-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Trend Micro, Inc.
-- Copyright information is in the DESCRIPTION section of the MODULE-IDENTITY.
-- 
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

TPT-POLICY-MIB

DEFINITIONS ::= BEGIN

IMPORTS
  MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, OBJECT-IDENTITY,
  Unsigned32, Counter32, Counter64, IpAddress, Integer32
    FROM SNMPv2-SMI

  TEXTUAL-CONVENTION
    FROM SNMPv2-TC

  Ipv6Address
    FROM IPV6-TC

  SnmpAdminString
    FROM SNMP-FRAMEWORK-MIB

  tpt-tpa-objs, tpt-tpa-eventsV2, tpt-tpa-unkparams
    FROM TPT-TPAMIBS-MIB
  ;

tpt-policy MODULE-IDENTITY
  LAST-UPDATED "201605251854Z" -- May 25, 2016
  ORGANIZATION "Trend Micro, Inc."
  CONTACT-INFO "www.trendmicro.com"
  DESCRIPTION
    "TPA policy counters.

     Copyright (C) 2016 Trend Micro Incorporated. All Rights Reserved.
     
     Trend Micro makes no warranty of any kind with regard to this material,
     including, but not limited to, the implied warranties of merchantability
     and fitness for a particular purpose. Trend Micro shall not be liable for
     errors contained herein or for incidental or consequential damages in
     connection with the furnishing, performance, or use of this material. This
     document contains proprietary information, which is protected by copyright. No
     part of this document may be photocopied, reproduced, or translated into
     another language without the prior written consent of Trend Micro. The
     information is provided 'as is' without warranty of any kind and is subject to
     change without notice. The only warranties for Trend Micro products and
     services are set forth in the express warranty statements accompanying such
     products and services. Nothing herein should be construed as constituting an
     additional warranty. Trend Micro shall not be liable for technical or editorial
     errors or omissions contained herein. TippingPoint(R), the TippingPoint logo, and
     Digital Vaccine(R) are registered trademarks of Trend Micro. All other company
     and product names may be trademarks of their respective holders. All rights
     reserved. This document contains confidential information, trade secrets or
     both, which are the property of Trend Micro. No part of this documentation may
     be reproduced in any form or by any means or used to make any derivative work
     (such as translation, transformation, or adaptation) without written permission
     from Trend Micro or one of its subsidiaries. All other company and product
     names may be trademarks of their respective holders.
    "
  
  REVISION "201605251854Z" -- May 25, 2016 
  DESCRIPTION "Updated copyright information. Minor MIB syntax fixes."
  
  REVISION    "201506191830Z" -- June 19, 2015
  DESCRIPTION "Added SSL inspection notification."
  
  REVISION    "201505281330Z" -- May 28, 2015
  DESCRIPTION "Added SSL inspected flag parameter to policy notifications."
    
  REVISION    "201412151142Z" -- December 15, 2014
  DESCRIPTION "Updated table sequence entries to be SMI compliant."

  ::= { tpt-tpa-objs 1 }

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
--  Variable definitions
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


-- Global (as opposed to per-policy) values

policyPacketsDropped OBJECT-TYPE
  SYNTAX      Counter32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of packets discarded due to network congestion."
  ::= { tpt-policy 1 }

policyPacketsBlocked OBJECT-TYPE
  SYNTAX      Counter32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The cumulative number of packets blocked because of policy actions."
  ::= { tpt-policy 2 }

policyPacketsIncoming OBJECT-TYPE
  SYNTAX      Counter32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of incoming packets."
  ::= { tpt-policy 3 }

policyPacketsOutgoing OBJECT-TYPE
  SYNTAX      Counter32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of outgoing packets."
  ::= { tpt-policy 4 }

policyPacketsInvalid OBJECT-TYPE
  SYNTAX      Counter32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of packets discarded because they were invalid."
  ::= { tpt-policy 6 }

policyPacketsPermitted OBJECT-TYPE
  SYNTAX      Counter32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The cumulative number of packets permitted because of policy actions."
  ::= { tpt-policy 7 }

policyPacketsDropped64 OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of packets discarded due to network congestion."
  ::= { tpt-policy 31 }

policyPacketsBlocked64 OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The cumulative number of packets blocked because of policy actions."
  ::= { tpt-policy 32 }

policyPacketsIncoming64 OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of incoming packets."
  ::= { tpt-policy 33 }

policyPacketsOutgoing64 OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of outgoing packets."
  ::= { tpt-policy 34 }

policyPacketsInvalid64 OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of packets discarded because they were invalid."
  ::= { tpt-policy 36 }

policyPacketsPermitted64 OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of packets permitted because of policy actions."
  ::= { tpt-policy 37 }

policyPacketsRateLimited64 OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of packets discarded by rate limiting filters."
  ::= { tpt-policy 38 }

policyPacketsTrusted64 OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The cumulative number of packets trusted because of policy actions."
  ::= { tpt-policy 39 }


