KL-NGFW-MIB DEFINITIONS ::= BEGIN -- -- MIB objects for Kaspersky NGFW project. -- IMPORTS enterprises, MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, INTEGER, OCTET STRING, Counter32, Counter64 FROM SNMPv2-SMI ; kaspersky OBJECT IDENTIFIER ::= { enterprises 23668 } ngfw MODULE-IDENTITY LAST-UPDATED "202503140000Z" ORGANIZATION "Kaspersky Lab" CONTACT-INFO "email: info@kaspersky.com" DESCRIPTION "Top-level infrastructure of Kaspersky Lab NGFW project enterprise MIB tree." ::= { kaspersky 8107 } -- -- SNMP subagent management objects. -- ngfwScalars OBJECT IDENTIFIER ::= { ngfw 1 } system OBJECT IDENTIFIER ::= { ngfwScalars 1 } information OBJECT IDENTIFIER ::= { system 1 } status OBJECT IDENTIFIER ::= { system 2 } ids OBJECT IDENTIFIER ::= { ngfwScalars 2 } dpi OBJECT IDENTIFIER ::= { ngfwScalars 3 } antivirus OBJECT IDENTIFIER ::= { ngfwScalars 4 } interfaces OBJECT IDENTIFIER ::= { ngfwScalars 5 } health OBJECT IDENTIFIER ::= { ngfwScalars 6 } counters OBJECT IDENTIFIER ::= { ngfwScalars 7 } session OBJECT IDENTIFIER ::= { ngfwScalars 8 } webControl OBJECT IDENTIFIER ::= { ngfwScalars 9 } nat OBJECT IDENTIFIER ::= { ngfwScalars 10 } dnsSecurity OBJECT IDENTIFIER ::= { ngfwScalars 11 } kata OBJECT IDENTIFIER ::= { ngfwScalars 12 } ngfwTables OBJECT IDENTIFIER ::= { ngfw 2 } ngfwNotifications OBJECT IDENTIFIER ::= { ngfw 3 } traps OBJECT IDENTIFIER ::= { ngfwNotifications 1 } objects OBJECT IDENTIFIER ::= { ngfwNotifications 2 } -- -- NGFW Scalars -- version OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "System version." ::= { information 2 } deviceModel OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Device model." ::= { information 3 } hostname OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Hostname." ::= { information 4 } upTime OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "System up time." ::= { information 5 } lastReboot OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "System last reboot time." ::= { information 6 } systemTime OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Current system time." ::= { information 7 } deviceStatus OBJECT-TYPE SYNTAX INTEGER { Ok (0), Warning (1), Critical (2), Initialization (3) } MAX-ACCESS read-only STATUS current DESCRIPTION "Current system status." ::= { status 1 } deviceStatusReason OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "System status information." ::= { status 2 } cpuUsage OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Usage of the cpu %." ::= { health 1 } totalRam OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Total physical memory MB." ::= { health 4 } freeRam OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Free physical memory MB." ::= { health 5 } memoryAvailable OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Available memory MB." ::= { health 6 } usedMemory OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Used memory MB." ::= { health 7 } freeRamPct OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Free memory %." ::= { health 8 } totalSwap OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Total swap memory MB." ::= { health 9 } freeSwap OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Free swap memory MB." ::= { health 10 } freeSwapPct OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Free swap memory %." ::= { health 11 } diskUsage OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "Disk usage in JSON format." ::= { health 12 } vppUsage OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "Vpp process stat in JSON format." ::= { health 13 } dpdkUsage OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "Dpdk drops in JSON format." ::= { health 14 } tcpCounters OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "TCP counters in JSON format." ::= { counters 1 } hardwareSessionsLimit OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Maximum session count supported by current hardware." ::= { session 1 } activeSessionCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Current number of active sessions." ::= { session 2 } idsState OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "State of the Ids." ::= { ids 1 } idsEnable OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "The desired state of the Ids." ::= { ids 2 } dpiState OBJECT-TYPE SYNTAX INTEGER { Starting (1), Running (2), Pausing (3), Paused (4), Resuming (5), Stopping (6), Stopped (7) } MAX-ACCESS read-only STATUS current DESCRIPTION "State of the Dpi." ::= { dpi 1 } dpiEnable OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "The desired state of the Dpi." ::= { dpi 2 } antivirusState OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "State of the Antivirus." ::= { antivirus 1 } antivirusEnable OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "The desired state of the Antivirus." ::= { antivirus 2 } interfacesLoadIntervalSec OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Time interval in seconds used to calculate rx/tx rate of the network interfaces." ::= { interfaces 1 } webControlState OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "State of the Web-control." ::= { webControl 1 } webControlEnable OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "The desired state of the Web-control." ::= { webControl 2 } natEnable OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "The desired state of the Nat." ::= { nat 2 } dnsSecurityState OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "State of the Dns security." ::= { dnsSecurity 1 } dnsSecurityEnable OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "The desired state of the Dns security." ::= { dnsSecurity 2 } kataState OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "State of the Kata." ::= { kata 1 } kataEnable OBJECT-TYPE SYNTAX INTEGER { false (0), true (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "The desired state of the Kata." ::= { kata 2 } -- -- NGFW Tables -- ifTable OBJECT-TYPE SYNTAX SEQUENCE OF IfaceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Network interfaces table." ::= { ngfwTables 1 } ifEntry OBJECT-TYPE SYNTAX IfaceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry describing single network interface." INDEX { ifIndex } ::= { ifTable 1 } IfaceEntry ::= SEQUENCE { ifIndex, ifName, ifDescr, ifOperStatus, ifAdminStatus, ifSpeed, ifDuplex, ifMtu, ifMacAddress, ifZoneName, ifZoneType, ifRxTotalPackets, ifRxTotalBytes, ifRxUnicastPackets, ifRxUnicastBytes, ifRxMulticastPackets, ifRxMulticastBytes, ifRxBroadcastPackets, ifRxBroadcastBytes, ifRxErrorPackets, ifRxRateBitsPerSec, ifRxRatePacketsPerSec, ifTxTotalPackets, ifTxTotalBytes, ifTxUnicastPackets, ifTxUnicastBytes, ifTxMulticastPackets, ifTxMulticastBytes, ifTxBroadcastPackets, ifTxBroadcastBytes, ifTxErrorPackets, ifTxRateBitsPerSec, ifTxRatePacketsPerSec, ifTotalDroppedPackets } ifIndex OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "A unique value for each network interface." ::= { ifEntry 1 } ifName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface name." ::= { ifEntry 2 } ifDescr OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "A textual string containing information about the network interface." ::= { ifEntry 3 } ifOperStatus OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Current operational state of the network interface." ::= { ifEntry 4 } ifAdminStatus OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The desired state of the network interface." ::= { ifEntry 5 } ifSpeed OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "An estimate of the network interface current bandwidth in Kbits per second." ::= { ifEntry 6 } ifDuplex OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The duplex setting of the interface." ::= { ifEntry 7 } ifMtu OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Largest IPv4 packet that the network interface will send and receive." ::= { ifEntry 9 } ifMacAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "MAC address." ::= { ifEntry 10 } ifZoneName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Zone name." ::= { ifEntry 11 } ifZoneType OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Zone type." ::= { ifEntry 12 } ifRxTotalPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface total received packets." ::= { ifEntry 101 } ifRxTotalBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface total received bytes." ::= { ifEntry 102 } ifRxUnicastPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface unicast received packets." ::= { ifEntry 103 } ifRxUnicastBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface unicast received bytes." ::= { ifEntry 104 } ifRxMulticastPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface multicast received packets." ::= { ifEntry 105 } ifRxMulticastBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface multicast received bytes." ::= { ifEntry 106 } ifRxBroadcastPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface broadcast received packets." ::= { ifEntry 107 } ifRxBroadcastBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface broadcast received bytes." ::= { ifEntry 108 } ifRxErrorPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface error received packets." ::= { ifEntry 109 } ifRxRateBitsPerSec OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Receive rate of the network interface in bits per second." ::= { ifEntry 110 } ifRxRatePacketsPerSec OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Receive