
-- *****************************************************************
-- CISCO-SDWAN-SECURITY-MIB.my:
-- OID assignments for Cisco SDWAN security


-- Feburary 2021, Anjali Shirva

-- Copyright (c) 2020-2021 by Cisco Systems, Inc.
-- All rights reserved.
-- *****************************************************************

CISCO-SDWAN-SECURITY-MIB DEFINITIONS ::= BEGIN
IMPORTS
    MODULE-IDENTITY, 
    OBJECT-TYPE, 
    NOTIFICATION-TYPE,
    Integer32,
    Unsigned32 
        FROM SNMPv2-SMI
    MODULE-COMPLIANCE,
    OBJECT-GROUP,
    NOTIFICATION-GROUP
        FROM SNMPv2-CONF
    TEXTUAL-CONVENTION 
        FROM SNMPv2-TC
    ciscoMgmt
        FROM CISCO-SMI;

ciscoSdwanSecurityMIB MODULE-IDENTITY
    LAST-UPDATED "202102260000Z"
    ORGANIZATION    "Cisco Systems, Inc. "
    CONTACT-INFO
            "       Cisco Systems
                    Customer Service

            Postal: 170 W Tasman Drive
                    San Jose, CA  95134
                    USA

               Tel: +1 800 553-NETS

            E-mail: cs-snmp@cisco.com"
    DESCRIPTION "This module defines data model 
                 for Cisco SDWAN security management"
    REVISION "202102260000Z"
    DESCRIPTION "Cisco SDWAN Revision 0.0"
    ::= { ciscoMgmt 1006 }

UnsignedByte ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "d"
    STATUS      current
    DESCRIPTION "xs:unsignedByte"
    SYNTAX      Unsigned32 (0 .. 255)

InetAddressIP ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "1t"
    STATUS      current
    DESCRIPTION "inetAddressIP"
    SYNTAX      OCTET STRING (SIZE (4|16))

String ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "1t"
    STATUS      current
    DESCRIPTION "xs:string"
    SYNTAX      OCTET STRING

-- Notification type definitions
NotificationSeverity ::= TEXTUAL-CONVENTION
    STATUS      current
    DESCRIPTION "Netconf notification severity level"
    SYNTAX      INTEGER {critical(1),
                         major(2),
                         minor(3)}

PersonalityEnumOper ::= TEXTUAL-CONVENTION
    STATUS      current
    DESCRIPTION "Device type"
    SYNTAX      INTEGER {unknown(0),
                         vedge(1),
			 vhub(2),
			 vsmart(3),
                         vbond(4),
			 vmanage(5),
			 ztp(6),
			 vcontainer(7)}

ColorEnum ::= TEXTUAL-CONVENTION
    STATUS      current
    DESCRIPTION "3g  biz-internet  blue  bronze  custom1  custom2
                 custom3  default  gold  green  lte  metro-ethernet
		 mpls public-internet  red  silver private1 private2
		 private3 private4 private5 private6"
    SYNTAX      INTEGER {default(1),
                         mpls(2),
			 metro-ethernet(3),
                         biz-internet(4),
			 public-internet(5),
			 lte(6),
			 threeG(7),
			 red(8),
			 green(9),
			 blue(10),
			 gold(11),
			 silver(12),
			 bronze(13),
			 custom1(14),
			 custom2(15),
			 custom3(16),
			 private1(17),
			 private2(18),
			 private3(19),
			 private4(20),
			 private5(21),
			 private6(22)}

OperState ::= TEXTUAL-CONVENTION
    STATUS      current
    DESCRIPTION "Operational state"
    SYNTAX      INTEGER {up(0),
                         down(1)}

CertificateTypeEnum ::= TEXTUAL-CONVENTION
     STATUS      current
     DESCRIPTION "Certificate Type"
     SYNTAX      INTEGER {web-server(1),
                          enterprise(2),
			  vmanage(3)}    

