This MIB is intended to be implemented on all those
devices operating as Central controllers, that
terminate the Light Weight Access Point Protocol
tunnel from Cisco Light-weight LWAPP Access Points.
Information provided by this MIB is for WLAN security
related features as specified in the CCKM, CKIP
specifications.
The relationship between the controller and the
LWAPP APs is depicted as follows:
+......+ +......+ +......+
+ + + + + +
+ CC + + CC + + CC +
+ + + + + +
+......+ +......+ +......+
.. . .
.. . .
. . . .
. . . .
. . . .
. . . .
+......+ +......+ +......+ +......+
+ + + + + + + +
+ AP + + AP + + AP + + AP +
+ + + + + + + +
+......+ +......+ +......+ +......+
. . .
. . . .
. . . .
. . . .
. . . .
+......+ +......+ +......+ +......+
+ + + + + + + +
+ MN + + MN + + MN + + MN +
+ + + + + + + +
+......+ +......+ +......+ +......+
The LWAPP tunnel exists between the controller and
the APs. The MNs communicate with the APs through
the protocol defined by the 802.11 standard.
LWAPP APs, upon bootup, discover and join one of the
controllers and the controller pushes the configuration,
that includes the WLAN parameters, to the LWAPP APs.
The APs then encapsulate all the 802.11 frames from
wireless clients inside LWAPP frames and forward
the LWAPP frames to the controller.
GLOSSARY
802.1x
The IEEE ratified standard for enforcing port based
access control. This was originally intended for
use on wired LANs and later extended for use in
802.11 WLAN environments. This defines an
architecture with three main parts - a supplicant
(Ex. an 802.11 wireless client), an authenticator
(the AP) and an authentication server(a Radius
server). The authenticator passes messages back
and forth between the supplicant and the
authentication server to enable the supplicant
get authenticated to the network.
Access Point ( AP )
An entity that contains an 802.11 medium access
control ( MAC ) and physical layer ( PHY ) interface
and provides access to the distribution services via
the wireless medium for associated clients.
LWAPP APs encapsulate all the 802.11 frames in
LWAPP frames and sends them to the controller to which
it is logically connected.
Advanced Encryption Standard ( AES )
In cryptography, the Advanced Encryption Standard
(AES), also known as Rijndael, is a block cipher
adopted as an encryption standard by the US
government. It is expected to be used worldwide
and analysed extensively, as was the case with its
predecessor, the Data Encryption Standard (DES).
AES was adopted by National Institute of Standards
and Technology (NIST) as US FIPS PUB 197 in
November 2001 after a 5-year standardisation
process.
Central Controller ( CC )
The central entity that terminates the LWAPP protocol
tunnel from the LWAPP APs. Throughout this MIB,
this entity also referred to as 'controller'.
Cisco Centralized Key Management ( CCKM )
Client and AP exchange several EAPOL packets in the
process of EAP authenticaton to determine dynamic
session key (NSK), which is used for encrypting
packets between them.
When client moves to new-AP, it has to mutually
authenticate with the new-AP and derive new NSK. This
is being done by using complete EAP authentication
(which is time consuming and causes noticeable delay
in the voice application). Till that time, no data
packets are being transmitted between new-AP and
client.
CCKM implementation in first controller caches
client's credentials like session, vlanid, ssid, etc.
and propagates the same to other controllers in
mobility group.
Currently a set of controller can be configured as
part of a mobility group. If client roams across
access points associated to this set of controllers,
then with CCKM implementation in place, the L2
authentication will not happen. To make this happen
a CCKM cache is maintained on each controller and the
first controller where client gets associated update
rest of the controllers in mobility group. On later
reassociations, controller validates the CCKM specific
IE present and allow associations.
Wireless LAN Access Points (APs) manufactured by Cisco
Systems have features and capabilities beyond those in
related standards (e.g., IEEE 802.11 suite of
standards, Wi-Fi recommendations by WECA, 802.1X
security suite, etc). A number of features provide
higher performance. For example, Cisco AP transmits a
specific Information Element, which the clients adapt
to for enhanced performance. Similarly, a number of
features are implemented by means of proprietary
Information Elements, which Cisco clients use in
specific ways to carry out tasks above and beyond the
standard.
Other examples of feature categories are roaming and
power saving.
Cisco Key Integrity Protocol ( CKIP )
A proprietary implementation similar to TKIP. CKIP
implements key permutation for protecting the CKIP
key against attacks. Other features of CKIP include
expansion of encryption key to 16 bytes of length for
key protection and MIC to ensure data integrity.
Light Weight Access Point Protocol ( LWAPP )
This is a generic protocol that defines the
communication between the Access Points and the
Central Controller.
Mobile Node ( MN )
A roaming 802.11 wireless device in a wireless
network associated with an access point. Mobile Node
and client are used interchangeably.
Multilinear Modular Hash ( MMH )
This is a message authentication code. The original
message is run through the hash (with a secret key),
and the code is the result. The code is sent along
with the original message. The receiver of the
message calculates the hash over the original message
(also with the secret key) and compares the final
message authentication code with the code sent with
the message. If the two codes match, the receiver can
be assured that the original message is authentic.
Pre-Shared Key ( PSK )
Pre-shared keys are normally used for
interoperability purposes. The basic idea is that
two parties sharing a common secret can communicate
securely. This idea has been used since cryptography
first sprung onto the scene.
Temporal Key Integrity Protocol ( TKIP )
A security protocol defined to enhance the limitations
of WEP. Message Integrity Check and per-packet keying
on all WEP-encrypted frames are two significant
enhancements provided by TKIP to WEP.
Wired Equivalent Privacy ( WEP )
A security method defined by 802.11. WEP uses a
symmetric key stream cipher called RC4 to encrypt the
data packets.
Wi-Fi Protected Access ( WPA )
Wi-Fi Protected Access (WPA and WPA2) are security
systems created in response to several serious
weaknesses found in Wired Equivalent Privacy (WEP).
