tech-invite   World Map
3GPP     Specs     Glossaries     Architecture     IMS     UICC       IETF     RFCs     Groups     SIP     ABNFs       Search

RFC 8038

 
 
 

Exporting MIB Variables Using the IP Flow Information Export (IPFIX) Protocol

Part 4 of 4, p. 65 to 85
Prev Section

 


prevText      Top      ToC       Page 65 
7.  Configuration Considerations

   When configuring a MIB OID for export, consideration should be given
   to whether the SNMP context should also be configurable.  If a
   non-default context is used, then it should be associated with the
   fields as per Section 5.6.

Top      Up      ToC       Page 66 
8.  The Collecting Process's Side

   The specifications in Section 9 of [RFC7011] also apply to Collectors
   that implement this specification.  In addition, the following
   specifications should be noted:

   o  A Collecting Process that implements this specification MUST store
      the Data Records containing the OID object type definitions with
      the same retention policy as Templates.

   o  A Collecting Process that implements this specification SHOULD
      have access to MIB modules in order to look up the received MIB
      Object Identifiers and find the full type definition and name of
      MIB OID fields used in received Templates.

   o  It should be noted that, because reduced-size encoding MAY be used
      by the Exporting Process, the Collecting Process cannot assume
      that a received size for a field is the maximum size it should
      expect for that field.

   o  If a Collecting Process receives a MIB Object Identifier that it
      cannot decode, it MAY log a warning.

   o  A Collecting Process MUST support the three options for handling
      columnar objects detailed in Section 5.8.

9.  Applicability

   Making available the many and varied items from MIB modules opens up
   a wide range of possible applications for the IPFIX protocol, some
   quite different from the usual Flow information.

   Some monitoring applications periodically export a mapping of
   interface ID to interface name using IPFIX Options Templates.  This
   could be expanded to include the ifInUcastPkts MIB object as defined
   in the IF-MIB [RFC2863], indexed using the ingressInterface
   Information Element.  This would provide the input statistics for
   each interface; these statistics can be compared to the Flow
   information to ensure that the sampling rate is as expected, or, in
   the absence of sampling, to ensure that all expected packets are
   being monitored.

Top      Up      ToC       Page 67 
10.  Security Considerations

   For this extension to the IPFIX protocol, the same security
   considerations as those for the IPFIX protocol apply [RFC7011].

   If the Exporter is generating or capturing the field values itself,
   e.g., using the MIB objects only as an encoding or type mechanism,
   there are no extra security considerations beyond standard IPFIX.

   However, if the Exporter is implemented as an SNMP manager accessing
   an SNMP agent, it MUST authenticate itself to the SNMP agent
   [RFC3414] [RFC5591] [RFC5592] [RFC6353], and the SNMP agent MUST
   enforce SNMP access control rules [RFC3415] as required by the SNMP
   architecture [RFC3411].

   Access to particular MIB objects is controlled by the configuration
   of the IPFIX Exporter.  This is consistent with the way IPFIX
   controls access to other Information Elements in general.

   The configuration of an IPFIX Exporter determines which MIB objects
   are included in IPFIX Data Records sent to certain Collectors.
   Network operators should take care that the only MIB objects that are
   included in IPFIX Data Records are objects that the receiving
   Collector is allowed to receive.  Note that multiple users may have
   access to the data from the Collector.

   When exporting MIB objects that may be considered sensitive or
   vulnerable in some network environments (as mentioned in the Security
   Considerations section of the RFC containing the MIB module), the
   Exporter should consider using anonymization techniques per [RFC6235]
   if the information is anonymizable.  Consumers of exported data
   should therefore be able to handle the kinds of data modifications
   that are described in [RFC6235].

Top      Up      ToC       Page 68 
11.  IANA Considerations

11.1.  New IPFIX Semantics

   New IPFIX semantics have been allocated in IANA's IPFIX registry
   [IANA-IPFIX] per Section 6 of [RFC7012], as defined in the
   subsections below.