-- MIB Objects, Notification Objects, Notification and Conform
ciscoSdwanSecurityMIBNotifs OBJECT IDENTIFIER
    ::= { ciscoSdwanSecurityMIB 0 }

ciscoSdwanSecurityMIBObjects OBJECT IDENTIFIER
   ::= { ciscoSdwanSecurityMIB 1 }

ciscoSdwanSecurityMIBNotifObjects OBJECT IDENTIFIER
    ::= { ciscoSdwanSecurityMIB 2 }

ciscoSdwanSecurityMIBConform  OBJECT IDENTIFIER
    ::= { ciscoSdwanSecurityMIB 3 }

-- Display control information
-- tagpath /control
control OBJECT IDENTIFIER ::= { ciscoSdwanSecurityMIBObjects 2 }

-- Display local control properties
-- tagpath /control/local-properties
controlLocalProperties OBJECT IDENTIFIER ::= { control 5 }

-- tagpath /control/local-properties/device-type
controlLocalPropertiesDeviceType OBJECT-TYPE
    SYNTAX      INTEGER {unknown(0),
                         vedge(1),
			 vhub(2),
			 vsmart(3),
                         vbond(4),
			 vmanage(5),
			 ztp(6),
			 vcontainer(7)}
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Personality"
    ::= { controlLocalProperties 1 }

-- tagpath /control/local-properties/organization-name
controlLocalPropertiesOrganizationName OBJECT-TYPE
    SYNTAX      String (SIZE (1 .. 128))
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Organization name"
    ::= { controlLocalProperties 2 }

-- tagpath /control/local-properties/certificate-status
controlLocalPropertiesCertificateStatus OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Certificate status"
    ::= { controlLocalProperties 3 }

-- tagpath /control/local-properties/root-ca-chain-status
controlLocalPropertiesRootCaChainStatus OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Root CA chain status"
    ::= { controlLocalProperties 4 }

-- tagpath /control/local-properties/certificate-validity
controlLocalPropertiesCertificateValidity OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Certificate validity"
    ::= { controlLocalProperties 5 }

-- tagpath /control/local-properties/certificate-not-valid-before
controlLocalPropertiesCertificateNotValidBefore OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Certificate not valid before"
    ::= { controlLocalProperties 6 }

-- tagpath /control/local-properties/certificate-not-valid-after
controlLocalPropertiesCertificateNotValidAfter OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Certificate not valid after"
    ::= { controlLocalProperties 7 }

-- tagpath /control/local-properties/dns-name
controlLocalPropertiesDnsName OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "DNS name"
    ::= { controlLocalProperties 8 }

-- tagpath /control/local-properties/site-id
controlLocalPropertiesSiteId OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Site ID"
    ::= { controlLocalProperties 9 }

-- tagpath /control/local-properties/domain-id
controlLocalPropertiesDomainId OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Domain ID"
    ::= { controlLocalProperties 10 }

-- tagpath /control/local-properties/tls-port
controlLocalPropertiesTlsPort OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "TLS port"
    ::= { controlLocalProperties 12 }

-- tagpath /control/local-properties/system-ip
controlLocalPropertiesSystemIp OBJECT-TYPE
    SYNTAX      InetAddressIP
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "System IP address"
    ::= { controlLocalProperties 13 }

-- tagpath /control/local-properties/uuid
controlLocalPropertiesUuid OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Unique device identifier"
    ::= { controlLocalProperties 14 }

-- tagpath /control/local-properties/board-serial
controlLocalPropertiesBoardSerial OBJECT-TYPE
    SYNTAX      String (SIZE (1 .. 40))
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Board ID serial number"
    ::= { controlLocalProperties 15 }

-- tagpath /control/local-properties/register-interval
controlLocalPropertiesRegisterInterval OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
--    STATUS      deprecated
    STATUS      current
    DESCRIPTION "Register interval - Deprecated in 15.4"
    ::= { controlLocalProperties 16 }

-- tagpath /control/local-properties/retry-interval
controlLocalPropertiesRetryInterval OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Retry interval"
    ::= { controlLocalProperties 17 }

