Re: SNMP traps

[Sandeep Joshi <sandeepj@research.bell-labs.com>]

Michael Krause wrote:
> 
> At 01:55 PM 3/29/2001 -0500, Sandeep Joshi wrote:
> 
> >Mark,
> >
> >Login & Authentication failure traps came to mind since they
> >would help detect DOS attacks....and prevent them by flooding
> >the network with SNMP messages ;-)
> 
> Ideally one has counters defined for these and is configured to issue a
> trap upon a counter reaching a specific threshold (1 is a possible value).

agreed.

i see that an IPsec MIB is also in progress.   its going to require
some processing to correlate IPsec trap information with iSCSI WWUIs. 

See pages 58-62 for the various traps they have defined.
http://www.ietf.org/internet-drafts/draft-ietf-ipsec-monitor-mib-04.txt


> 
> >Besides what
> >  Tom suggested (Abnormal session terminations)
> >and LU list changes), we could also add PortalUp, PortalDown,
> >NetworkEntityReset, etc.  We can add the mechanisms for now
> >and determine the policies later.
> >
> >You may also want to raise this question with the T10 folks at
> >the Interim meeting, if part of this is becoming a SCSI MIB.
> 
> It would be very good if the SCSI MIB (and CIM representation) is
> standardized and made as robust as possible to simplify the storage
> management interactions with endnodes.  Ideally, one would have a hierarchy
> of attributes defined that encompassed everything along with some mechanism
> to communicate how to access vendor-specific attributes.
> 
> Mike