11.1.1.  snmpCounter

   An integral value reporting the value of a counter, identical to the
   Counter32 and Counter64 semantics in [RFC2578], as determined by the
   Field Length.

   This is similar to IPFIX's totalCounter semantic, except that total
   counters have an initial value of 0 but SNMP counters do not.

   IANA has assigned value 7 to snmpCounter.

11.1.2.  snmpGauge

   An integral value identical to the Gauge32 semantic in [RFC2578] and
   the Gauge64 semantic in [RFC2856], as determined by the Field Length.

   IANA has assigned value 8 to snmpGauge.

Top      Up      ToC       Page 69 
11.2.  New IPFIX Information Elements

   The new Information Elements in Table 10 have been allocated in
   IANA's IPFIX registry [IANA-IPFIX], as defined in the subsections
   below.

   In each case, the "Units" and "Range" have been left blank, since
   these are not applicable.

                 +-----------+---------------------------+
                 | ElementId | Name                      |
                 +-----------+---------------------------+
                 | 434       | mibObjectValueInteger     |
                 | 435       | mibObjectValueOctetString |
                 | 436       | mibObjectValueOID         |
                 | 437       | mibObjectValueBits        |
                 | 438       | mibObjectValueIPAddress   |
                 | 439       | mibObjectValueCounter     |
                 | 440       | mibObjectValueGauge       |
                 | 441       | mibObjectValueTimeTicks   |
                 | 442       | mibObjectValueUnsigned    |
                 | 443       | mibObjectValueTable       |
                 | 444       | mibObjectValueRow         |
                 | 445       | mibObjectIdentifier       |
                 | 446       | mibSubIdentifier          |
                 | 447       | mibIndexIndicator         |
                 | 448       | mibCaptureTimeSemantics   |
                 | 449       | mibContextEngineID        |
                 | 450       | mibContextName            |
                 | 451       | mibObjectName             |
                 | 452       | mibObjectDescription      |
                 | 453       | mibObjectSyntax           |
                 | 454       | mibModuleName             |
                 +-----------+---------------------------+

                    Table 10: New Information Elements

11.2.1.  New MIB Object Value Information Elements

11.2.1.1.  mibObjectValueInteger

   A new Information Element "mibObjectValueInteger" has been allocated
   in IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An IPFIX Information Element that denotes that the
      integer value of a MIB object will be exported.  The MIB Object
      Identifier ("mibObjectIdentifier") for this field MUST be exported
      in a MIB Field Option or via another means.  This Information

Top      Up      ToC       Page 70 
      Element is used for MIB objects with the Base syntax of Integer32
      and INTEGER with IPFIX reduced-size encoding used as required.
      The value is encoded as per the standard IPFIX Abstract Data Type
      of signed32.

      Abstract Data Type: signed32

      Data Type Semantics: quantity

      ElementId: 434

      Status: current

      Reference: RFC 8038

11.2.1.2.  mibObjectValueOctetString

   A new Information Element "mibObjectValueOctetString" has been
   allocated in IANA's IPFIX registry [IANA-IPFIX], with the following
   definition:

      Description: An IPFIX Information Element that denotes that an
      Octet String or Opaque value of a MIB object will be exported.
      The MIB Object Identifier ("mibObjectIdentifier") for this field
      MUST be exported in a MIB Field Option or via another means.  This
      Information Element is used for MIB objects with the Base syntax
      of OCTET STRING and Opaque.  The value is encoded as per the
      standard IPFIX Abstract Data Type of octetArray.