-- tagpath /control/local-properties/no-activity
controlLocalPropertiesNoActivity OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "No activity expiry interval"
    ::= { controlLocalProperties 18 }

-- tagpath /control/local-properties/dns-cache-flush-interval
controlLocalPropertiesDnsCacheFlushInterval OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "DNS cache time to live"
    ::= { controlLocalProperties 19 }

-- tagpath /control/local-properties/port-hopped
controlLocalPropertiesPortHopped OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Device changed port"
    ::= { controlLocalProperties 20 }

-- tagpath /control/local-properties/time-since-port-hop
controlLocalPropertiesTimeSincePortHop OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Time since last port hop"
    ::= { controlLocalProperties 21 }

-- tagpath /control/local-properties/max-controllers
controlLocalPropertiesMaxControllers OBJECT-TYPE
    SYNTAX      UnsignedByte
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Maximum number of controllers"
    ::= { controlLocalProperties 22 }

-- tagpath /control/local-properties/keygen-interval
controlLocalPropertiesKeygenInterval OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Key generation interval"
    ::= { controlLocalProperties 23 }

-- tagpath /control/local-properties/number-vbond-peers
controlLocalPropertiesNumberVbondPeers OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Number of vBond peers"
    ::= { controlLocalProperties 25 }

-- tagpath /control/local-properties/number-active-wan-interfaces
controlLocalPropertiesNumberActiveWanInterfaces OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Number of WAN interfaces"
    ::= { controlLocalProperties 27 }

-- tagpath /control/local-properties/enterprise-certificate-status
controlLocalPropertiesEnterpriseCertificateStatus OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Enterprise certificate status"
    ::= { controlLocalProperties 36 }

-- tagpath /control/local-properties/enterprise-certificate-validity
controlLocalPropertiesEnterpriseCertificateValidity OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Enterprise certificate validity"
    ::= { controlLocalProperties 37 }

-- tagpath /control/local-properties
--                 /enterprise-certificate-not-valid-before
controlLocalPropertiesEnterpriseCertificateNotValidBefore OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Enterprise certificate not valid before"
    ::= { controlLocalProperties 38 }

-- tagpath /control/local-properties
--                 /enterprise-certificate-not-valid-after
controlLocalPropertiesEnterpriseCertificateNotValidAfter OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Enterprise certificate not valid after"
    ::= { controlLocalProperties 39 }

-- Display control summary
-- tagpath /control/summary
controlSummary OBJECT IDENTIFIER ::= { control 6 }

-- tagpath /control/summary/instance
controlSummaryInstance OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "vdaemon instance ID"
    ::= { controlSummary 1 }

-- tagpath /control/summary/vbond-counts
controlSummaryVbondCounts OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Number of Vbond"
    ::= { controlSummary 2 }


-- tagpath /control/summary/vmanage-counts
controlSummaryVmanageCounts OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Number of Vmanages"
    ::= { controlSummary 3 }

-- tagpath /control/summary/vsmart-counts
controlSummaryVsmartCounts OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Number of Vsmarts"
    ::= { controlSummary 4 }

-- Display control affinity
-- tagpath /control/affinity
controlAffinity OBJECT IDENTIFIER ::= { control 7 }

-- tagpath /control/affinity/affc-index
controlAffinityConfigAffcIndex OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "WAN index"
    ::= { controlAffinity 1 }

-- tagpath /control/affinity/affc-interface
controlAffinityConfigAffcInterface OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Interface name"
    ::= { controlAffinity 2 }

-- tagpath /control/affinity/affc-ervc
controlAffinityConfigAffcErvc OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Effective required vSmart count"
    ::= { controlAffinity 3 }

-- tagpath /control/affinity/affc-ecl
controlAffinityConfigAffcEcl OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Effective controller group id list"
    ::= { controlAffinity 4 }

-- tagpath /control/affinity/affc-ccl
controlAffinityConfigAffcCcl OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Current controller group ID list"
    ::= { controlAffinity 5 }

-- tagpath /control/affinity/affc-equil
controlAffinityConfigAffcEquil OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Equilibrium"
    ::= { controlAffinity 6 }