WPA implements the majority of the IEEE 802.11i
standard, and was intended as an intermediate
measure to take the place of WEP while 802.11i was
prepared. WPA is designed to work with all wireless
network interface cards, but not necessarily with
first generation wireless access points.
REFERENCE
[1] Wireless LAN Medium Access Control ( MAC ) and
Physical Layer ( PHY ) Specifications,
Amendment 6, MAC Security Enhancements.
[2] draft-obara-capwap-lwapp-00.txt, IETF Light
Weight Access Point Protocol
Parsed from file CISCO-LWAPP-WLAN-SECURITY-MIB.mib
Module: CISCO-LWAPP-WLAN-SECURITY-MIB
This MIB is intended to be implemented on all those
devices operating as Central controllers, that
terminate the Light Weight Access Point Protocol
tunnel from Cisco Light-weight LWAPP Access Points.
Information provided by this MIB is for WLAN security
related features as specified in the CCKM, CKIP
specifications.
The relationship between the controller and the
LWAPP APs is depicted as follows:
+......+ +......+ +......+
+ + + + + +
+ CC + + CC + + CC +
+ + + + + +
+......+ +......+ +......+
.. . .
.. . .
. . . .
. . . .
. . . .
. . . .
+......+ +......+ +......+ +......+
+ + + + + + + +
+ AP + + AP + + AP + + AP +
+ + + + + + + +
+......+ +......+ +......+ +......+
. . .
. . . .
. . . .
. . . .
. . . .
+......+ +......+ +......+ +......+
+ + + + + + + +
+ MN + + MN + + MN + + MN +
+ + + + + + + +
+......+ +......+ +......+ +......+
The LWAPP tunnel exists between the controller and
the APs. The MNs communicate with the APs through
the protocol defined by the 802.11 standard.
LWAPP APs, upon bootup, discover and join one of the
controllers and the controller pushes the configuration,
that includes the WLAN parameters, to the LWAPP APs.
The APs then encapsulate all the 802.11 frames from
wireless clients inside LWAPP frames and forward
the LWAPP frames to the controller.
GLOSSARY
802.1x
The IEEE ratified standard for enforcing port based
access control. This was originally intended for
use on wired LANs and later extended for use in
802.11 WLAN environments. This defines an
architecture with three main parts - a supplicant
(Ex. an 802.11 wireless client), an authenticator
(the AP) and an authentication server(a Radius
server). The authenticator passes messages back
and forth between the supplicant and the
authentication server to enable the supplicant
get authenticated to the network.
Access Point ( AP )
An entity that contains an 802.11 medium access
control ( MAC ) and physical layer ( PHY ) interface
and provides access to the distribution services via
the wireless medium for associated clients.
LWAPP APs encapsulate all the 802.11 frames in
LWAPP frames and sends them to the controller to which
it is logically connected.
Advanced Encryption Standard ( AES )
In cryptography, the Advanced Encryption Standard
(AES), also known as Rijndael, is a block cipher
adopted as an encryption standard by the US
government. It is expected to be used worldwide
and analysed extensively, as was the case with its
predecessor, the Data Encryption Standard (DES).
AES was adopted by National Institute of Standards
and Technology (NIST) as US FIPS PUB 197 in
November 2001 after a 5-year standardisation
process.
Central Controller ( CC )
The central entity that terminates the LWAPP protocol
tunnel from the LWAPP APs. Throughout this MIB,
this entity also referred to as 'controller'.
Cisco Centralized Key Management ( CCKM )
Client and AP exchange several EAPOL packets in the
process of EAP authenticaton to determine dynamic
session key (NSK), which is used for encrypting
packets between them.
When client moves to new-AP, it has to mutually
authenticate with the new-AP and derive new NSK. This
is being done by using complete EAP authentication
(which is time consuming and causes noticeable delay
in the voice application). Till that time, no data
packets are being transmitted between new-AP and
client.
CCKM implementation in first controller caches
client's credentials like session, vlanid, ssid, etc.
and propagates the same to other controllers in
mobility group.
Currently a set of controller can be configured as
part of a mobility group. If client roams across
access points associated to this set of controllers,
then with CCKM implementation in place, the L2
authentication will not happen. To make this happen
a CCKM cache is maintained on each controller and the
first controller where client gets associated update
rest of the controllers in mobility group. On later
reassociations, controller validates the CCKM specific
IE present and allow associations.
Wireless LAN Access Points (APs) manufactured by Cisco
Systems have features and capabilities beyond those in
related standards (e.g., IEEE 802.11 suite of
standards, Wi-Fi recommendations by WECA, 802.1X
security suite, etc). A number of features provide
higher performance. For example, Cisco AP transmits a
specific Information Element, which the clients adapt
to for enhanced performance. Similarly, a number of
features are implemented by means of proprietary
Information Elements, which Cisco clients use in
specific ways to carry out tasks above and beyond the
standard.
Other examples of feature categories are roaming and
power saving.
Cisco Key Integrity Protocol ( CKIP )
A proprietary implementation similar to TKIP. CKIP
implements key permutation for protecting the CKIP
key against attacks. Other features of CKIP include
expansion of encryption key to 16 bytes of length for
key protection and MIC to ensure data integrity.
Light Weight Access Point Protocol ( LWAPP )
This is a generic protocol that defines the
communication between the Access Points and the
Central Controller.
Mobile Node ( MN )
A roaming 802.11 wireless device in a wireless
network associated with an access point. Mobile Node
and client are used interchangeably.
Multilinear Modular Hash ( MMH )
This is a message authentication code. The original
message is run through the hash (with a secret key),
and the code is the result. The code is sent along
with the original message. The receiver of the
message calculates the hash over the original message
(also with the secret key) and compares the final
message authentication code with the code sent with
the message. If the two codes match, the receiver can
be assured that the original message is authentic.
Pre-Shared Key ( PSK )
Pre-shared keys are normally used for
interoperability purposes. The basic idea is that
two parties sharing a common secret can communicate
securely. This idea has been used since cryptography
first sprung onto the scene.