-- Digital Vaccine information

policyDVObjs OBJECT-IDENTITY
  STATUS      current
  DESCRIPTION "Sub-tree of Digital Vaccine information."
  ::= { tpt-policy 10 }

policyDVVersion OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..80))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The version number of the Digital Vaccine on this machine."
  ::= { policyDVObjs 1 }


-- Table of per-policy values

policyCounterTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF PolicyCounterEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "Table of per-policy counter values."
  ::= { tpt-policy 5 } 

policyCounterEntry OBJECT-TYPE
  SYNTAX      PolicyCounterEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "An entry in the policy counter table.  
     Rows cannot be created or deleted.
    "
  INDEX       { policyGlobalID }
  ::= { policyCounterTable 1 }

PolicyCounterEntry ::= SEQUENCE {
  policyGlobalID          OCTET STRING,
  policyDescriptiveName   OCTET STRING,
  policyCountBytes        Counter64,
  policyCountPackets      Counter64,
  policyCreationTime      Unsigned32
}

policyGlobalID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The global identifier of a policy."
  ::= { policyCounterEntry 1 }

policyDescriptiveName OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..80))
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The human-readable name of a policy."
  ::= { policyCounterEntry 2 }

policyCountBytes OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The total number of bytes affected by the given policy."
  ::= { policyCounterEntry 3 }

policyCountPackets OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The total number of packets affected by the given policy."
  ::= { policyCounterEntry 4 }

policyCreationTime OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The time the policy was pushed to NetPAL, in seconds since the epoch."
  ::= { policyCounterEntry 5 }


-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Textual conventions for statistical reports
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

PolicyProtocol ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION 
    "A selection from a set of networking protocols detected by a policy."
  SYNTAX      INTEGER { icmp(1), udp(2), tcp(3), other-ip(4), 
                        arp(5), other-eth(6), icmpv6(7), other-ipv6(8) }

PolicyFrameSize ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION 
    "A selection from a set of layer-2 frame size categories."
  SYNTAX      INTEGER { fs64B(1),        fs65to127B(2), 
                        fs128to255B(3),  fs256to511B(4), 
                        fs512to1023B(5), fs1024toMaxB(6), 
                        fsMaxto4095B(7), fs4096to9216B(8), 
                        fsUnder(9),      fsOver(10),
                        fs9217to16383(11) }

PolicyFrameType ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION 
    "A selection from a set of layer-2 frame types based on addressing and 
     error status."
  SYNTAX      INTEGER { unicast(1),    broadcast(2), 
                        multicast(3),  macControl(4), 
                        fcsError(5),   alignError(6), 
                        symbolError(7) }

PolicySeverity ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION 
    "A selection from a set of severity levels used by policies.
     Used for both statistical reports and notifications."
  SYNTAX      INTEGER { warning(1), minor(2), major(3), critical(4)}


-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Statistical reports
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

-- Table of top ten policies

topTenHitsByPolicyTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF TopTenHitsByPolicyEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of policies with the ten greatest hit counts."
  ::= { tpt-policy 11 } 

topTenHitsByPolicyEntry OBJECT-TYPE
  SYNTAX      TopTenHitsByPolicyEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the top ten policies table.  
     Rows cannot be created or deleted.
    "
  INDEX       { topTenRank }
  ::= { topTenHitsByPolicyTable 1 }

TopTenHitsByPolicyEntry ::= SEQUENCE {
  topTenRank              Unsigned32,
  policyHitCount          Unsigned32,
  policyName              OCTET STRING,
  policyUUID              OCTET STRING
}

topTenRank OBJECT-TYPE
  SYNTAX      Unsigned32 (1..10)
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The numerical ranking 1 through 10 of a policy."
  ::= { topTenHitsByPolicyEntry 1 }

policyHitCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The count of alerts generated by a policy."
  ::= { topTenHitsByPolicyEntry 2 }

policyName OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..80))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The human-readable name of a policy."
  ::= { topTenHitsByPolicyEntry 3 }

policyUUID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The global identifier of a policy."
  ::= { topTenHitsByPolicyEntry 4 }


-- Table of alerts by severity 

alertsBySeverityTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF AlertsBySeverityEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of alert counts of all policies at each severity level."
  ::= { tpt-policy 12 } 

alertsBySeverityEntry OBJECT-TYPE
  SYNTAX      AlertsBySeverityEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the alerts by severity table.  
     Rows cannot be created or deleted.
    "
  INDEX       { alertSeverity }
  ::= { alertsBySeverityTable 1 }