-- tagpath /control/affinity/affc-last-resort
controlAffinityConfigAffcLastResort OBJECT-TYPE
    SYNTAX      String
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Last-resort Interface"
    ::= { controlAffinity 7 }

-- ********************************************************************
-- *  Notification Objects
-- ********************************************************************

netconfNotificationSeverity OBJECT-TYPE
    SYNTAX      NotificationSeverity
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Netconf notification severity level"
    ::= { ciscoSdwanSecurityMIBNotifObjects 2 }

ciscoSdwanSecurityPersonality OBJECT-TYPE
     SYNTAX      PersonalityEnumOper
     MAX-ACCESS  read-only
     STATUS      current
     DESCRIPTION "Device type"
     ::= { ciscoSdwanSecurityMIBNotifObjects 3 }

ciscoSdwanSecurityPeerType OBJECT-TYPE
    SYNTAX      PersonalityEnumOper
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Peer device type"
    ::= { ciscoSdwanSecurityMIBNotifObjects 4 }

ciscoSdwanSecurityPeerSystemIp OBJECT-TYPE
    SYNTAX      InetAddressIP
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Peer system ip"
    ::= { ciscoSdwanSecurityMIBNotifObjects 5 }

ciscoSdwanSecurityPeerVmanageSystemIp OBJECT-TYPE
    SYNTAX      InetAddressIP
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Peer vmanage system ip"
    ::= { ciscoSdwanSecurityMIBNotifObjects 6 }

ciscoSdwanSecurityPublicIp OBJECT-TYPE
    SYNTAX      InetAddressIP
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Public ip"
    ::= { ciscoSdwanSecurityMIBNotifObjects 7 }

ciscoSdwanSecurityPublicPort OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Public port"
    ::= { ciscoSdwanSecurityMIBNotifObjects 8 }

ciscoSdwanSecuritySrcColor OBJECT-TYPE
    SYNTAX      ColorEnum
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Source color"
    ::= { ciscoSdwanSecurityMIBNotifObjects 9 }

ciscoSdwanSecurityRemoteColor OBJECT-TYPE
    SYNTAX      ColorEnum
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Remote color"
    ::= { ciscoSdwanSecurityMIBNotifObjects 10 }

ciscoSdwanSecurityUptime OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Up time"
    ::= { ciscoSdwanSecurityMIBNotifObjects 11 }

ciscoSdwanSecurityNewState OBJECT-TYPE
    SYNTAX      OperState
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "New state"
    ::= { ciscoSdwanSecurityMIBNotifObjects 12 }

ciscoSdwanSecurityLocalSystemIp OBJECT-TYPE
    SYNTAX      InetAddressIP
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Local system ip"
    ::= { ciscoSdwanSecurityMIBNotifObjects 13 }

ciscoSdwanSecurityLocalColor OBJECT-TYPE
    SYNTAX      ColorEnum
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Local color"
    ::= { ciscoSdwanSecurityMIBNotifObjects 14 }

ciscoSdwanSecurityReason OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Reason"
    ::= { ciscoSdwanSecurityMIBNotifObjects 15 }

ciscoSdwanSecurityOldPublicIp OBJECT-TYPE
    SYNTAX      InetAddressIP
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Old public ip"
    ::= { ciscoSdwanSecurityMIBNotifObjects 16 }

ciscoSdwanSecurityOldPublicPort OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Old public port"
    ::= { ciscoSdwanSecurityMIBNotifObjects 17 }

ciscoSdwanSecurityNewPublicIp OBJECT-TYPE
    SYNTAX      InetAddressIP
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "New public ip"
    ::= { ciscoSdwanSecurityMIBNotifObjects 18 }

ciscoSdwanSecurityNewPublicPort OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "New public port"
    ::= { ciscoSdwanSecurityMIBNotifObjects 19 }

ciscoSdwanSecurityColor OBJECT-TYPE
    SYNTAX      ColorEnum
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Color"
    ::= { ciscoSdwanSecurityMIBNotifObjects 20 }

