CHAPTER7 SNMP Traps
Mediant 800 SBC | SNMP Reference Guide
Intrusion Detection System (IDS)
This section describes the trap events concerned with the Intrusion Detection System (IDS)
feature.
IDS Threshold Cross Notification Trap
Table 7-56: acIDSThresholdCrossNotification
Event acIDSThresholdCrossNotification
OID 1.3.6.1.4.1.5003.9.10.1.21.2.0.100
Description The alarm is sent for each scope (IP or IP+Port) crossing a threshold of
an active alarm.
Description The trap is sent for each scope (IP or IPport) crossing a threshold of
an active alarm.
Default Severity
Event Type Other
Probable Cause
Alarm Text Threshold crossed for scope value IP. Severity=minor/major/critical.
Current value=NUM
Status Changes
Corrective Action
1. Identify the remote host (IP address / port) on the network that
the Intrusion Detection System (IDS) has indicated as malicious.
The IDS determines a host to be malicious if it has reached or
exceeded a user-defined threshold of malicious attacks (counter).
2. Block the malicious activity.
IDS Blacklist Notification Trap
Table 7-57: acIDSBlacklistNotification
Event acIDSBlacklistNotification
OID 1.3.6.1.4.1.5003.9.10.1.21.2.0.101
Description The trap is sent when the Intrusion Detection System (IDS) feature
has blacklisted a malicious host or removed it from the blacklist.
- 159 -
To Next Page
Loading...