Temporal Key Integrity Protocol ( TKIP )
A security protocol defined to enhance the limitations
of WEP. Message Integrity Check and per-packet keying
on all WEP-encrypted frames are two significant
enhancements provided by TKIP to WEP.
Wired Equivalent Privacy ( WEP )
A security method defined by 802.11. WEP uses a
symmetric key stream cipher called RC4 to encrypt the
data packets.
Wi-Fi Protected Access ( WPA )
Wi-Fi Protected Access (WPA and WPA2) are security
systems created in response to several serious
weaknesses found in Wired Equivalent Privacy (WEP).
WPA implements the majority of the IEEE 802.11i
standard, and was intended as an intermediate
measure to take the place of WEP while 802.11i was
prepared. WPA is designed to work with all wireless
network interface cards, but not necessarily with
first generation wireless access points.
REFERENCE
[1] Wireless LAN Medium Access Control ( MAC ) and
Physical Layer ( PHY ) Specifications,
Amendment 6, MAC Security Enhancements.
[2] draft-obara-capwap-lwapp-00.txt, IETF Light
Weight Access Point Protocol
Parsed from file CISCO-LWAPP-WLAN-SECURITY-MIB.my.txt
Company: None
Module: CISCO-LWAPP-WLAN-SECURITY-MIB
This MIB is intended to be implemented on all those
devices operating as Central controllers, that
terminate the Light Weight Access Point Protocol
tunnel from Cisco Light-weight LWAPP Access Points.
Information provided by this MIB is for WLAN security
related features as specified in the CCKM, CKIP
specifications.
The relationship between the controller and the
LWAPP APs is depicted as follows:
+......+ +......+ +......+
+ + + + + +
+ CC + + CC + + CC +
+ + + + + +
+......+ +......+ +......+
.. . .
.. . .
. . . .
. . . .
. . . .
. . . .
+......+ +......+ +......+ +......+
+ + + + + + + +
+ AP + + AP + + AP + + AP +
+ + + + + + + +
+......+ +......+ +......+ +......+
. . .
. . . .
. . . .
. . . .
. . . .
+......+ +......+ +......+ +......+
+ + + + + + + +
+ MN + + MN + + MN + + MN +
+ + + + + + + +
+......+ +......+ +......+ +......+
The LWAPP tunnel exists between the controller and
the APs. The MNs communicate with the APs through
the protocol defined by the 802.11 standard.
LWAPP APs, upon bootup, discover and join one of the
controllers and the controller pushes the configuration,
that includes the WLAN parameters, to the LWAPP APs.
The APs then encapsulate all the 802.11 frames from
wireless clients inside LWAPP frames and forward
the LWAPP frames to the controller.
GLOSSARY
802.1x
The IEEE ratified standard for enforcing port based
access control. This was originally intended for
use on wired LANs and later extended for use in
802.11 WLAN environments. This defines an
architecture with three main parts - a supplicant
(Ex. an 802.11 wireless client), an authenticator
(the AP) and an authentication server(a Radius
server). The authenticator passes messages back
and forth between the supplicant and the
authentication server to enable the supplicant
get authenticated to the network.
Access Point ( AP )
An entity that contains an 802.11 medium access
control ( MAC ) and physical layer ( PHY ) interface
and provides access to the distribution services via
the wireless medium for associated clients.
LWAPP APs encapsulate all the 802.11 frames in
LWAPP frames and sends them to the controller to which
it is logically connected.
Advanced Encryption Standard ( AES )
In cryptography, the Advanced Encryption Standard
(AES), also known as Rijndael, is a block cipher
adopted as an encryption standard by the US
government. It is expected to be used worldwide
and analysed extensively, as was the case with its
predecessor, the Data Encryption Standard (DES).
AES was adopted by National Institute of Standards
and Technology (NIST) as US FIPS PUB 197 in
November 2001 after a 5-year standardisation
process.
Central Controller ( CC )
The central entity that terminates the LWAPP protocol
tunnel from the LWAPP APs. Throughout this MIB,
this entity also referred to as 'controller'.
Cisco Centralized Key Management ( CCKM )
Client and AP exchange several EAPOL packets in the
process of EAP authenticaton to determine dynamic
session key (NSK), which is used for encrypting
packets between them.
When client moves to new-AP, it has to mutually
authenticate with the new-AP and derive new NSK. This
is being done by using complete EAP authentication
(which is time consuming and causes noticeable delay
in the voice application). Till that time, no data
packets are being transmitted between new-AP and
client.
CCKM implementation in first controller caches
client's credentials like session, vlanid, ssid, etc.
and propagates the same to other controllers in
mobility group.
Currently a set of controller can be configured as
part of a mobility group. If client roams across
access points associated to this set of controllers,
then with CCKM implementation in place, the L2
authentication will not happen. To make this happen
a CCKM cache is maintained on each controller and the
first controller where client gets associated update
rest of the controllers in mobility group. On later
reassociations, controller validates the CCKM specific
IE present and allow associations.
Wireless LAN Access Points (APs) manufactured by Cisco
Systems have features and capabilities beyond those in
related standards (e.g., IEEE 802.11 suite of
standards, Wi-Fi recommendations by WECA, 802.1X
security suite, etc). A number of features provide
higher performance. For example, Cisco AP transmits a
specific Information Element, which the clients adapt
to for enhanced performance. Similarly, a number of
features are implemented by means of proprietary
Information Elements, which Cisco clients use in
specific ways to carry out tasks above and beyond the
standard.
Other examples of feature categories are roaming and
power saving.
Cisco Key Integrity Protocol ( CKIP )
A proprietary implementation similar to TKIP. CKIP
implements key permutation for protecting the CKIP
key against attacks. Other features of CKIP include
expansion of encryption key to 16 bytes of length for
key protection and MIC to ensure data integrity.
Light Weight Access Point Protocol ( LWAPP )
This is a generic protocol that defines the
communication between the Access Points and the
Central Controller.
Mobile Node ( MN )
A roaming 802.11 wireless device in a wireless
network associated with an access point. Mobile Node
and client are used interchangeably.