ciscoSdwanSecurityUuid OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Uuid"
    ::= { ciscoSdwanSecurityMIBNotifObjects 21 }

ciscoSdwanSecuritySerial OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Serial"
    ::= { ciscoSdwanSecurityMIBNotifObjects 22 }

ciscoSdwanSecurityVmanageConnectionPreference OBJECT-TYPE
    SYNTAX      UnsignedByte
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Vmanage connection preference"
    ::= { ciscoSdwanSecurityMIBNotifObjects 23 }

ciscoSdwanSecurityOrganizationName OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Organization name"
    ::= { ciscoSdwanSecurityMIBNotifObjects 24 }

ciscoSdwanSecuritySpOrganizationName OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "Sp organization name"
    ::= { ciscoSdwanSecurityMIBNotifObjects 25 }

ciscoSdwanSecurityCertificateType OBJECT-TYPE
     SYNTAX      CertificateTypeEnum
     MAX-ACCESS  read-only
     STATUS      current
     DESCRIPTION "Certificate type"
    ::= { ciscoSdwanSecurityMIBNotifObjects 26 }

ciscoSdwanSecurityCertificateSerialNumber OBJECT-TYPE
     SYNTAX      OCTET STRING
     MAX-ACCESS  read-only
     STATUS      current
     DESCRIPTION "Certificate serial number"
     ::= { ciscoSdwanSecurityMIBNotifObjects 27 }

ciscoSdwanSecurityIssuer OBJECT-TYPE
     SYNTAX      OCTET STRING
     MAX-ACCESS  read-only
     STATUS      current
     DESCRIPTION "Certificate issuer"
     ::= { ciscoSdwanSecurityMIBNotifObjects 28 }

 ciscoSdwanSecurityDaysToExpiry OBJECT-TYPE
     SYNTAX      Integer32
     MAX-ACCESS  read-only
     STATUS      current
     DESCRIPTION "Certificate days to expiry"
     ::= { ciscoSdwanSecurityMIBNotifObjects 29 }

-- ********************************************************************
-- *  Notifications
-- ********************************************************************

ciscoSdwanSecurityControlConnectionStateChange NOTIFICATION-TYPE
        OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecurityPersonality,
 		ciscoSdwanSecurityPeerType,
 		ciscoSdwanSecurityPeerSystemIp,
 		ciscoSdwanSecurityPeerVmanageSystemIp,
 		ciscoSdwanSecurityPublicIp,
 		ciscoSdwanSecurityPublicPort,
 		ciscoSdwanSecuritySrcColor,
 		ciscoSdwanSecurityRemoteColor,
 		ciscoSdwanSecurityUptime,
 		ciscoSdwanSecurityNewState
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 1 }
 
ciscoSdwanSecurityControlConnectionAuthFail NOTIFICATION-TYPE
 	OBJECTS {
		netconfNotificationSeverity,
 		ciscoSdwanSecurityPersonality,
 		ciscoSdwanSecurityPeerType,
 		ciscoSdwanSecurityPeerSystemIp,
 		ciscoSdwanSecurityLocalSystemIp,
 		ciscoSdwanSecurityLocalColor,
 		ciscoSdwanSecurityReason
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 2 }
 
ciscoSdwanSecurityControlConnectionTlocIpChange NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecurityPersonality,
 		ciscoSdwanSecurityOldPublicIp,
 		ciscoSdwanSecurityOldPublicPort,
 		ciscoSdwanSecurityNewPublicIp,
 		ciscoSdwanSecurityNewPublicPort
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 3 }

ciscoSdwanSecurityControlVbondStateChange NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecurityPersonality,
 		ciscoSdwanSecurityNewState
 	}
 	STATUS current
 	DESCRIPTION "ciscoSdwan trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 4 }

ciscoSdwanSecurityControlNoActiveVsmart NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecurityPersonality
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 5 }
 
ciscoSdwanSecurityControlNoActiveVbond NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecurityPersonality
	}
	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 6 }

