-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Trend Micro, Inc.
-- Copyright information is in the DESCRIPTION section of the MODULE-IDENTITY.
-- 
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

TPT-NGFW-PERFORMANCE-MIB

DEFINITIONS ::= BEGIN

IMPORTS
  MODULE-IDENTITY, 
  OBJECT-TYPE, 
  OBJECT-IDENTITY,
  Unsigned32,
  Counter64
    FROM SNMPv2-SMI

  TEXTUAL-CONVENTION
    FROM SNMPv2-TC

  MODULE-COMPLIANCE,
  OBJECT-GROUP
    FROM SNMPv2-CONF

  tpt-ngfw-compls,
  tpt-ngfw-groups,
  tpt-ngfw-objs
    FROM TPT-NGFW-REG-MIB
;

tptNgfwPerformance MODULE-IDENTITY
  LAST-UPDATED "201605251854Z" -- May 25, 2016
  ORGANIZATION "Trend Micro, Inc."
  CONTACT-INFO "www.trendmicro.com"
  DESCRIPTION
    "
     Firewall, IPS, and SSL Inspection performance metrics for TippingPoint Next-Generation 
     Firewall products.

     Copyright (C) 2016 Trend Micro Incorporated. All Rights Reserved.
     
     Trend Micro makes no warranty of any kind with regard to this material,
     including, but not limited to, the implied warranties of merchantability
     and fitness for a particular purpose. Trend Micro shall not be liable for
     errors contained herein or for incidental or consequential damages in
     connection with the furnishing, performance, or use of this material. This
     document contains proprietary information, which is protected by copyright. No
     part of this document may be photocopied, reproduced, or translated into
     another language without the prior written consent of Trend Micro. The
     information is provided 'as is' without warranty of any kind and is subject to
     change without notice. The only warranties for Trend Micro products and
     services are set forth in the express warranty statements accompanying such
     products and services. Nothing herein should be construed as constituting an
     additional warranty. Trend Micro shall not be liable for technical or editorial
     errors or omissions contained herein. TippingPoint(R), the TippingPoint logo, and
     Digital Vaccine(R) are registered trademarks of Trend Micro. All other company
     and product names may be trademarks of their respective holders. All rights
     reserved. This document contains confidential information, trade secrets or
     both, which are the property of Trend Micro. No part of this documentation may
     be reproduced in any form or by any means or used to make any derivative work
     (such as translation, transformation, or adaptation) without written permission
     from Trend Micro or one of its subsidiaries. All other company and product
     names may be trademarks of their respective holders.
    "

  REVISION "201605251854Z" -- May 25, 2016 
  DESCRIPTION "Updated copyright information. Minor MIB syntax fixes."
  
  REVISION    "201301031739Z" -- January 3, 2013
  DESCRIPTION "Initial version of NGFW Performance MIB."

::= { tpt-ngfw-objs 3 } 

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Textual Conventions
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

TptNgfwPerfPacketSizeGrouping ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION "Packet size buckets for packet size distribution table."  
  SYNTAX      INTEGER { bytes64(0), bytes65to127(1), bytes128to255(2),
                        bytes256to511(3), bytes512to1023(4), bytes1024to1518(5),
                        bytes1519to4095(6), bytes4096to9216(7), bytes9217to16383(8),
                        undersize(9), oversize(10) }

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Network metrics
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

tptNgfwPerformanceObjs OBJECT-IDENTITY
  STATUS      current
  DESCRIPTION "Sub-tree of network traffic metrics for firewall ports."
  ::= { tptNgfwPerformance 1 } 

tptNgfwPerfPacketsIn OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total firewall ports packets received."
  ::= { tptNgfwPerformanceObjs 1 }

tptNgfwPerfPacketsOut OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total firewall ports packets transmitted."
  ::= { tptNgfwPerformanceObjs 2 }

tptNgfwPerfBytesIn OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total firewall ports bytes received."
  ::= { tptNgfwPerformanceObjs 3 }

tptNgfwPerfBytesOut OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total firewall ports bytes transmitted."
  ::= { tptNgfwPerformanceObjs 4 }

tptNgfwPerfFragmentsIn OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total firewall ports fragments received."
  ::= { tptNgfwPerformanceObjs 5 }

tptNgfwPerfFragmentsOut OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total firewall ports fragments transmitted."
  ::= { tptNgfwPerformanceObjs 6 }

tptNgfwPerfPacketDistTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF TptNgfwPerfPacketDistEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Packet size distribution for firewall ports."
  ::= { tptNgfwPerformanceObjs 7 }

tptNgfwPerfPacketDistEntry OBJECT-TYPE
  SYNTAX      TptNgfwPerfPacketDistEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the packet size distribution table.
     Rows cannot be created or deleted.
    "
  INDEX       { tptNgfwPerfPacketDistEntryIndex }
  ::= { tptNgfwPerfPacketDistTable 1 }