Multilinear Modular Hash ( MMH )
This is a message authentication code. The original
message is run through the hash (with a secret key),
and the code is the result. The code is sent along
with the original message. The receiver of the
message calculates the hash over the original message
(also with the secret key) and compares the final
message authentication code with the code sent with
the message. If the two codes match, the receiver can
be assured that the original message is authentic.
Pre-Shared Key ( PSK )
Pre-shared keys are normally used for
interoperability purposes. The basic idea is that
two parties sharing a common secret can communicate
securely. This idea has been used since cryptography
first sprung onto the scene.
Temporal Key Integrity Protocol ( TKIP )
A security protocol defined to enhance the limitations
of WEP. Message Integrity Check and per-packet keying
on all WEP-encrypted frames are two significant
enhancements provided by TKIP to WEP.
Wired Equivalent Privacy ( WEP )
A security method defined by 802.11. WEP uses a
symmetric key stream cipher called RC4 to encrypt the
data packets.
Wi-Fi Protected Access ( WPA )
Wi-Fi Protected Access (WPA and WPA2) are security
systems created in response to several serious
weaknesses found in Wired Equivalent Privacy (WEP).
WPA implements the majority of the IEEE 802.11i
standard, and was intended as an intermediate
measure to take the place of WEP while 802.11i was
prepared. WPA is designed to work with all wireless
network interface cards, but not necessarily with
first generation wireless access points.
Protected Management Frame (PFM)
Authentication, Authorization, and Accounting (AAA)
Remote Authentication Dial In User Service (RADIUS)
REFERENCE
[1] Wireless LAN Medium Access Control ( MAC ) and
Physical Layer ( PHY ) Specifications,
Amendment 6, MAC Security Enhancements.
[2] draft-obara-capwap-lwapp-00.txt, IETF Light
Weight Access Point Protocol
ciscoLwappWlanSecurityMIB MODULE-IDENTITY LAST-UPDATED "200604110000Z" ORGANIZATION "Cisco Systems, Inc." CONTACT-INFO " Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS Email: [email protected]" DESCRIPTION "This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Access Point Protocol tunnel from Cisco Light-weight LWAPP Access Points. Information provided by this MIB is for WLAN security related features as specified in the CCKM, CKIP specifications. The relationship between the controller and the LWAPP APs is depicted as follows: +......+ +......+ +......+ + + + + + + + CC + + CC + + CC + + + + + + + +......+ +......+ +......+ .. . . .. . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + AP + + AP + + AP + + AP + + + + + + + + + +......+ +......+ +......+ +......+ . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + MN + + MN + + MN + + MN + + + + + + + + + +......+ +......+ +......+ +......+ The LWAPP tunnel exists between the controller and the APs. The MNs communicate with the APs through the protocol defined by the 802.11 standard. LWAPP APs, upon bootup, discover and join one of the controllers and the controller pushes the configuration, that includes the WLAN parameters, to the LWAPP APs. The APs then encapsulate all the 802.11 frames from wireless clients inside LWAPP frames and forward the LWAPP frames to the controller. GLOSSARY 802.1x The IEEE ratified standard for enforcing port based access control. This was originally intended for use on wired LANs and later extended for use in 802.11 WLAN environments. This defines an architecture with three main parts - a supplicant (Ex. an 802.11 wireless client), an authenticator (the AP) and an authentication server(a Radius server). The authenticator passes messages back and forth between the supplicant and the authentication server to enable the supplicant get authenticated to the network. Access Point ( AP ) An entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. LWAPP APs encapsulate all the 802.11 frames in LWAPP frames and sends them to the controller to which it is logically connected. Advanced Encryption Standard ( AES ) In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analysed extensively, as was the case with its predecessor, the Data Encryption Standard (DES). AES was adopted by National Institute of Standards and Technology (NIST) as US FIPS PUB 197 in November 2001 after a 5-year standardisation process. Central Controller ( CC ) The central entity that terminates the LWAPP protocol tunnel from the LWAPP APs. Throughout this MIB, this entity also referred to as 'controller'. Cisco Centralized Key Management ( CCKM ) Client and AP exchange several EAPOL packets in the process of EAP authenticaton to determine dynamic session key (NSK), which is used for encrypting packets between them. When client moves to new-AP, it has to mutually authenticate with the new-AP and derive new NSK. This is being done by using complete EAP authentication (which is time consuming and causes noticeable delay in the voice application). Till that time, no data packets are being transmitted between new-AP and client. CCKM implementation in first controller caches client's credentials like session, vlanid, ssid, etc. and propagates the same to other controllers in mobility group. Currently a set of controller can be configured as part of a mobility group. If client roams across access points associated to this set of controllers, then with CCKM implementation in place, the L2 authentication will not happen. To make this happen a CCKM cache is maintained on each controller and the first controller where client gets associated update rest of the controllers in mobility group. On later reassociations, controller validates the CCKM specific IE present and allow associations. Wireless LAN Access Points (APs) manufactured by Cisco Systems have features and capabilities beyond those in related standards (e.g., IEEE 802.11 suite of standards, Wi-Fi recommendations by WECA, 802.1X security suite, etc). A number of features provide higher performance. For example, Cisco AP transmits a specific Information Element, which the clients adapt to for enhanced performance. Similarly, a number of features are implemented by means of proprietary Information Elements, which Cisco clients use in specific ways to carry out tasks above and beyond the standard. Other examples of feature categories are roaming and power saving. Cisco Key Integrity Protocol ( CKIP ) A proprietary implementation similar to TKIP. CKIP implements key permutation for protecting the CKIP key against attacks. Other features of CKIP include expansion of encryption key to 16 bytes of length for key protection and MIC to ensure data integrity. Light Weight Access Point Protocol ( LWAPP ) This is a generic protocol that defines the communication between the Access Points and the Central Controller. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. Mobile Node and client are used interchangeably. Multilinear Modular Hash ( MMH ) This is a message authentication code. The original message is run through the hash (with a secret key), and the code is the result. The code is sent along with the original message. The receiver of the message calculates the hash over the original message (also with the secret key) and compares the final message authentication code with the code sent with the message. If the two codes match, the receiver can be assured that the original message is authentic. Pre-Shared Key ( PSK ) Pre-shared keys are normally used for interoperability purposes. The basic idea is that two parties sharing a common secret can communicate securely. This idea has been used since cryptography first sprung onto the scene. Temporal Key Integrity Protocol ( TKIP ) A security protocol defined to enhance the limitations of WEP. Message Integrity Check and per-packet keying on all WEP-encrypted frames are two significant enhancements provided by TKIP to WEP. Wired Equivalent Privacy ( WEP ) A security method defined by 802.11. WEP uses a symmetric key stream cipher called RC4 to encrypt the data packets. Wi-Fi Protected Access ( WPA ) Wi-Fi Protected Access (WPA and WPA2) are security systems created in response to several serious weaknesses found in Wired Equivalent Privacy (WEP). WPA implements the majority of the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was prepared. WPA is designed to work with all wireless network interface cards, but not necessarily with first generation wireless access points. REFERENCE [1] Wireless LAN Medium Access Control ( MAC ) and Physical Layer ( PHY ) Specifications, Amendment 6, MAC Security Enhancements. [2] draft-obara-capwap-lwapp-00.txt, IETF Light Weight Access Point Protocol " REVISION "200604110000Z" DESCRIPTION "Initial version of this MIB module. " ::= { ciscoMgmt 521 }
ciscoLwappWlanSecurityMIB OBJECT IDENTIFIER ::= { ciscoMgmt 521 }
Vendor: Cisco
Module: CISCO-LWAPP-WLAN-SECURITY-MIB
[Automatically extracted from oidview.com]
ciscoLwappWlanSecurityMIB MODULE-IDENTITY LAST-UPDATED "200604110000Z" ORGANIZATION "Cisco Systems, Inc." CONTACT-INFO " Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS Email: [email protected]" DESCRIPTION "This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Access Point Protocol tunnel from Cisco Light-weight LWAPP Access Points. Information provided by this MIB is for WLAN security related features as specified in the CCKM, CKIP specifications. The relationship between the controller and the LWAPP APs is depicted as follows: +......+ +......+ +......+ + + + + + + + CC + + CC + + CC + + + + + + + +......+ +......+ +......+ .. . . .. . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + AP + + AP + + AP + + AP + + + + + + + + + +......+ +......+ +......+ +......+ . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + MN + + MN + + MN + + MN + + + + + + + + + +......+ +......+ +......+ +......+ The LWAPP tunnel exists between the controller and the APs. The MNs communicate with the APs through the protocol defined by the 802.11 standard. LWAPP APs, upon bootup, discover and join one of the controllers and the controller pushes the configuration, that includes the WLAN parameters, to the LWAPP APs. The APs then encapsulate all the 802.11 frames from wireless clients inside LWAPP frames and forward the LWAPP frames to the controller. GLOSSARY 802.1x The IEEE ratified standard for enforcing port based access control. This was originally intended for use on wired LANs and later extended for use in 802.11 WLAN environments. This defines an architecture with three main parts - a supplicant (Ex. an 802.11 wireless client), an authenticator (the AP) and an authentication server(a Radius server). The authenticator passes messages back and forth between the supplicant and the authentication server to enable the supplicant get authenticated to the network. Access Point ( AP ) An entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. LWAPP APs encapsulate all the 802.11 frames in LWAPP frames and sends them to the controller to which it is logically connected. Advanced Encryption Standard ( AES ) In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analysed extensively, as was the case with its predecessor, the Data Encryption Standard (DES). AES was adopted by National Institute of Standards and Technology (NIST) as US FIPS PUB 197 in November 2001 after a 5-year standardisation process. Central Controller ( CC ) The central entity that terminates the LWAPP protocol tunnel from the LWAPP APs. Throughout this MIB, this entity also referred to as 'controller'. Cisco Centralized Key Management ( CCKM ) Client and AP exchange several EAPOL packets in the process of EAP authenticaton to determine dynamic session key (NSK), which is used for encrypting packets between them. When client moves to new-AP, it has to mutually authenticate with the new-AP and derive new NSK. This is being done by using complete EAP authentication (which is time consuming and causes noticeable delay in the voice application). Till that time, no data packets are being transmitted between new-AP and client. CCKM implementation in first controller caches client's credentials like session, vlanid, ssid, etc. and propagates the same to other controllers in mobility group. Currently a set of controller can be configured as part of a mobility group. If client roams across access points associated to this set of controllers, then with CCKM implementation in place, the L2 authentication will not happen. To make this happen a CCKM cache is maintained on each controller and the first controller where client gets associated update rest of the controllers in mobility group. On later reassociations, controller validates the CCKM specific IE present and allow associations. Wireless