AlertsBySeverityEntry ::= SEQUENCE {
  alertSeverity           PolicySeverity,
  severityAlertCount      Unsigned32
}

alertSeverity OBJECT-TYPE
  SYNTAX      PolicySeverity
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The severity of a policy."
  ::= { alertsBySeverityEntry 1 }

severityAlertCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The count of alerts generated by all policies of a given severity."
  ::= { alertsBySeverityEntry 2 }


-- Table of alerts by protocol 

alertsByProtocolTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF AlertsByProtocolEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of alert counts of all policies at each protocol."
  ::= { tpt-policy 13 } 

alertsByProtocolEntry OBJECT-TYPE
  SYNTAX      AlertsByProtocolEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the alerts by protocol table.  
     Rows cannot be created or deleted.
    "
  INDEX       { alertProtocol }
  ::= { alertsByProtocolTable 1 }

AlertsByProtocolEntry ::= SEQUENCE {
  alertProtocol           PolicyProtocol,
  protocolAlertCount      Unsigned32
}

alertProtocol OBJECT-TYPE
  SYNTAX      PolicyProtocol
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The protocol of a policy."
  ::= { alertsByProtocolEntry 1 }

protocolAlertCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The count of alerts generated by all policies of a given protocol."
  ::= { alertsByProtocolEntry 2 }


-- Table of alerts by zone 

alertsByZoneTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF AlertsByZoneEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "Table of alert counts of all policies for each zone."
  ::= { tpt-policy 14 } 

alertsByZoneEntry OBJECT-TYPE
  SYNTAX      AlertsByZoneEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "An entry in the alerts by zone table.  
     Rows cannot be created or deleted.
    "
  INDEX       { alertSlot, alertPort }
  ::= { alertsByZoneTable 1 }

AlertsByZoneEntry ::= SEQUENCE {
  alertSlot           Unsigned32,
  alertPort           Unsigned32,
  zoneAlertCount      Unsigned32
}

alertSlot OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The slot portion identifying the zone affected by a policy."
  ::= { alertsByZoneEntry 1 }

alertPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The port portion identifying the zone affected by a policy."
  ::= { alertsByZoneEntry 2 }

zoneAlertCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      obsolete
  DESCRIPTION
    "The count of alerts generated by all policies of a given zone."
  ::= { alertsByZoneEntry 3 }


-- Table of permits by zone 

permitsByZoneTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF PermitsByZoneEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "Table of permit counts of all policies for each zone."
  ::= { tpt-policy 15 } 

permitsByZoneEntry OBJECT-TYPE
  SYNTAX      PermitsByZoneEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "An entry in the permits by zone table.  
     Rows cannot be created or deleted.
    "
  INDEX       { permitSlot, permitPort }
  ::= { permitsByZoneTable 1 }

PermitsByZoneEntry ::= SEQUENCE {
  permitSlot           Unsigned32,
  permitPort           Unsigned32,
  zonePermitCount      Unsigned32
}

permitSlot OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The slot portion identifying the zone affected by a policy."
  ::= { permitsByZoneEntry 1 }

permitPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The port portion identifying the zone affected by a policy."
  ::= { permitsByZoneEntry 2 }

zonePermitCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      obsolete
  DESCRIPTION
    "The count of permits generated by all policies of a given zone."
  ::= { permitsByZoneEntry 3 }


-- Table of blocks by zone 

blocksByZoneTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF BlocksByZoneEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "Table of block counts of all policies for each zone."
  ::= { tpt-policy 16 } 

blocksByZoneEntry OBJECT-TYPE
  SYNTAX      BlocksByZoneEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "An entry in the blocks by zone table.  
     Rows cannot be created or deleted.
    "
  INDEX       { blockSlot, blockPort }
  ::= { blocksByZoneTable 1 }

BlocksByZoneEntry ::= SEQUENCE {
  blockSlot           Unsigned32,
  blockPort           Unsigned32,
  zoneBlockCount      Unsigned32
}

blockSlot OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The slot portion identifying the zone affected by a policy."
  ::= { blocksByZoneEntry 1 }

blockPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The port portion identifying the zone affected by a policy."
  ::= { blocksByZoneEntry 2 }

zoneBlockCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      obsolete
  DESCRIPTION
    "The count of blocks generated by all policies of a given zone."
  ::= { blocksByZoneEntry 3 }


-- Table of p2ps by zone 

p2psByZoneTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF P2psByZoneEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "Table of p2p counts of all policies for each zone."
  ::= { tpt-policy 17 } 

p2psByZoneEntry OBJECT-TYPE
  SYNTAX      P2psByZoneEntry
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "An entry in the p2ps by zone table.  
     Rows cannot be created or deleted.
    "
  INDEX       { p2pSlot, p2pPort }
  ::= { p2psByZoneTable 1 }

