When you configure the logging and notification preferences for locally-managed Firebox, you can configure your device to send an SNMP trap to your SNMP management station when traffic is filtered by a policy that results in an alarm condition. You can enable your device to send alarms for any policy in your configuration.
Your device can send these SNMP traps for the alarms generated by your device:
- AH-Auth-Error
- AH-Replay-Error
- arp_spoofing_dos
- Blocked Ports
- Block-Site-Notif
- bootup
- ddos_attack_dest_dos
- ddos_attack_src_dos
- DDOS-Attack-Dest
- DDOS-Attack-Src
- DOS
- ESP-Auth-Error
- ESP-Replay-Error
- ha event
- HW-Monitor
- icmp_flood_dos
- ICMP-Flood
- ike_flood_dos
- IKE-Flood
- Invalid-SPI
- ip_scan_dos
- ip_source_route_dos
- IPS
- IP-Scan
- ipsec_flood_dos
- IPSec-Flood
- IP-Spoofing
- Link-Down
- Log-Full
- multi-wan event
- Other-Policy-Error
- ping_of_death_dos
- Ping-of-Death
- Policy
- port_scan_dos
- Port-Scan
- Proxy
- Source-Route
- spoofing_dos
- syn_attack_dos
- SYN-Attack
- System
- Tear-Drop
- Traffic
- udp_flood_dos
- UDP-Flood
For more information about SNMP traps and for instructions to enable SNMP traps on your device, go to Enable SNMP Management Stations and Traps for a Locally-Managed Firebox.
Enable SNMP Management Stations and Traps for a Locally-Managed Firebox