LAN Access Points (APs) manufactured by Cisco Systems have features and capabilities beyond those in related standards (e.g., IEEE 802.11 suite of standards, Wi-Fi recommendations by WECA, 802.1X security suite, etc). A number of features provide higher performance. For example, Cisco AP transmits a specific Information Element, which the clients adapt to for enhanced performance. Similarly, a number of features are implemented by means of proprietary Information Elements, which Cisco clients use in specific ways to carry out tasks above and beyond the standard. Other examples of feature categories are roaming and power saving. Cisco Key Integrity Protocol ( CKIP ) A proprietary implementation similar to TKIP. CKIP implements key permutation for protecting the CKIP key against attacks. Other features of CKIP include expansion of encryption key to 16 bytes of length for key protection and MIC to ensure data integrity. Light Weight Access Point Protocol ( LWAPP ) This is a generic protocol that defines the communication between the Access Points and the Central Controller. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. Mobile Node and client are used interchangeably. Multilinear Modular Hash ( MMH ) This is a message authentication code. The original message is run through the hash (with a secret key), and the code is the result. The code is sent along with the original message. The receiver of the message calculates the hash over the original message (also with the secret key) and compares the final message authentication code with the code sent with the message. If the two codes match, the receiver can be assured that the original message is authentic. Pre-Shared Key ( PSK ) Pre-shared keys are normally used for interoperability purposes. The basic idea is that two parties sharing a common secret can communicate securely. This idea has been used since cryptography first sprung onto the scene. Temporal Key Integrity Protocol ( TKIP ) A security protocol defined to enhance the limitations of WEP. Message Integrity Check and per-packet keying on all WEP-encrypted frames are two significant enhancements provided by TKIP to WEP. Wired Equivalent Privacy ( WEP ) A security method defined by 802.11. WEP uses a symmetric key stream cipher called RC4 to encrypt the data packets. Wi-Fi Protected Access ( WPA ) Wi-Fi Protected Access (WPA and WPA2) are security systems created in response to several serious weaknesses found in Wired Equivalent Privacy (WEP). WPA implements the majority of the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was prepared. WPA is designed to work with all wireless network interface cards, but not necessarily with first generation wireless access points. REFERENCE [1] Wireless LAN Medium Access Control ( MAC ) and Physical Layer ( PHY ) Specifications, Amendment 6, MAC Security Enhancements. [2] draft-obara-capwap-lwapp-00.txt, IETF Light Weight Access Point Protocol " REVISION "200604110000Z" DESCRIPTION "Initial version of this MIB module. " ::= { ciscoMgmt 521 }
ciscoLwappWlanSecurityMIB MODULE-IDENTITY LAST-UPDATED "201506030000Z" ORGANIZATION "Cisco Systems, Inc." CONTACT-INFO "Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS Email: [email protected]" DESCRIPTION "This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Access Point Protocol tunnel from Cisco Light-weight LWAPP Access Points. Information provided by this MIB is for WLAN security related features as specified in the CCKM, CKIP specifications. The relationship between the controller and the LWAPP APs is depicted as follows: +......+ +......+ +......+ + + + + + + + CC + + CC + + CC + + + + + + + +......+ +......+ +......+ .. . . .. . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + AP + + AP + + AP + + AP + + + + + + + + + +......+ +......+ +......+ +......+ . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + MN + + MN + + MN + + MN + + + + + + + + + +......+ +......+ +......+ +......+ The LWAPP tunnel exists between the controller and the APs. The MNs communicate with the APs through the protocol defined by the 802.11 standard. LWAPP APs, upon bootup, discover and join one of the controllers and the controller pushes the configuration, that includes the WLAN parameters, to the LWAPP APs. The APs then encapsulate all the 802.11 frames from wireless clients inside LWAPP frames and forward the LWAPP frames to the controller. GLOSSARY 802.1x The IEEE ratified standard for enforcing port based access control. This was originally intended for use on wired LANs and later extended for use in 802.11 WLAN environments. This defines an architecture with three main parts - a supplicant (Ex. an 802.11 wireless client), an authenticator (the AP) and an authentication server(a Radius server). The authenticator passes messages back and forth between the supplicant and the authentication server to enable the supplicant get authenticated to the network. Access Point ( AP ) An entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. LWAPP APs encapsulate all the 802.11 frames in LWAPP frames and sends them to the controller to which it is logically connected. Advanced Encryption Standard ( AES ) In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analysed extensively, as was the case with its predecessor, the Data Encryption Standard (DES). AES was adopted by National Institute of Standards and Technology (NIST) as US FIPS PUB 197 in November 2001 after a 5-year standardisation process. Central Controller ( CC ) The central entity that terminates the LWAPP protocol tunnel from the LWAPP APs. Throughout this MIB, this entity also referred to as 'controller'. Cisco Centralized Key Management ( CCKM ) Client and AP exchange several EAPOL packets in the process of EAP authenticaton to determine dynamic session key (NSK), which is used for encrypting packets between them. When client moves to new-AP, it has to mutually authenticate with the new-AP and derive new NSK. This is being done by using complete EAP authentication (which is time consuming and causes noticeable delay in the voice application). Till that time, no data packets are being transmitted between new-AP and client. CCKM implementation in first controller caches client's credentials like session, vlanid, ssid, etc. and propagates the same to other controllers in mobility group. Currently a set of controller can be