-- *******************************************************************
-- CISCO-SNMP-HANDSHAKE-MIB.my 
-- May 2007, Devesh Pujari
--
-- Copyright (c) 2006-2007 by Cisco Systems, Inc.
-- All rights reserved.
-- *******************************************************************
--
CISCO-SNMP-HANDSHAKE-MIB DEFINITIONS ::= BEGIN

IMPORTS 
        MODULE-IDENTITY, 
        OBJECT-TYPE
                FROM SNMPv2-SMI
        MODULE-COMPLIANCE, 
        OBJECT-GROUP
                FROM SNMPv2-CONF
        bsnWireless
                FROM AIRESPACE-WIRELESS-MIB
        TruthValue
                FROM SNMPv2-TC;
                
--********************************************************************
--*  MODULE IDENTITY
--********************************************************************

ciscoSnmpHandshakeMIB  MODULE-IDENTITY
        LAST-UPDATED   "200705230000Z"
        ORGANIZATION   "Cisco Systems Inc."
        CONTACT-INFO  
               "        Cisco Systems,
                        Customer Service

                Postal: 170 West Tasman Drive
                        San Jose, CA  95134
                        USA

                   Tel: +1 800 553-NETS

                 Email: cs-wnbu-snmp@cisco.com"

        DESCRIPTION 
               "This MIB is intended for those devices where
               SNMP access is given to be given to known SNMP 
               Manager only. All the SNMP MIBs are published, 
               any thrid party SNMP browser can retrieve data 
               using SNMP protocol. By implementing this MIB, a
               application layer handshake has to be done before 
               any MIB view access is granted to SNMPV2c community 
               string or SNMPV3 user. 
               
               Once the handshake is successfully over then SNMP 
               agent can create VACM entry to provide access to any
               MIB view. 
               
                                  GLOSSARY
                
               View-based Access Control Model ( VACM )
               
               The VACM determines whether access to a managed 
               object in a local MIB by a remote SNMP manager 
               should be allowed."
                
        REVISION      "200705230000Z"
        DESCRIPTION
                   "Initial version of this MIB module."
        ::= { bsnWireless 40 }      --inside Airespace tree

                
ciscoSnmpHandshakeMIBNotifs  OBJECT IDENTIFIER ::= 
                                 { ciscoSnmpHandshakeMIB 0 }
ciscoSnmpHandshakeMIBObjects OBJECT IDENTIFIER ::= 
                                 { ciscoSnmpHandshakeMIB 1 }
ciscoSnmpHandshakeMIBConform OBJECT IDENTIFIER ::= 
                                 { ciscoSnmpHandshakeMIB 2 }
                                 
ciscoSnmpHandshakeProcess  OBJECT IDENTIFIER ::= 
                                 { ciscoSnmpHandshakeMIBObjects 1 }
                                 
ciscoSnmpHandshakeTest     OBJECT IDENTIFIER ::= 
                                 { ciscoSnmpHandshakeMIBObjects 2 }
                                 
-- *******************************************************************
-- Handshake Process
-- *******************************************************************
                                 
csHandshakeInit OBJECT-TYPE
        SYNTAX  OCTET STRING (SIZE(16))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
                "Get on this object will return random 16 bytes
                octet-string. Device will cache this string against
                IP-Address of sender. This string will be later used
                to comeplete the handshake."
    ::= { ciscoSnmpHandshakeProcess  1 }

csHandshakeUpdate OBJECT-TYPE
        SYNTAX    OCTET STRING (SIZE(16))
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
                "Set on this object will make snmp agent to run 
                the secret algorithm to give access or deny access 
                to SNMP manager. Access will be given to the community
                string used and to the sender's IP-Address only."
    ::= { ciscoSnmpHandshakeProcess  2 }
                                 
-- *******************************************************************
-- Handshake Test
-- *******************************************************************
                                 
csHandshakeCheck OBJECT-TYPE
        SYNTAX    TruthValue
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
                "This object can be use to perform test of MIB 
                view access. Once the handshake is successfully 
                completed. The MIB-view access will be granted 
                for this object, If MIB-view is not granted yet 
                for this object then no-access error will be 
                returned."
    ::= { ciscoSnmpHandshakeTest  1 }
                                 
--********************************************************************
--*    Compliance statements  
--********************************************************************
 
 ciscoSnmpHandshakeMIBCompliances OBJECT IDENTIFIER
         ::= { ciscoSnmpHandshakeMIBConform 1 }
 
 ciscoSnmpHandshakeMIBGroups OBJECT IDENTIFIER
         ::= { ciscoSnmpHandshakeMIBConform 2 }
 
 ciscoSnmpHandshakeMIBCompliance MODULE-COMPLIANCE
         STATUS     current 
         DESCRIPTION
                 "The compliance statement for the SNMP entities 
                 that implement the ciscoSnmpHandshakeMIB module."
         MODULE MANDATORY-GROUPS {                
                 ciscoSnmpHandshakeGroup
         }
         ::= { ciscoSnmpHandshakeMIBCompliances 1 }
         
 --*******************************************************************
 --* Units of conformance  
 --*******************************************************************
 
 ciscoSnmpHandshakeGroup OBJECT-GROUP
         OBJECTS {
                 csHandshakeInit,
                 csHandshakeUpdate,
                 csHandshakeCheck
         }                
         STATUS  current
         DESCRIPTION
                 "This collection of objects represents the 
                 information about attributes needed to completed
                 SNMP handhshake"
         ::= { ciscoSnmpHandshakeMIBGroups 1 }
 END