P2psByZoneEntry ::= SEQUENCE {
  p2pSlot           Unsigned32,
  p2pPort           Unsigned32,
  zoneP2pCount      Unsigned32
}

p2pSlot OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The slot portion identifying the zone affected by a policy."
  ::= { p2psByZoneEntry 1 }

p2pPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      obsolete
  DESCRIPTION
    "The port portion identifying the zone affected by a policy."
  ::= { p2psByZoneEntry 2 }

zoneP2pCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      obsolete
  DESCRIPTION
    "The count of p2ps generated by all policies of a given zone."
  ::= { p2psByZoneEntry 3 }


-- Table of frames by size 

framesBySizeTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF FramesBySizeEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of frame counts received in each size category."
  ::= { tpt-policy 18 } 

framesBySizeEntry OBJECT-TYPE
  SYNTAX      FramesBySizeEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the frames by size table.  
     Rows cannot be created or deleted.
    "
  INDEX       { frameSize }
  ::= { framesBySizeTable 1 }

FramesBySizeEntry ::= SEQUENCE {
  frameSize           PolicyFrameSize,
  sizeFrameCount      Unsigned32
}

frameSize OBJECT-TYPE
  SYNTAX      PolicyFrameSize
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The size category of a frame."
  ::= { framesBySizeEntry 1 }

sizeFrameCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The count of frames received in a given size category."
  ::= { framesBySizeEntry 2 }


-- Table of frames by type 

framesByTypeTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF FramesByTypeEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of frame counts received in each type classification."
  ::= { tpt-policy 19 } 

framesByTypeEntry OBJECT-TYPE
  SYNTAX      FramesByTypeEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the frames by type table.  
     Rows cannot be created or deleted.
    "
  INDEX       { frameType }
  ::= { framesByTypeTable 1 }

FramesByTypeEntry ::= SEQUENCE {
  frameType           PolicyFrameType,
  typeFrameCount      Unsigned32
}

frameType OBJECT-TYPE
  SYNTAX      PolicyFrameType
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The type classification (e.g., unicast, broadcast, FCS error) of a frame."
  ::= { framesByTypeEntry 1 }

typeFrameCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The count of frames received in a given type classification."
  ::= { framesByTypeEntry 2 }


-- Table of packets by protocol 

packetsByProtocolTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF PacketsByProtocolEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of packet counts received for each protocol."
  ::= { tpt-policy 20 } 

packetsByProtocolEntry OBJECT-TYPE
  SYNTAX      PacketsByProtocolEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the packets by protocol table.  
     Rows cannot be created or deleted.
    "
  INDEX       { packetProtocol }
  ::= { packetsByProtocolTable 1 }

PacketsByProtocolEntry ::= SEQUENCE {
  packetProtocol          PolicyProtocol,
  protocolPacketCount     Unsigned32
}

packetProtocol OBJECT-TYPE
  SYNTAX      PolicyProtocol
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The protocol of a policy."
  ::= { packetsByProtocolEntry 1 }

protocolPacketCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The count of packets received for a given protocol."
  ::= { packetsByProtocolEntry 2 }



-- Table of port statistics

portStatsTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF PortStatsEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of statistics for each physical port."
  ::= { tpt-policy 23 } 

portStatsEntry OBJECT-TYPE
  SYNTAX      PortStatsEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the port statistics table.  
     Rows cannot be created or deleted.
    "
  INDEX       { portNumber }
  ::= { portStatsTable 1 }

PortStatsEntry ::= SEQUENCE {
  portNumber              Unsigned32,
  portName                OCTET STRING,
  portVlanTranslations    Counter64
}

portNumber OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "The numeric index of a port."
  ::= { portStatsEntry 1 }

portName OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..8))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The name of a port."
  ::= { portStatsEntry 2 }

portVlanTranslations OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "Number of packets leaving this egress port whose VLAN IDs were translated."
  ::= { portStatsEntry 3 }


-- Table of names and descriptions by policy number 

policyByNumberTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF PolicyByNumberEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of packet counts received for each protocol."
  ::= { tpt-policy 21 } 

policyByNumberEntry OBJECT-TYPE
  SYNTAX      PolicyByNumberEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the policy by number table.  
     Rows cannot be created or deleted.
    "
  INDEX       { policyNumber }
  ::= { policyByNumberTable 1 }

PolicyByNumberEntry ::= SEQUENCE {
  policyNumber            Unsigned32,
  numberName              OCTET STRING,
  numberDesc              OCTET STRING
}

policyNumber OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "The number of a policy."
  ::= { policyByNumberEntry 1 }

numberName OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..120))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The name of a policy."
  ::= { policyByNumberEntry 2 }

numberDesc OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..3000))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The description of a policy."
  ::= { policyByNumberEntry 3 }