TptNgfwPerfPacketDistEntry ::= SEQUENCE {
  tptNgfwPerfPacketDistEntryIndex    Unsigned32,
  tptNgfwPerfPacketDistSizeGrp       TptNgfwPerfPacketSizeGrouping,
  tptNgfwPerfPacketDistSizeGrpCount  Counter64
}

tptNgfwPerfPacketDistEntryIndex OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Index of the packet size distribution row.
     The first entry is 1."
  ::= { tptNgfwPerfPacketDistEntry 1 }

tptNgfwPerfPacketDistSizeGrp OBJECT-TYPE
  SYNTAX      TptNgfwPerfPacketSizeGrouping
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Packet size group."
  ::= { tptNgfwPerfPacketDistEntry 2 }

tptNgfwPerfPacketDistSizeGrpCount OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of packets for this size group."
  ::= { tptNgfwPerfPacketDistEntry 3 }

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Firewall metrics
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

tptNgfwPerfFWObjs OBJECT-IDENTITY
  STATUS      current
  DESCRIPTION "Sub-tree of firewall performance metrics."
  ::= { tptNgfwPerformance 2 } 

tptNgfwPerfFWBlocks OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of sessions blocked by firewall rules."
  ::= { tptNgfwPerfFWObjs 1 }

tptNgfwPerfFWPermits OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of sessions permitted by firewall rules."
  ::= { tptNgfwPerfFWObjs 2 }

tptNgfwPerfFWSessions OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Current active firewall session count."
  ::= { tptNgfwPerfFWObjs 3 }


-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- IPS metrics
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

tptNgfwPerfIPSObjs OBJECT-IDENTITY
  STATUS      current
  DESCRIPTION "Sub-tree of IPS performance metrics."
  ::= { tptNgfwPerformance 3 } 

tptNgfwPerfIPSManagedStreams OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of IPS Managed streams. 
     Includes Blocked, Quarantined, Rate Limited, and Trusted streams."
  ::= { tptNgfwPerfIPSObjs 1 }

tptNgfwPerfIPSQuarantineCount OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of IPS Quarantined streams."
  ::= { tptNgfwPerfIPSObjs 2 }

tptNgfwPerfIPSRateLimitCount OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of IPS Rate Limited streams."
  ::= { tptNgfwPerfIPSObjs 3 }

tptNgfwPerfIPSAfcEntries OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of IPS AFC (Adaptive Filter Control) entries."
  ::= { tptNgfwPerfIPSObjs 4 }

tptNgfwPerfIPSAfcAppEntries OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of IPS AFC (Adaptive Filter Control) Application entries."
  ::= { tptNgfwPerfIPSObjs 5 }

tptNgfwPerfIPSBlockedStreams OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of IPS Blocked streams."
  ::= { tptNgfwPerfIPSObjs 6 }

tptNgfwPerfIPSTrustedStreams OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Total count of IPS Trusted streams."
  ::= { tptNgfwPerfIPSObjs 7 }

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Groups
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

tptNgfwPerformanceGroup OBJECT-GROUP
  OBJECTS      {
                 tptNgfwPerfPacketsIn,
                 tptNgfwPerfPacketsOut,
                 tptNgfwPerfBytesIn,
                 tptNgfwPerfBytesOut,
                 tptNgfwPerfFragmentsIn,
                 tptNgfwPerfFragmentsOut,
                 tptNgfwPerfFWBlocks,
                 tptNgfwPerfFWPermits,
                 tptNgfwPerfFWSessions,
                 tptNgfwPerfIPSManagedStreams,
                 tptNgfwPerfIPSQuarantineCount,
                 tptNgfwPerfIPSRateLimitCount,
                 tptNgfwPerfIPSAfcEntries,
                 tptNgfwPerfIPSAfcAppEntries,
                 tptNgfwPerfIPSBlockedStreams,
                 tptNgfwPerfIPSTrustedStreams,
                 tptNgfwPerfPacketDistSizeGrp,
                 tptNgfwPerfPacketDistSizeGrpCount
               }

  STATUS       current
  DESCRIPTION  
    "
     Performance group for Next-generation Firewall products consisting
     firewall and IPS performance metrics.
    "
::= { tpt-ngfw-groups 6 }

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Compliances
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

tptNgfwPerformanceCompl MODULE-COMPLIANCE
    STATUS      current
    DESCRIPTION "Compliance for TippingPoint Next-generation Firewalls products."

    MODULE
      MANDATORY-GROUPS { tptNgfwPerformanceGroup }
::= { tpt-ngfw-compls 3 }


END