      Abstract Data Type: octetArray

      Data Type Semantics: default

      ElementId: 435

      Status: current

      Reference: RFC 8038

11.2.1.3.  mibObjectValueOID

   A new Information Element "mibObjectValueOID" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An IPFIX Information Element that denotes that an
      Object Identifier or OID value of a MIB object will be exported.
      The MIB Object Identifier ("mibObjectIdentifier") for this field
      MUST be exported in a MIB Field Option or via another means.  This

Top      Up      ToC       Page 71 
      Information Element is used for MIB objects with the Base syntax
      of OBJECT IDENTIFIER.  Note: In this case, the
      "mibObjectIdentifier" defines which MIB object is being exported,
      and the "mibObjectValueOID" field will contain the OID value of
      that MIB object.  The mibObjectValueOID Information Element is
      encoded as ASN.1/BER [X.690] in an octetArray.

      Abstract Data Type: octetArray

      Data Type Semantics: default

      ElementId: 436

      Status: current

      Reference: RFC 8038

11.2.1.4.  mibObjectValueBits

   A new Information Element "mibObjectValueBits" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An IPFIX Information Element that denotes that a set
      of Enumerated flags or bits from a MIB object will be exported.
      The MIB Object Identifier ("mibObjectIdentifier") for this field
      MUST be exported in a MIB Field Option or via another means.  This
      Information Element is used for MIB objects with the Base syntax
      of BITS.  The flags or bits are encoded as per the standard IPFIX
      Abstract Data Type of octetArray, with sufficient length to
      accommodate the required number of bits.  If the number of bits is
      not an integer multiple of octets, then the most significant bits
      at the end of the octetArray MUST be set to 0.

      Abstract Data Type: octetArray

      Data Type Semantics: flags

      ElementId: 437

      Status: current

      Reference: RFC 8038

Top      Up      ToC       Page 72 
11.2.1.5.  mibObjectValueIPAddress

   A new Information Element "mibObjectValueIPAddress" has been
   allocated in IANA's IPFIX registry [IANA-IPFIX], with the following
   definition:

      Description: An IPFIX Information Element that denotes that the
      IPv4 address value of a MIB object will be exported.  The MIB
      Object Identifier ("mibObjectIdentifier") for this field MUST be
      exported in a MIB Field Option or via another means.  This
      Information Element is used for MIB objects with the Base syntax
      of IpAddress.  The value is encoded as per the standard IPFIX
      Abstract Data Type of ipv4Address.

      Abstract Data Type: ipv4Address

      Data Type Semantics: default

      ElementId: 438

      Status: current

      Reference: RFC 8038

11.2.1.6.  mibObjectValueCounter

   A new Information Element "mibObjectValueCounter" has been allocated
   in IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An IPFIX Information Element that denotes that the
      counter value of a MIB object will be exported.  The MIB Object
      Identifier ("mibObjectIdentifier") for this field MUST be exported
      in a MIB Field Option or via another means.  This Information
      Element is used for MIB objects with the Base syntax of Counter32
      or Counter64 with IPFIX reduced-size encoding used as required.
      The value is encoded as per the standard IPFIX Abstract Data Type
      of unsigned64.

      Abstract Data Type: unsigned64

      Data Type Semantics: snmpCounter

      ElementId: 439

      Status: current

      Reference: RFC 8038

Top      Up      ToC       Page 73 
11.2.1.7.  mibObjectValueGauge

   A new Information Element "mibObjectValueGauge" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An IPFIX Information Element that denotes that the
      Gauge value of a MIB object will be exported.  The MIB Object
      Identifier ("mibObjectIdentifier") for this field MUST be exported
      in a MIB Field Option or via another means.  This Information
      Element is used for MIB objects with the Base syntax of Gauge32.
      The value is encoded as per the standard IPFIX Abstract Data Type
      of unsigned32.  This value represents a non-negative integer that
      may increase or decrease but that shall never exceed a maximum
      value or fall below a minimum value.