ciscoSdwanSecurityTunnelIpsecRekey NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecurityPersonality,
 		ciscoSdwanSecurityColor
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 7 }

ciscoSdwanSecurityTunnelIpsecManualRekey NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecurityPersonality,
 		ciscoSdwanSecurityColor
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 8 }

ciscoSdwanSecuritySecurityRootCertChainInstalled NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 9 }

ciscoSdwanSecuritySecurityCertificateExpiring NOTIFICATION-TYPE
        OBJECTS {
             netconfNotificationSeverity,
	     ciscoSdwanSecurityCertificateType,
             ciscoSdwanSecurityCertificateSerialNumber,
             ciscoSdwanSecurityIssuer,
             ciscoSdwanSecurityDaysToExpiry
         }
         STATUS current
         DESCRIPTION "Cisco SDWAN trap from security"
         ::= { ciscoSdwanSecurityMIBNotifs 10 }

ciscoSdwanSecuritySecurityCertificateExpired NOTIFICATION-TYPE
	OBJECTS {
 		netconfNotificationSeverity
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 11 }

ciscoSdwanSecuritySecurityCertificateInstalled NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 12 }

ciscoSdwanSecuritySecurityNewCsrGenerated NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 13 }

ciscoSdwanSecuritySecurityRootCertChainUninstalled NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity
	}
 	STATUS current
	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 14 }

ciscoSdwanSecuritySecurityClearInstalledCertificate NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 15 }

ciscoSdwanSecuritySecurityVedgeSerialFileUploaded NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 16 }

ciscoSdwanSecuritySecurityVsmartSerialFileUploaded NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 17 }

ciscoSdwanSecuritySecurityVedgeEntryAdded NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecurityUuid,
 		ciscoSdwanSecuritySerial
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 18 }

ciscoSdwanSecuritySecurityVedgeEntryRemoved NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecurityUuid
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
	::= { ciscoSdwanSecurityMIBNotifs 19 }

ciscoSdwanSecuritySecurityVsmartEntryAdded NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecuritySerial
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 20 }

ciscoSdwanSecuritySecurityVsmartEntryRemoved NOTIFICATION-TYPE
 	OBJECTS {
 		netconfNotificationSeverity,
 		ciscoSdwanSecuritySerial
 	}
 	STATUS current
 	DESCRIPTION "Cisco SDWAN trap from security"
 	::= { ciscoSdwanSecurityMIBNotifs 21 }

ciscoSdwanSecurityVmanageConnectionPreferenceChanged NOTIFICATION-TYPE
        OBJECTS {
                netconfNotificationSeverity,
                ciscoSdwanSecurityColor,
                ciscoSdwanSecurityVmanageConnectionPreference
         }
         STATUS current
         DESCRIPTION "Cisco SDWAN trap from security"
         ::= { ciscoSdwanSecurityMIBNotifs 23 }

ciscoSdwanSecurityVbondRejectVedgeConnection NOTIFICATION-TYPE
        OBJECTS {
             netconfNotificationSeverity,
             ciscoSdwanSecurityUuid,
             ciscoSdwanSecurityOrganizationName,
             ciscoSdwanSecuritySpOrganizationName,
             ciscoSdwanSecurityReason
         }
         STATUS current
         DESCRIPTION "Cisco SDWAN trap from security"
         ::= { ciscoSdwanSecurityMIBNotifs 24 }

ciscoSdwanSecurityDeviceTemplateMissing NOTIFICATION-TYPE
        OBJECTS {
             netconfNotificationSeverity,
             ciscoSdwanSecurityUuid,
             ciscoSdwanSecurityPeerType
         }
         STATUS current
         DESCRIPTION "Cisco SDWAN trap from security"
         ::= { ciscoSdwanSecurityMIBNotifs 25 }

ciscoSdwanSecurityDeviceTemplateAttachedDuringZtp NOTIFICATION-TYPE
        OBJECTS {
             netconfNotificationSeverity,
             ciscoSdwanSecurityUuid,
             ciscoSdwanSecurityPeerType
         }
         STATUS current
         DESCRIPTION "Cisco SDWAN trap from security"
         ::= { ciscoSdwanSecurityMIBNotifs 26 }