configured as part of a mobility group. If client roams across access points associated to this set of controllers, then with CCKM implementation in place, the L2 authentication will not happen. To make this happen a CCKM cache is maintained on each controller and the first controller where client gets associated update rest of the controllers in mobility group. On later reassociations, controller validates the CCKM specific IE present and allow associations. Wireless LAN Access Points (APs) manufactured by Cisco Systems have features and capabilities beyond those in related standards (e.g., IEEE 802.11 suite of standards, Wi-Fi recommendations by WECA, 802.1X security suite, etc). A number of features provide higher performance. For example, Cisco AP transmits a specific Information Element, which the clients adapt to for enhanced performance. Similarly, a number of features are implemented by means of proprietary Information Elements, which Cisco clients use in specific ways to carry out tasks above and beyond the standard. Other examples of feature categories are roaming and power saving. Cisco Key Integrity Protocol ( CKIP ) A proprietary implementation similar to TKIP. CKIP implements key permutation for protecting the CKIP key against attacks. Other features of CKIP include expansion of encryption key to 16 bytes of length for key protection and MIC to ensure data integrity. Light Weight Access Point Protocol ( LWAPP ) This is a generic protocol that defines the communication between the Access Points and the Central Controller. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. Mobile Node and client are used interchangeably. Multilinear Modular Hash ( MMH ) This is a message authentication code. The original message is run through the hash (with a secret key), and the code is the result. The code is sent along with the original message. The receiver of the message calculates the hash over the original message (also with the secret key) and compares the final message authentication code with the code sent with the message. If the two codes match, the receiver can be assured that the original message is authentic. Pre-Shared Key ( PSK ) Pre-shared keys are normally used for interoperability purposes. The basic idea is that two parties sharing a common secret can communicate securely. This idea has been used since cryptography first sprung onto the scene. Temporal Key Integrity Protocol ( TKIP ) A security protocol defined to enhance the limitations of WEP. Message Integrity Check and per-packet keying on all WEP-encrypted frames are two significant enhancements provided by TKIP to WEP. Wired Equivalent Privacy ( WEP ) A security method defined by 802.11. WEP uses a symmetric key stream cipher called RC4 to encrypt the data packets. Wi-Fi Protected Access ( WPA ) Wi-Fi Protected Access (WPA and WPA2) are security systems created in response to several serious weaknesses found in Wired Equivalent Privacy (WEP). WPA implements the majority of the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was prepared. WPA is designed to work with all wireless network interface cards, but not necessarily with first generation wireless access points. Protected Management Frame (PFM) Authentication, Authorization, and Accounting (AAA) Remote Authentication Dial In User Service (RADIUS) REFERENCE [1] Wireless LAN Medium Access Control ( MAC ) and Physical Layer ( PHY ) Specifications, Amendment 6, MAC Security Enhancements. [2] draft-obara-capwap-lwapp-00.txt, IETF Light Weight Access Point Protocol" REVISION "201506030000Z" DESCRIPTION "Added following OBJECT-GROUP: - ciscoLwappWlanSecurityAaaConfigGroup - ciscoLwappWlanSecurityFtConfigGroup - ciscoLwappWlanSecurityPfmConfigGroup - ciscoLwappWlanSecurityCckmConfigGroup1 Added new compliance - ciscoLwappWlanSecurityMIBComplianceRev2." REVISION "200801150000Z" DESCRIPTION "Added new cLWSecDot11EssWebPolicyTable and ciscoLwappWlanSecurityMIBComplianceRev1" REVISION "200711080000Z" DESCRIPTION "Initial version of this MIB module." ::= { ciscoMgmt 521 }
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| 1.3.6.1.4.1.9.9.521.0 | ciscoLwappWlanSecurityMIBNotifs | 0 | 0 | None |
| 1.3.6.1.4.1.9.9.521.1 | ciscoLwappWlanSecurityMIBObjects | 4 | 36 | None |
| 1.3.6.1.4.1.9.9.521.2 | ciscoLwappWlanSecurityMIBConform | 2 | 12 | None |
To many brothers! Only 100 nearest brothers are shown.
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| ... | ||||
| 1.3.6.1.4.1.9.9.471 | ciscoFlexLinksMIB | 3 | 36 | This MIB module is for configuration and status query of Flex Links feature on the Cisco device. Flex Links are a pair of Layer 2… |
| 1.3.6.1.4.1.9.9.472 | ciscoModuleVirtualizationMIB | 3 | 35 | This MIB provides a way to create virtual contexts, and managing them. A virtual context is logical partition of a physical devi… |
| 1.3.6.1.4.1.9.9.473 | ciscoCcaMIB | 3 | 200 | The Cisco Contact Center Applications (CCCA) Management Information Base (MIB) module defines management instrumentation for appl… |
| 1.3.6.1.4.1.9.9.474 | ciscoFilterGroupMIB | 3 | 55 | The MIB module is for creating and configuring object groups to support packet filtering and access control on IP and other proto… |
| 1.3.6.1.4.1.9.9.479 | ciscoCableWidebandMIB | 3 | 77 | This is the MIB module for the support of Channel Bonding Protocol for the Cable Modem Termination System (CMTS). Wideband DOCSIS… |
| 1.3.6.1.4.1.9.9.480 | ciscoL4L7moduleResourceLimitMIB | 4 | 100 | The MIB module for managing resource classes and configuring limits(max/min) to different resources. The resource referenced in … |
| 1.3.6.1.4.1.9.9.482 | ciscoInterfaceTopNExtMIB | 3 | 16 | This MIB module is an extension to INTERFACETOPN-MIB. It provides additional management information for sorting device interfaces. |
| 1.3.6.1.4.1.9.9.483 | ciscoIpRanBackHaulMIB | 3 | 248 | This MIB provides information on the IP-RAN traffic from cell site to aggregation site in the following situations. In an GSM en… |
| 1.3.6.1.4.1.9.9.484 | ciscoNacNadMIB | 3 | 157 | This MIB module is for the configuration of a Network Access Device (NAD) on the Cisco Network Admission Control (NAC) system. End… |
| 1.3.6.1.4.1.9.9.485 | ciscoRttMonTCMIB | 0 | 0 | This MIB contains textual conventions used by CISCO-RTTMON-MIB, CISCO-RTTMON-RTP-MIB and CISCO-RTTMON-ICMP-MIB, but they are not … |
