.1.15.1.1.22 |
|
The total number of alerts sent due to unsupported
cipher suites.
|
| cspPscNoComprsnAlerts |
.1.3.6.1.4.1.9.9.370.1.15.1.1.23 |
|
The total number of alerts sent due to unsupported
compression scheme.
|
| cspPscVerMismatchAlerts |
.1.3.6.1.4.1.9.9.370.1.15.1.1.24 |
|
The total number of alerts sent due to unsupported
SSL or TLS version.
|
| cspPs3cClearTime |
.1.3.6.1.4.1.9.9.370.1.16.1.1.1 |
|
The last time when counters in this entry were cleared.
If the proxy device does not allow these counters to be
cleared, the timestamp should have the value of zero.
|
| cspPs3cFullHandShake |
.1.3.6.1.4.1.9.9.370.1.16.1.1.2 |
|
The total number of SSL 3.0 full handshakes completed.
|
| cspPs3cResumedHandShake |
.1.3.6.1.4.1.9.9.370.1.16.1.1.3 |
|
The total number of SSL 3.0 resumed handshakes
completed.
|
| cspPs3cHandShakeFailed |
.1.3.6.1.4.1.9.9.370.1.16.1.1.4 |
|
The total number of SSL 3.0 connections failed in
handshake phase.
|
| cspPs3cDataFailed |
.1.3.6.1.4.1.9.9.370.1.16.1.1.5 |
|
The total number of SSL 3.0 connections failed in
data phase.
|
| cspPs3cBadMacRcvd |
.1.3.6.1.4.1.9.9.370.1.16.1.1.6 |
|
The total number of received SSL 3.0 records
which have bad MAC (Message Authentication Code).
|
| cspPs3cPadErrors |
.1.3.6.1.4.1.9.9.370.1.16.1.1.7 |
|
The total number of received SSL 3.0 records
which have pad errors.
|
| cspPs3cRSArc4128md5 |
.1.3.6.1.4.1.9.9.370.1.16.1.1.8 |
|
The total number of SSL 3.0 connections that used the
cipher suite RSA_WITH_RC4_128_MD5.
|
| cspPs3cRSArc4128sha |
.1.3.6.1.4.1.9.9.370.1.16.1.1.9 |
|
The total number of SSL 3.0 connections that used the
cipher suite RSA_WITH_RC4_128_SHA.
|
| cspPs3cRSAdescbcsha |
.1.3.6.1.4.1.9.9.370.1.16.1.1.10 |
|
The total number of SSL 3.0 connections that used the
cipher suite RSA_WITH_DES_CBC_SHA.
|
| cspPs3cRSA3desedecbcsha |
.1.3.6.1.4.1.9.9.370.1.16.1.1.11 |
|
The total number of SSL 3.0 connections that used the
cipher suite RSA_WITH_3DES_EDE_CBC_SHA.
|
| cspPt1cClearTime |
.1.3.6.1.4.1.9.9.370.1.17.1.1.1 |
|
The last time when counters in this entry were cleared.
If the proxy device does not allow these counters to be
cleared, the timestamp should have a value of zero.
|
| cspPt1cFullHandShake |
.1.3.6.1.4.1.9.9.370.1.17.1.1.2 |
|
The total number of TLS 1.0 full handshakes completed.
|
| cspPt1cResumedHandShake |
.1.3.6.1.4.1.9.9.370.1.17.1.1.3 |
|
The total number of TLS 1.0 resumed handshakes
completed.
|
| cspPt1cHandShakeFailed |
.1.3.6.1.4.1.9.9.370.1.17.1.1.4 |
|
The total number of TLS 1.0 connections failed in
handshake phase.
|
| cspPt1cDataFailed |
.1.3.6.1.4.1.9.9.370.1.17.1.1.5 |
|
The total number of TLS 1.0 connections failed in
data phase.
|
| cspPt1cBadMacRcvd |
.1.3.6.1.4.1.9.9.370.1.17.1.1.6 |
|
The total number of received TLS 1.0 records
which have bad MAC (Message Authentication Code).
|
| cspPt1cPadErrors |
.1.3.6.1.4.1.9.9.370.1.17.1.1.7 |
|
The total number of received TLS 1.0 records
which have pad errors.
|
| cspPt1cRSArc4128md5 |
.1.3.6.1.4.1.9.9.370.1.17.1.1.8 |
|
The total number of TLS 1.0 connections that used the
cipher suite RSA_WITH_RC4_128_MD5.
|
| cspPt1cRSArc4128sha |
.1.3.6.1.4.1.9.9.370.1.17.1.1.9 |
|
The total number of TLS 1.0 connections that used the
cipher suite RSA_WITH_RC4_128_SHA.
|
| cspPt1cRSAdescbcsha |
.1.3.6.1.4.1.9.9.370.1.17.1.1.10 |
|
The total number of TLS 1.0 connections that used the
cipher suite RSA_WITH_DES_CBC_SHA.
|
| cspPt1cRSA3desedecbcsha |
.1.3.6.1.4.1.9.9.370.1.17.1.1.11 |
|
The total number of TLS 1.0 connections that used the
cipher suite RSA_WITH_3DES_EDE_CBC_SHA.
|
| cspCpuName |
.1.3.6.1.4.1.9.9.370.1.18.1.1.1 |
|
The unique name of a CPU on the proxy device.
|
| cspCpuStatus |
.1.3.6.1.4.1.9.9.370.1.18.1.1.2 |
|
The operational status of the CPU.
|
| cspCpuClearTime |
.1.3.6.1.4.1.9.9.370.1.18.1.1.3 |
|
The last time when the CPU counters were cleared.
If the proxy device does not allow these counters to be
cleared, the timestamp should have a value of zero.
|
| cspCpuProcessUtil |
.1.3.6.1.4.1.9.9.370.1.18.1.1.4 |
|
The percentage of CPU time utilized at process level.
|
| cspCpuInterruptUtil |
.1.3.6.1.4.1.9.9.370.1.18.1.1.5 |
|
The percentage of CPU time utilized at interrupt
level.
|
| cspCpuProcessUtilIn5Sec |
.1.3.6.1.4.1.9.9.370.1.18.1.1.6 |
|
The percentage of CPU time utilized at process level
within the past five seconds.
|
| cspCpuProcessUtilIn1Min |
.1.3.6.1.4.1.9.9.370.1.18.1.1.7 |
|
The percentage of CPU time utilized at process level
within the past minute.
|
| cspCpuProcessUtilIn5Min |
.1.3.6.1.4.1.9.9.370.1.18.1.1.8 |
|
The percentage of CPU time utilized at process level
within the past five minutes.
|
| cspCpuInterruptUtilIn5Sec |
.1.3.6.1.4.1.9.9.370.1.18.1.1.9 |
|
The percentage of CPU time utilized at interrupt level
within the past five seconds.
|
| cspCpuInterruptUtilIn1Min |
.1.3.6.1.4.1.9.9.370.1.18.1.1.10 |
|
The percentage of CPU time utilized at interrupt level
within the past minute.
|
| cspCpuInterruptUtilIn5Min |
.1.3.6.1.4.1.9.9.370.1.18.1.1.11 |
|
The percentage of CPU time utilized at interrupt level
within the past five minutes.
|