-- *******************************************************************
-- *    Compliance statements
-- *******************************************************************

ciscoSdwanSecurityMIBCompliances  OBJECT IDENTIFIER
    ::= { ciscoSdwanSecurityMIBConform 1 }

ciscoSdwanSecurityMIBGroups  OBJECT IDENTIFIER
    ::= { ciscoSdwanSecurityMIBConform 2 }

ciscoSdwanSecurityMIBCompliance MODULE-COMPLIANCE
    STATUS         current
    DESCRIPTION
        "The compliance statement for the SNMP entities
         that implement the ciscoSdwanAppRouteMIB module."
    MODULE          -- this module
    MANDATORY-GROUPS {
                        cSdwanSecurityControlLocalPropertiesGroup,
            cSdwanSecurityNotifObjsGroup,
            cSdwanSecurityNotifsGroup,
            cSdwanSecurityControlSummaryGroup,
            cSdwanSecurityControlAffinityGroup
                    }
    ::= { ciscoSdwanSecurityMIBCompliances 1 }

-- *******************************************************************
-- *    Units of conformance
-- *******************************************************************

cSdwanSecurityControlLocalPropertiesGroup OBJECT-GROUP
    OBJECTS {
             controlLocalPropertiesDeviceType,
	     controlLocalPropertiesOrganizationName,
	     controlLocalPropertiesCertificateStatus,
	     controlLocalPropertiesRootCaChainStatus,
	     controlLocalPropertiesCertificateValidity,
	     controlLocalPropertiesCertificateNotValidBefore,
	     controlLocalPropertiesCertificateNotValidAfter,
	     controlLocalPropertiesDnsName,
	     controlLocalPropertiesSiteId,
	     controlLocalPropertiesDomainId,
	     controlLocalPropertiesTlsPort,
	     controlLocalPropertiesSystemIp,
	     controlLocalPropertiesUuid,
	     controlLocalPropertiesBoardSerial,
             controlLocalPropertiesRegisterInterval,
	     controlLocalPropertiesRetryInterval,
	     controlLocalPropertiesNoActivity,
	     controlLocalPropertiesDnsCacheFlushInterval,
	     controlLocalPropertiesPortHopped,
	     controlLocalPropertiesTimeSincePortHop,
	     controlLocalPropertiesMaxControllers,
	     controlLocalPropertiesKeygenInterval,
	     controlLocalPropertiesNumberVbondPeers,
	     controlLocalPropertiesNumberActiveWanInterfaces,
	     controlLocalPropertiesEnterpriseCertificateStatus,
	     controlLocalPropertiesEnterpriseCertificateValidity,
	     controlLocalPropertiesEnterpriseCertificateNotValidBefore,
	     controlLocalPropertiesEnterpriseCertificateNotValidAfter
            }
    STATUS          current
    DESCRIPTION
        "This is a collection of objects of 
	                         security control local properties."
    ::= { ciscoSdwanSecurityMIBGroups 1 }

