SNMP
SNMP (Simple Network Management Protocol) allows you to configure Sophos XG Firewall as an SNMP agent. The device responds to multiple SNMP managers within the predefined communities. You can monitor multiple firewall devices on IP networks for device availability, CPU, memory and disk utilization, availability of critical services, and more. The device stores information in a Management Information Base (MIB) and replies to SNMP Get commands for MIB. Click here to download the Sophos MIB file. It also sends SNMP traps (alerts) to the SNMP manager.
- SNMP manager polls the agents.
- Agents send traps to the SNMP manager.
SNMP community consists of a manager and a group of agents. Agents can belong to more than one SNMP community. The community defines where information is sent. An agent does not respond to requests from managers that do not belong to its communities. You must specify a trap version for each community. Each community can support SNMPv1 and SNMPv2c. Sophos XG Firewall supports IPv4 and IPv6 addresses.
Agent configuration allows you to configure the agent details.
Community displays a list of all the communities. You can sort, add, update, or delete communities.
| OID value | OID name | Description |
|---|---|---|
| 1.3.6.1.2.1.1.1 | sysDescr | Agent description |
| 1.3.6.1.2.1.1.2 | sysObjectID | Sophos enterprise OID for firewall |
| 1.3.6.1.2.1.1.3 | sysUpTime | Time since network management portion was live |
| 1.3.6.1.2.1.1.4 | sysContact | Administrator’s contact information |
| 1.3.6.1.2.1.1.5 | sysName | Administrator name |
| 1.3.6.1.2.1.1.6 | sysLocation | Firewall location |
| 1.3.6.1.2.1.1.7 | sysServices | Services provided by the firewall. Default value: 0 |
| 1.3.6.1.2.1.2.1 | ifNumber | Number of interfaces present on the firewall |
| 1.3.6.1.2.1.2.2 | ifTable | List of interface entries |
| 1.3.6.1.2.1.2.2.1 | ifEntry | Objects at an interface’s subnet layer or below |
| 1.3.6.1.2.1.2.2.1.1 | ifIndex | Unique value of interface |
| 1.3.6.1.2.1.2.2.1.2 | ifDescr | Interface name |
| 1.3.6.1.2.1.2.2.1.3 | ifType | Interface type |
| 1.3.6.1.2.1.2.2.1.4 | ifMtu | MTU size |
| 1.3.6.1.2.1.2.2.1.5 | ifSpeed | Interface speed |
| 1.3.6.1.2.1.2.2.1.6 | ifPhysAddress | Interface address |
| 1.3.6.1.2.1.2.2.1.7 | ifAdminStatus | Desired state of the interface |
| 1.3.6.1.2.1.2.2.1.8 | ifOperStatus | Operational state of the interface |
| 1.3.6.1.2.1.2.2.1.9 | ifLastChange | sysUpTime at which the interface entered its current operational state |
| 1.3.6.1.2.1.2.2.1.10 | ifInOctets | Number of octets received on the interface, including framing characters |
| 1.3.6.1.2.1.2.2.1.11 | ifInUcastPkts | Number of subnetwork unicast packets |
| 1.3.6.1.2.1.2.2.1.12 | ifInNUcastPkts | Number of subnetwork non-unicast packets |
| 1.3.6.1.2.1.2.2.1.13 | ifInDiscards | Number of discarded inbound packets |
| 1.3.6.1.2.1.2.2.1.14 | ifInErrors | Number of inbound packets with errors |
| 1.3.6.1.2.1.2.2.1.15 | ifInUnkownProtos | Number of packets discarded because of unknown or unsupported protocol |
| 1.3.6.1.2.1.2.2.1.16 | ifOutOctets | Number of octets transmitted out of the interface, including framing characters |
| 1.3.6.1.2.1.2.2.1.17 | ifOutUcastPkts | Number of packets transmitted to subnetwork unicast address |
| 1.3.6.1.2.1.2.2.1.18 | ifOutNUcastPkts | Number of packets transmitted to subnetwork non-unicast address |
| 1.3.6.1.2.1.2.2.1.19 | ifOutDiscards | Number of outbound discarded packets |
| 1.3.6.1.2.1.2.2.1.20 | ifOutErrors | Number of packets that couldn’t be transmitted due to errors |
| 1.3.6.1.2.1.2.2.1.21 | ifOutQLen | Length of queue of packets to send |
| 1.3.6.1.2.1.2.2.1.22 | ifSpecific | Document defining objects specific to Ethernet |