Re: SNMP traps

[Sandeep Joshi <sandeepj@research.bell-labs.com>]

Mark,

Login & Authentication failure traps came to mind since they 
would help detect DOS attacks....and prevent them by flooding
the network with SNMP messages ;-)

Besides what
 Tom suggested (Abnormal session terminations)
and LU list changes), we could also add PortalUp, PortalDown, 
NetworkEntityReset, etc.  We can add the mechanisms for now 
and determine the policies later.

You may also want to raise this question with the T10 folks at 
the Interim meeting, if part of this is becoming a SCSI MIB.

regards,
-Sandeep

Mark Bakke wrote:
> 
> Sandeep-
> 
> We have been looking for requirements for traps, and have not
> addressed them yet.  You are the first to really ask for them.
> 
> Trapping the login and authentication failures seems like a
> good idea; do you have any other ideas or requirements?
> 
> Thanks,
> 
> Mark
> 
> Sandeep Joshi wrote:
> >
> > Mark,
> >
> > There seem to be no traps/notifications defined in the
> > latest MIB doc.
> >
> > I do see that "notification-group" has been imported but
> > not "notification-type" so perhaps there were discussions
> > on adding something later ?
> >
> > A trap for login/auth failures atleast would be nice.
> > Failure statistics are already being kept in the MIB.
> >
> > regards,
> > -Sandeep
> 
> --
> Mark A. Bakke
> Cisco Systems
> mbakke@cisco.com
> 763.398.1054