cSdwanSecurityNotifObjsGroup OBJECT-GROUP
    OBJECTS {
                netconfNotificationSeverity,
		ciscoSdwanSecurityPersonality,
		ciscoSdwanSecurityPeerType,
		ciscoSdwanSecurityPeerSystemIp,
		ciscoSdwanSecurityPeerVmanageSystemIp,
		ciscoSdwanSecurityPublicIp,
		ciscoSdwanSecurityPublicPort,
		ciscoSdwanSecuritySrcColor,
		ciscoSdwanSecurityRemoteColor,
		ciscoSdwanSecurityUptime,
		ciscoSdwanSecurityNewState,
		ciscoSdwanSecurityLocalSystemIp,
		ciscoSdwanSecurityLocalColor,
		ciscoSdwanSecurityReason,
		ciscoSdwanSecurityOldPublicIp,
		ciscoSdwanSecurityOldPublicPort,
		ciscoSdwanSecurityNewPublicIp,
		ciscoSdwanSecurityNewPublicPort,
		ciscoSdwanSecurityColor,
		ciscoSdwanSecurityUuid,
		ciscoSdwanSecuritySerial,
		ciscoSdwanSecurityVmanageConnectionPreference,
		ciscoSdwanSecurityOrganizationName,
		ciscoSdwanSecuritySpOrganizationName,
		ciscoSdwanSecurityCertificateType,
		ciscoSdwanSecurityCertificateSerialNumber,
		ciscoSdwanSecurityIssuer,
		ciscoSdwanSecurityDaysToExpiry
	    }
    STATUS          current
    DESCRIPTION
        "This is a collection of objects of 
	                         security notification objects."
    ::= { ciscoSdwanSecurityMIBGroups 2 }

cSdwanSecurityNotifsGroup NOTIFICATION-GROUP
   NOTIFICATIONS {
                  ciscoSdwanSecurityControlConnectionStateChange,
		  ciscoSdwanSecurityControlConnectionAuthFail,
		  ciscoSdwanSecurityControlConnectionTlocIpChange,
		  ciscoSdwanSecurityControlVbondStateChange,
		  ciscoSdwanSecurityControlNoActiveVsmart,
		  ciscoSdwanSecurityControlNoActiveVbond,
		  ciscoSdwanSecurityTunnelIpsecRekey,
		  ciscoSdwanSecurityTunnelIpsecManualRekey,
		  ciscoSdwanSecuritySecurityRootCertChainInstalled,
		  ciscoSdwanSecuritySecurityCertificateExpiring,
		  ciscoSdwanSecuritySecurityCertificateExpired,
		  ciscoSdwanSecuritySecurityCertificateInstalled,
		  ciscoSdwanSecuritySecurityNewCsrGenerated,
		  ciscoSdwanSecuritySecurityRootCertChainUninstalled,
		  ciscoSdwanSecuritySecurityClearInstalledCertificate,
		  ciscoSdwanSecuritySecurityVedgeSerialFileUploaded,
		  ciscoSdwanSecuritySecurityVsmartSerialFileUploaded,
		  ciscoSdwanSecuritySecurityVedgeEntryAdded,
		  ciscoSdwanSecuritySecurityVedgeEntryRemoved,
		  ciscoSdwanSecuritySecurityVsmartEntryAdded,
		  ciscoSdwanSecuritySecurityVsmartEntryRemoved,
		  ciscoSdwanSecurityVmanageConnectionPreferenceChanged,
		  ciscoSdwanSecurityVbondRejectVedgeConnection,
		  ciscoSdwanSecurityDeviceTemplateMissing,
		  ciscoSdwanSecurityDeviceTemplateAttachedDuringZtp
                 }
    STATUS          current
    DESCRIPTION
        "This is a collection of security notifications."  
    ::= { ciscoSdwanSecurityMIBGroups 3 }

cSdwanSecurityControlSummaryGroup OBJECT-GROUP
    OBJECTS {
             controlSummaryInstance,
         controlSummaryVbondCounts,
         controlSummaryVmanageCounts,
         controlSummaryVsmartCounts
                 }
    STATUS          current
    DESCRIPTION
        "This is a collection of objects of
                             security control summary."
    ::= { ciscoSdwanSecurityMIBGroups 4 }

cSdwanSecurityControlAffinityGroup OBJECT-GROUP
    OBJECTS {
             controlAffinityConfigAffcIndex,
         controlAffinityConfigAffcInterface,
         controlAffinityConfigAffcErvc,
         controlAffinityConfigAffcEcl,
         controlAffinityConfigAffcCcl,
         controlAffinityConfigAffcEquil,
         controlAffinityConfigAffcLastResort
                 }
    STATUS          current
    DESCRIPTION
        "This is a collection of objects of
                             security affinity config."
    ::= { ciscoSdwanSecurityMIBGroups 5 }

END