-- Security zone pair information and statistics

securityZonePairTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF SecurityZonePairEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of information and statistics for each security zone pair."
  ::= { tpt-policy 22 } 

securityZonePairEntry OBJECT-TYPE
  SYNTAX      SecurityZonePairEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the security zone pair table.  
     Rows cannot be created or deleted.
    "
  INDEX       { szpUUID }
  ::= { securityZonePairTable 1 }

SecurityZonePairEntry ::= SEQUENCE {
  szpName                 OCTET STRING,
  szpInZoneName           OCTET STRING,
  szpOutZoneName          OCTET STRING,
  szpUUID                 OCTET STRING,
  szpInZoneUUID           OCTET STRING,
  szpOutZoneUUID          OCTET STRING,
  szpInPackets            Counter64,
  szpInOctets             Counter64,
  szpAlerts               Counter64,
  szpPermits              Counter64,
  szpBlocks               Counter64,
  szpPrecedence           Unsigned32
}

szpName OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The name of a security zone pair."
  ::= { securityZonePairEntry 1 }

szpInZoneName OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The name of the input security zone of a security zone pair."
  ::= { securityZonePairEntry 2 }

szpOutZoneName OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The name of the output security zone of a security zone pair."
  ::= { securityZonePairEntry 3 }

szpUUID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The UUID of a security zone pair."
  ::= { securityZonePairEntry 4 }

szpInZoneUUID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The UUID of the input security zone of a security zone pair."
  ::= { securityZonePairEntry 5 }

szpOutZoneUUID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The UUID of the output security zone of a security zone pair."
  ::= { securityZonePairEntry 6 }

szpInPackets OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The number of packets received on this security zone pair."
  ::= { securityZonePairEntry 7 }

szpInOctets OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The number of bytes received on this security zone pair."
  ::= { securityZonePairEntry 8 }

szpAlerts OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The number of alerts (blocks + permits) on this security zone pair."
  ::= { securityZonePairEntry 9 }

szpBlocks OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The number of blocks generated on this security zone pair."
  ::= { securityZonePairEntry 10 }

szpPermits OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The number of permits generated on this security zone pair."
  ::= { securityZonePairEntry 11 }

szpPrecedence OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The precedence of security zone pair."
  ::= { securityZonePairEntry 12 }
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Textual conventions for policy notifications
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

PolicyAction ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION 
    "A selection between three fundamental actions of a policy: blocking 
     the offending packets, detecting them but allowing them through, or rate-limiting them."
  SYNTAX      INTEGER { deny(1), allow(2), ratelimit(3) }

PolicyComponent ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION 
    "A selection from among the components of a policy, corresponding to 
     which log file is used to track the associated information."
  SYNTAX      INTEGER { invalid(0), deny(1), allow(2),
                        alert(7), block(8), peer(9) }

SslInspectedFlag ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION 
    "A flag indicating if an action was taken on an inspected SSL data stream."
  SYNTAX      INTEGER { yes(1), no(2) }
  
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Policy notifications
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

tptPolicyNotifyDeviceID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The unique identifier of the device sending this notification."
  ::= { tpt-tpa-unkparams 11 }

tptPolicyNotifyPolicyID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The unique identifier of the policy causing this notification."
  ::= { tpt-tpa-unkparams 12 }

tptPolicyNotifySignatureID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The unique identifier of the signature matching the incoming data stream."
  ::= { tpt-tpa-unkparams 13 }

tptPolicyNotifySegmentName OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      obsolete
  DESCRIPTION
    "A string of the format <slot>:<index> that uniquely identifies the 
     segment pertaining to this notification."
  ::= { tpt-tpa-unkparams 14 }

tptPolicyNotifySrcNetAddr OBJECT-TYPE
  SYNTAX      IpAddress
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The network address of the source 
     of the packet(s) triggering the policy action."
  ::= { tpt-tpa-unkparams 15 }

tptPolicyNotifySrcNetAddrV6 OBJECT-TYPE
  SYNTAX      Ipv6Address
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The IPv6 network address of the source 
     of the packet(s) triggering the policy action."
  ::= { tpt-tpa-unkparams 128 }

tptPolicyNotifySrcNetPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The network port (if applicable) of the source 
     of the packet(s) triggering the policy action."
  ::= { tpt-tpa-unkparams 16 }

tptPolicyNotifyDestNetAddr OBJECT-TYPE
  SYNTAX      IpAddress
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The network address of the destination 
     of the packet(s) triggering the policy action."
  ::= { tpt-tpa-unkparams 17 }

tptPolicyNotifyDestNetAddrV6 OBJECT-TYPE
  SYNTAX      Ipv6Address
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The IPv6 network address of the destination 
     of the packet(s) triggering the policy action."
  ::= { tpt-tpa-unkparams 129 }

tptPolicyNotifyDestNetPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The network port (if applicable) of the destination 
     of the packet(s) triggering the policy action."
  ::= { tpt-tpa-unkparams 18 }

tptPolicyNotifyStartTimeSec OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The time of the first policy hit, marking the start of the aggregation 
     period for this notification (in seconds since January 1, 1970)."
  ::= { tpt-tpa-unkparams 19 }

tptPolicyNotifyAlertAction OBJECT-TYPE
  SYNTAX      PolicyAction
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The action associated with this notification: whether the affected 
     packets were actually blocked, allowed through, or rate-limited."
  ::= { tpt-tpa-unkparams 20 }

tptPolicyNotifyConfigAction OBJECT-TYPE
  SYNTAX      PolicyAction
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The action configured for the policy, which in some cases may differ 
     from the action associated with this notification."
  ::= { tpt-tpa-unkparams 21 }

tptPolicyNotifyComponentID OBJECT-TYPE
  SYNTAX      PolicyComponent
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The component identifier of the policy causing this notification."
  ::= { tpt-tpa-unkparams 22 }

tptPolicyNotifyHitCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The number of policy hits occurring during the aggregation period for 
     this notification."
  ::= { tpt-tpa-unkparams 23 }

tptPolicyNotifyAggregationPeriod OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The duration (in minutes) of the aggregation period for this notification."
  ::= { tpt-tpa-unkparams 24 }

tptPolicyNotifySeverity OBJECT-TYPE
  SYNTAX      PolicySeverity
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The severity of the attack for this notification."
  ::= { tpt-tpa-unkparams 25 }

tptPolicyNotifyProtocol OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The network protocol of the packet(s) triggering the policy action."
  ::= { tpt-tpa-unkparams 26 }

tptPolicyNotifyAlertTimeSec OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The time this alert was initiated, marking the end of the aggregation 
     period for this notification (in seconds since January 1, 1970)."
  ::= { tpt-tpa-unkparams 27 }

tptPolicyNotifyAlertTimeNano OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The nanoseconds portion of tptPolicyNotifyAlertTimeSec."
  ::= { tpt-tpa-unkparams 28 }

tptPolicyNotifyPacketTrace OBJECT-TYPE
  SYNTAX      Integer32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The value 1 if a corresponding packet trace was logged; 0 if not."
  ::= { tpt-tpa-unkparams 29 }

tptPolicyNotifySequence OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The log file entry sequence number corresponding to this notification."
  ::= { tpt-tpa-unkparams 30 }

tptPolicyNotifyTraceBucket OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The bucket identifier for a packet trace."
  ::= { tpt-tpa-unkparams 36 }

tptPolicyNotifyTraceBegin OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The starting sequence number for a packet trace."
  ::= { tpt-tpa-unkparams 37 }

tptPolicyNotifyTraceEnd OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The ending sequence number for a packet trace."
  ::= { tpt-tpa-unkparams 38 }

tptPolicyNotifyMessageParams OBJECT-TYPE
  SYNTAX      OCTET STRING 
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "A string containing parameters (separated by vertical bars) matching the 
     Message in the Digital Vaccine (the XML tag is Message)."
  ::= { tpt-tpa-unkparams 39 }

tptPolicyNotifyStartTimeNano OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The nanoseconds portion of tptPolicyNotifyStartTimeSec."
  ::= { tpt-tpa-unkparams 40 }

tptPolicyNotifyAlertType OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "A bit field defined as follows:
        0x0001 = Alert          0x0002 = Block          0x0020 = Peer-to-peer
        0x0040 = Invalid        0x0080 = Threshold      0x0100 = Management."
  ::= { tpt-tpa-unkparams 41 }

tptPolicyNotifyInputMphy OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The physical input port of the triggering packet(s)."
  ::= { tpt-tpa-unkparams 57 }

tptPolicyNotifyVlanTag OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The VLAN tag of the triggering packet(s)."
  ::= { tpt-tpa-unkparams 58 }

tptPolicyNotifyZonePair OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "A string of the format <in zone UUID>:<out zone UUID> that identifies the 
     zone pair pertaining to this notification."
  ::= { tpt-tpa-unkparams 59 }

tptPolicyNotifyActionSetID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The action set uuid associated with this notification."
  ::= { tpt-tpa-unkparams 130 }

tptPolicyNotifyRate OBJECT-TYPE
  SYNTAX      Integer32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The rate-limit, in kbps, of the action set associated with this notification."
  ::= { tpt-tpa-unkparams 131 }

tptPolicyNotifyFlowControl OBJECT-TYPE
  SYNTAX      OCTET STRING  (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The action set flow control associated with this notification."
  ::= { tpt-tpa-unkparams 137 }

