Intrusion Detection System (Ids); Ids Threshold Cross Notification Trap; Ids Blacklist Notification Trap - AudioCodes Mediant 800 Reference Manual
Gateway & session border controller series simple network management protocol
Hide thumbs
Also See for Mediant 800:
- User manual (1482 pages) ,
- Configuration manual (81 pages) ,
- Installation manual (64 pages)
Table of Contents
Advertisement
CHAPTER 7 SNMP Traps
Intrusion Detection System (IDS)
This section describes the trap events concerned with the Intrusion Detection System (IDS)
feature.
IDS Threshold Cross Notification Trap
Event
OID
Description
Description
Default Severity
Event Type
Probable Cause
Alarm Text
Status Changes
Corrective Action
IDS Blacklist Notification Trap
Event
OID
Description
Table 7-56: acIDSThresholdCrossNotification
1.3.6.1.4.1.5003.9.10.1.21.2.0.100
The alarm is sent for each scope (IP or IP+Port) crossing a threshold of
an active alarm.
The trap is sent for each scope (IP or IPport) crossing a threshold of
an active alarm.
Other
Threshold crossed for scope value IP. Severity=minor/major/critical.
Current value=NUM
1.
Identify the remote host (IP address / port) on the network that
the Intrusion Detection System (IDS) has indicated as malicious.
The IDS determines a host to be malicious if it has reached or
exceeded a user-defined threshold of malicious attacks (counter).
2.
Block the malicious activity.
Table 7-57: acIDSBlacklistNotification
1.3.6.1.4.1.5003.9.10.1.21.2.0.101
The trap is sent when the Intrusion Detection System (IDS) feature
has blacklisted a malicious host or removed it from the blacklist.
- 159 -
Mediant 800 SBC | SNMP Reference Guide
acIDSThresholdCrossNotification
acIDSBlacklistNotification
- Quick Links:
- Introduction
- Snmp Mib Objects
- Sbc Sessions
Hide quick links:
Advertisement
Table of Contents