rate of the network interface in packets per second." ::= { ifEntry 111 } ifTxTotalPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface total transmitted packets." ::= { ifEntry 112 } ifTxTotalBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface total transmitted bytes." ::= { ifEntry 113 } ifTxUnicastPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface unicast transmitted packets." ::= { ifEntry 114 } ifTxUnicastBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface unicast transmitted bytes." ::= { ifEntry 115 } ifTxMulticastPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface multicast transmitted packets." ::= { ifEntry 116 } ifTxMulticastBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface multicast transmitted bytes." ::= { ifEntry 117 } ifTxBroadcastPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface broadcast transmitted packets." ::= { ifEntry 118 } ifTxBroadcastBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface broadcast transmitted bytes." ::= { ifEntry 119 } ifTxErrorPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface error transmitted packets." ::= { ifEntry 120 } ifTxRateBitsPerSec OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Transmit rate of the network interface in bits per second." ::= { ifEntry 121 } ifTxRatePacketsPerSec OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Transmit rate of the network interface in packets per second." ::= { ifEntry 122 } ifTotalDroppedPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "Network interface total dropped packets." ::= { ifEntry 123 } compTable OBJECT-TYPE SYNTAX SEQUENCE OF ComponentEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "System components table." ::= { ngfwTables 2 } compEntry OBJECT-TYPE SYNTAX ComponentEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry describing single system component." INDEX { compIndex } ::= { compTable 1 } ComponentEntry ::= SEQUENCE { compIndex, compName, compVersion } compIndex OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "A unique value for each system component." ::= { compEntry 1 } compName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "System component name." ::= { compEntry 2 } compVersion OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "System component version." ::= { compEntry 3 } svcTable OBJECT-TYPE SYNTAX SEQUENCE OF ServiceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "System services table." ::= { ngfwTables 3 } svcEntry OBJECT-TYPE SYNTAX ServiceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry describing single system service." INDEX { svcIndex } ::= { svcTable 1 } ServiceEntry ::= SEQUENCE { svcIndex, svcName, svcStatus } svcIndex OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "A unique value for each system service." ::= { svcEntry 1 } svcName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "System service name." ::= { svcEntry 2 } svcStatus OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "System service status." ::= { svcEntry 3 } cpuUsageTable OBJECT-TYPE SYNTAX SEQUENCE OF CpuCoreEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "CPU cores usage table." ::= { ngfwTables 4 } cpuUsageEntry OBJECT-TYPE SYNTAX CpuCoreEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry describing single CPU core usage." INDEX { cpuCoreIndex } ::= { cpuUsageTable 1 } CpuCoreEntry ::= SEQUENCE { cpuCoreIndex, cpuCoreUsage } cpuCoreIndex OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "A unique value for each CPU core." ::= { cpuUsageEntry 1 } cpuCoreUsage OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Usage of the CPU core %." ::= { cpuUsageEntry 2 } -- -- NGFW Notifications -- deviceStatusChanged NOTIFICATION-TYPE OBJECTS { deviceStatus, deviceStatusReason } STATUS current DESCRIPTION "This notification is used to inform about changes in the device status." ::= { traps 1 } ifOperStatusChanged NOTIFICATION-TYPE OBJECTS { ifName, ifOperStatus } STATUS current DESCRIPTION "This notification is used to inform about changes in the operational state of a network interface." ::= { traps 2 } siemSenderError NOTIFICATION-TYPE OBJECTS { siemSenderMsg } STATUS current DESCRIPTION "This notification is used to inform about errors while sending events to SIEM." ::= { traps 3 } severity OBJECT-TYPE SYNTAX INTEGER { Critical (0), High (1), Medium (2), Low (3) } ACCESS accessible-for-notify STATUS current DESCRIPTION "Severity level of the notification (optional)." ::= { objects 1 } siemSenderMsg OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) ACCESS accessible-for-notify STATUS current DESCRIPTION "Message from sender to SIEM about its' status." ::= { objects 2 } END