tptPolicyNotifyActionSetName OBJECT-TYPE
  SYNTAX      OCTET STRING  (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The action set name associated with this notification."
  ::= { tpt-tpa-unkparams 138 }

tptPolicyNotifyClientip OBJECT-TYPE
  SYNTAX      OCTET STRING  (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The client-ip associated with this notification."
  ::= { tpt-tpa-unkparams 139 }

tptPolicyNotifyMetadata OBJECT-TYPE
  SYNTAX      OCTET STRING  (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The metadata associated with this notification."
  ::= { tpt-tpa-unkparams 140 }
  
tptPolicyNotifySslInspected OBJECT-TYPE
  SYNTAX     SslInspectedFlag
  MAX-ACCESS read-only
  STATUS     current
  DESCRIPTION
    "A flag indicting if the notification is associated with an inspected SSL data stream. This flag is only present
     on IPS and Quarantine events and doesn't apply to Reputation."
  ::= { tpt-tpa-unkparams 180 }
  
tptPolicyNotifyVirtualSegment OBJECT-TYPE
  SYNTAX      SnmpAdminString (SIZE(0..127))
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "Virtual segment associated with this notification.
              "
::= { tpt-tpa-unkparams 182 }

tptPolicyNotify NOTIFICATION-TYPE
  OBJECTS     { tptPolicyNotifyDeviceID,     tptPolicyNotifyPolicyID, 
                tptPolicyNotifySignatureID,  tptPolicyNotifyZonePair, 
                tptPolicyNotifyInputMphy,    tptPolicyNotifyVlanTag, 
                tptPolicyNotifySrcNetAddr,   tptPolicyNotifySrcNetPort, 
                tptPolicyNotifyDestNetAddr,  tptPolicyNotifyDestNetPort, 
                tptPolicyNotifyProtocol,     tptPolicyNotifyMessageParams,
                tptPolicyNotifyHitCount,     tptPolicyNotifyAggregationPeriod,
                tptPolicyNotifyStartTimeSec, tptPolicyNotifyStartTimeNano,
                tptPolicyNotifyAlertTimeSec, tptPolicyNotifyAlertTimeNano,
                tptPolicyNotifyPacketTrace,  tptPolicyNotifyTraceBucket,  
                tptPolicyNotifyTraceBegin,   tptPolicyNotifyTraceEnd,  
                tptPolicyNotifyAlertAction,  tptPolicyNotifyConfigAction, 
                tptPolicyNotifyComponentID,  tptPolicyNotifyAlertType,
                tptPolicyNotifySeverity,     tptPolicyNotifySequence,
                tptPolicyNotifySrcNetAddrV6, tptPolicyNotifyDestNetAddrV6,
                tptPolicyNotifyActionSetID,  tptPolicyNotifyRate,
                tptPolicyNotifyFlowControl,  tptPolicyNotifyActionSetName,
                tptPolicyNotifyClientip,     tptPolicyNotifyMetadata,
                tptPolicyNotifySslInspected
              }
  STATUS      current
  DESCRIPTION
    "Notification: Used to inform the management station of a policy alert 
     action (either deny or allow) resulting from a signature match."
  ::= { tpt-tpa-eventsV2 8 }

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- SSL Inspection Policy Notifications
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

-- - - - - - - - - - - - 
-- Textual Conventions
-- - - - - - - - - - - -

SslProtocol ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION "The SSL protocol version.
              "
  SYNTAX      INTEGER { unknown(1), sslv3(2), tls10(3), tls11(4), tls12(5) }

SslInspEventType ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION "The type of SSL connection, either inbound or outbound.
              "
  SYNTAX      INTEGER { inbound(1), outbound(2) }
  
SslInspAction ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION "The action taken on an SSL connection.
              "
  SYNTAX      INTEGER { decrypted(1), notDecrypted(2), blocked(3) }
 
 -- - - - - - - - - - - - - - - - - 
 -- SSL Inspection Trap Parameters
 -- - - - - - - - - - - - - - - - - 
 
tptPolicyNotifySslInspEventType OBJECT-TYPE
  SYNTAX      SslInspEventType
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The SSL connection type.
              "
::= { tpt-tpa-unkparams 190 }

tptPolicyNotifySslInspAction OBJECT-TYPE
  SYNTAX      SslInspAction
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The SSL connection action taken.
              "
::= { tpt-tpa-unkparams 191 }

tptPolicyNotifySslInspDetails OBJECT-TYPE
  SYNTAX      SnmpAdminString (SIZE(0..255))
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "Free-form field that provides additional details for the action taken
               on a SSL connection.
              "
::= { tpt-tpa-unkparams 192 }