| 1.3.6.1.4.1.9.9.486 | ciscoRttMonIcmpMIB | 3 | 7 | An extension to the CISCO-RTTMON-MIB for ICMP operations. The ICMP Jitter operation provides capability to measure metrics such a… |
| 1.3.6.1.4.1.9.9.487 | ciscoRttMonRtpMIB | 3 | 8 | An extension to the CISCO-RTTMON-MIB for Cisco IP SLA RTP operation, Real-Time Transport Protocol(RFC 1889). This operation provi… |
| 1.3.6.1.4.1.9.9.488 | ciscoFirewallTc | 0 | 0 | This MIB module defines textual conventions that are commonly used in modeling management information pertaining to configuration… |
| 1.3.6.1.4.1.9.9.490 | ciscoNetintMIB | 3 | 11 | This MIB module is for Network Interrupt information on Cisco device. |
| 1.3.6.1.4.1.9.9.491 | ciscoUnifiedFirewallMIB | 3 | 235 | Overview of Cisco Firewall MIB ============================== This MIB Module models status and performance statistics pertaining … |
| 1.3.6.1.4.1.9.9.492 | ciscoCefMIB | 3 | 192 | Cisco Express Forwarding (CEF) describes a high speed switching mechanism that a router uses to forward packets from the inbound … |
| 1.3.6.1.4.1.9.9.493 | ciscoCefTextualConventions | 0 | 0 | ciscoCeftextualConventions |
| 1.3.6.1.4.1.9.9.494 | ciscoEntityRedunTcMIB | 0 | 0 | This module defines the textual conventions used within Cisco Entity Redundancy MIBs. |
| 1.3.6.1.4.1.9.9.495 | ciscoPsdClientMIB | 3 | 44 | This MIB module manages the client side functionality of the Persistent Storage Device(PSD). This MIB instrumentation is for conf… |
| 1.3.6.1.4.1.9.9.497 | cGgsnSAMIB | 3 | 247 | This MIB module manages the service-aware feature of Gateway GPRS Support Node (GGSN). This MIB is an enhancement of the CISCO-GG… |
| 1.3.6.1.4.1.9.9.498 | ciscoEntityRedunMIB | 3 | 93 | This management information module supports configuration, control and monitoring of redundancy protection for various kinds of c… |
| 1.3.6.1.4.1.9.9.500 | ciscoStackWiseMIB | 3 | 111 | This MIB module contain a collection of managed objects that apply to network devices supporting the Cisco StackWise(TM) technolo… |
| 1.3.6.1.4.1.9.9.504 | ciscoSwitchMulticastMIB | 3 | 108 | This MIB module defines management objects for the Multicast Switching features on Cisco Layer 2/3 devices. Definition of some of … |
| 1.3.6.1.4.1.9.9.505 | cpkiMIB | 3 | 44 | A networking device may provide several security services and protocols like SSL, SSH, IPSec/IKE etc. which need identities … |
| 1.3.6.1.4.1.9.9.507 | ciscoPolicyGroupMIB | 3 | 35 | The MIB module is for configuration of policy and policy group. A policy group can be described as a set of entities identified b… |
| 1.3.6.1.4.1.9.9.508 | ciscoSlbHealthMonMIB | 3 | 62 | An extension to the CISCO-SLB-EXT-MIB for SLB health monitoring probes. SLB: Server Load Balancing. Server load balancing provides… |
| 1.3.6.1.4.1.9.9.509 | ciscoWdsInfoMIB | 3 | 141 | This MIB is intended to be implemented on all Cisco network entities that provide Wireless Domain Services (WDS). The WDS provide… |
| 1.3.6.1.4.1.9.9.510 | ciscoErmMIB, ciscoVoiceLmrMIB | 3 | 176 | This MIB module provides management of voice tone signal as static injected tone for Land Mobile Radio The tone signal includes … |
| 1.3.6.1.4.1.9.9.511 | ciscoCbpTargetTCMIB | 0 | 0 | This MIB module defines Textual Conventions for representing targets which have class based policy mappings. A target can be any … |
| 1.3.6.1.4.1.9.9.512 | ciscoLwappWlanMIB | 3 | 249 | This MIB is intended to be implemented on all those devices operating as Central Controllers (CC) that terminate the Light Weigh… |
| 1.3.6.1.4.1.9.9.513 | ciscoLwappApMIB | 4 | 386 | This MIB is intended to be implemented on all those devices operating as Central Controllers (CC) that terminate the Light Weight… |
| 1.3.6.1.4.1.9.9.514 | ciscoLwappTextualConventions | 0 | 0 | This module defines textual conventions used throughout the Cisco enterprise MIBs designed for implementation on Central Controlle… |
| 1.3.6.1.4.1.9.9.515 | ciscoLwappWebAuthMIB | 4 | 43 | This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Acc… |
| 1.3.6.1.4.1.9.9.516 | ciscoLwappLinkTestMIB | 3 | 57 | This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Acc… |
| 1.3.6.1.4.1.9.9.517 | ciscoLwappReapMIB | 3 | 63 | This MIB is intended to be implemented on all those devices operating as Central Controllers (CC) that terminate the Light Weight… |
| 1.3.6.1.4.1.9.9.518 | ciscoLwappMfpMIB | 4 | 64 | This MIB is intended to be implemented on all those devices operating as Central Controllers (CC) that terminate the Light Weight… |
| 1.3.6.1.4.1.9.9.519 | ciscoLwappIdsMIB | 3 | 28 | This MIB is intended to be implemented on all those devices operating as Central Controllers (CC) that terminate the Light Weight… |
| 1.3.6.1.4.1.9.9.520 | ciscoLwappCcxRmMIB | 3 | 45 | This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Acc… |
| 1.3.6.1.4.1.9.9.522 | ciscoLwappDot11ClientCalibMIB | 3 | 50 | This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Acc… |
| 1.3.6.1.4.1.9.9.523 | ciscoLwappClRoamMIB | 3 | 61 | This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Acc… |
| 1.3.6.1.4.1.9.9.524 | ciscoLwappQosMIB | 3 | 119 | This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Acc… |
| 1.3.6.1.4.1.9.9.525 | ciscoLwappTsmMIB | 3 | 57 | This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Acc… |
| 1.3.6.1.4.1.9.9.529 | ciscoItpMsuRatesMIB | 3 | 61 | This MIB provides information used to manage the number of MTP3 MSUs transmitted and received per processor. Many of the higher … |
| 1.3.6.1.4.1.9.9.530 | ciscoNacTcMIB | 0 | 0 | This module defines the textual conventions for Cisco Network Admission Control(NAC) system. The Cisco Network Admission Control … |
| 1.3.6.1.4.1.9.9.532 | ciscoNATExtMIB | 3 | 13 | This MIB is an extension to the NAT-MIB. This MIB module includes objects for providing the NAT related statistics. Acronyms: NAT… |
| 1.3.6.1.4.1.9.9.533 | ciscoCbpTargetMIB | 3 | 25 | This MIB module defines the managed objects for representing targets which have class-based policy mappings. A target can be any… |
| 1.3.6.1.4.1.9.9.543 | ciscoLicenseMgmtMIB | 3 | 131 | The MIB module for managing licenses on the system. The licensing mechanism provides flexibility to enforce licensing for various… |
| 1.3.6.1.4.1.9.9.548 | ciscoErrDisableMIB | 3 | 43 | This MIB module provides the ability for a Network Management Station (NMS) to configure and monitor the error-disable feature vi… |
| ... | ||||