tptPolicyNotifySslInspPolicy OBJECT-TYPE
  SYNTAX      SnmpAdminString (SIZE(0..127))
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The SSL inspection policy.
              "
::= { tpt-tpa-unkparams 193 }

tptPolicyNotifySslInspCert OBJECT-TYPE
  SYNTAX      SnmpAdminString (SIZE(0..127))
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The certificate used to decrypt SSL traffic.
              "
::= { tpt-tpa-unkparams 194 }

tptPolicyNotifySslInspCltIF OBJECT-TYPE
  SYNTAX      SnmpAdminString (SIZE(0..40))
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The client-side interface receiving SSL traffic.
              "
::= { tpt-tpa-unkparams 195 }

tptPolicyNotifySslInspCltSslVer OBJECT-TYPE
  SYNTAX      SslProtocol
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The client-side SSL protocol version.
              "
::= { tpt-tpa-unkparams 196 }

tptPolicyNotifySslInspCltCrypto OBJECT-TYPE
  SYNTAX      SnmpAdminString (SIZE(0..80))
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The client-side SSL crypto-suite.
              "
::= { tpt-tpa-unkparams 197 }

tptPolicyNotifySslInspSrvIF OBJECT-TYPE
  SYNTAX      SnmpAdminString (SIZE(0..40))
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The server-side interface sending SSL traffic.
              "
::= { tpt-tpa-unkparams 198 }

tptPolicyNotifySslInspSrvSslVer OBJECT-TYPE
  SYNTAX      SslProtocol
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The server-side SSL protocol version.
              "
::= { tpt-tpa-unkparams 199 }

tptPolicyNotifySslInspSrvCrypto OBJECT-TYPE
  SYNTAX      SnmpAdminString (SIZE(0..80))
  MAX-ACCESS  accessible-for-notify
  STATUS      current 
  DESCRIPTION "The server-side SSL crypto-suite.
              "
::= { tpt-tpa-unkparams 200 }

tptPolicySslInspNotify NOTIFICATION-TYPE
  OBJECTS     { 
                    tptPolicyNotifyDeviceID,     
                    tptPolicyNotifyAlertTimeSec, 
                    tptPolicyNotifyAlertTimeNano,              
                    tptPolicyNotifySslInspEventType,
                    tptPolicyNotifySeverity,
                    tptPolicyNotifySslInspAction,
                    tptPolicyNotifySslInspDetails,        
                    tptPolicyNotifyVirtualSegment,       
                    tptPolicyNotifySslInspPolicy,
                    tptPolicyNotifySslInspCert,      
                    tptPolicyNotifySslInspCltIF,                    
                    tptPolicyNotifySslInspCltSslVer,
                    tptPolicyNotifySslInspCltCrypto,                
                    tptPolicyNotifySslInspSrvIF,
                    tptPolicyNotifySslInspSrvSslVer,
                    tptPolicyNotifySslInspSrvCrypto,                                   
                    tptPolicyNotifySrcNetAddr,
                    tptPolicyNotifySrcNetPort,
                    tptPolicyNotifyDestNetAddr,
                    tptPolicyNotifyDestNetPort
              }
  STATUS      current
  DESCRIPTION "A notification sent when an action is taken on a SSL connection.
              "
::= { tpt-tpa-eventsV2 27 }

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Policy log notifications
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

tptPolicyLogNotifyDeviceID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The unique identifier of the device sending this notification."
  ::= { tpt-tpa-unkparams 121 }

tptPolicyLogNotifyComponentID OBJECT-TYPE
  SYNTAX      PolicyComponent
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The type of log (alert, block, or peer) pertaining to this notification."
  ::= { tpt-tpa-unkparams 122 }

tptPolicyLogNotifyNumber OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The number of policy log entries since the last SMS log file retrieval."
  ::= { tpt-tpa-unkparams 123 }

tptPolicyLogNotifyTrigger OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The number of policy log entries needed to trigger this notification."
  ::= { tpt-tpa-unkparams 124 }

tptPolicyLogNotifySequence OBJECT-TYPE
  SYNTAX      Counter64
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The current log file entry sequence number."
  ::= { tpt-tpa-unkparams 125 }

tptPolicyLogNotify NOTIFICATION-TYPE
  OBJECTS     { tptPolicyLogNotifyDeviceID,     tptPolicyLogNotifyComponentID,
                tptPolicyLogNotifyNumber,       tptPolicyLogNotifyTrigger,
                tptPolicyLogNotifySequence }
  STATUS      current
  DESCRIPTION
    "Notification: Used to inform the management station that some number of 
     policy log entries of a particular type (alert, block, or peer) occurred 
     since the last time the management station retrieved the corresponding 
     log file."
  ::= { tpt-tpa-eventsV2 19 }


END