      Abstract Data Type: unsigned32

      Data Type Semantics: snmpGauge

      ElementId: 440

      Status: current

      Reference: RFC 8038

11.2.1.8.  mibObjectValueTimeTicks

   A new Information Element "mibObjectValueTimeTicks" has been
   allocated in IANA's IPFIX registry [IANA-IPFIX], with the following
   definition:

      Description: An IPFIX Information Element that denotes that the
      TimeTicks value of a MIB object will be exported.  The MIB Object
      Identifier ("mibObjectIdentifier") for this field MUST be exported
      in a MIB Field Option or via another means.  This Information
      Element is used for MIB objects with the Base syntax of TimeTicks.
      The value is encoded as per the standard IPFIX Abstract Data Type
      of unsigned32.

      Abstract Data Type: unsigned32

      Data Type Semantics: quantity

      ElementId: 441

      Status: current

      Reference: RFC 8038

Top      Up      ToC       Page 74 
11.2.1.9.  mibObjectValueUnsigned

   A new Information Element "mibObjectValueUnsigned" has been allocated
   in IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An IPFIX Information Element that denotes that an
      unsigned integer value of a MIB object will be exported.  The MIB
      Object Identifier ("mibObjectIdentifier") for this field MUST be
      exported in a MIB Field Option or via another means.  This
      Information Element is used for MIB objects with the Base syntax
      of unsigned32 with IPFIX reduced-size encoding used as required.
      The value is encoded as per the standard IPFIX Abstract Data Type
      of unsigned32.

      Abstract Data Type: unsigned32

      Data Type Semantics: quantity

      ElementId: 442

      Status: current

      Reference: RFC 8038

11.2.1.10.  mibObjectValueTable

   A new Information Element "mibObjectValueTable" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An IPFIX Information Element that denotes that a
      complete or partial conceptual table will be exported.  The MIB
      Object Identifier ("mibObjectIdentifier") for this field MUST be
      exported in a MIB Field Option or via another means.  This
      Information Element is used for MIB objects with a syntax of
      SEQUENCE OF.  This is encoded as a subTemplateList of
      mibObjectValue Information Elements.  The Template specified in
      the subTemplateList MUST be an Options Template and MUST include
      all the objects listed in the INDEX clause as Scope Fields.

      Abstract Data Type: subTemplateList

      Data Type Semantics: list

      ElementId: 443

      Status: current

      Reference: RFC 8038

Top      Up      ToC       Page 75 
11.2.1.11.  mibObjectValueRow

   A new Information Element "mibObjectValueRow" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An IPFIX Information Element that denotes that a
      single row of a conceptual table will be exported.  The MIB Object
      Identifier ("mibObjectIdentifier") for this field MUST be exported
      in a MIB Field Option or via another means.  This Information
      Element is used for MIB objects with a syntax of SEQUENCE.  This
      is encoded as a subTemplateList of mibObjectValue Information
      Elements.  The subTemplateList exported MUST contain exactly one
      row (i.e., one instance of the subTemplate).  The Template
      specified in the subTemplateList MUST be an Options Template and
      MUST include all the objects listed in the INDEX clause as Scope
      Fields.

      Abstract Data Type: subTemplateList

      Data Type Semantics: list

      ElementId: 444

      Status: current

      Reference: RFC 8038

11.2.2.  New MIB Field Options Information Elements

11.2.2.1.  mibObjectIdentifier

   A new Information Element "mibObjectIdentifier" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An IPFIX Information Element that denotes that a MIB
      Object Identifier (MIB OID) is exported in the (Options)
      Template Record.  The mibObjectIdentifier Information Element
      contains the OID assigned to the MIB object type definition
      encoded as ASN.1/BER [X.690].

      Abstract Data Type: octetArray

      Data Type Semantics: default

      ElementId: 445

Top      Up      ToC       Page 76 
      Status: current

      Reference: RFC 8038

11.2.2.2.  mibSubIdentifier

   A new Information Element "mibSubIdentifier" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: A non-negative sub-identifier of an Object Identifier
      (OID).

      Abstract Data Type: unsigned32

      Data Type Semantics: identifier

      ElementId: 446

      Status: current

      Reference: RFC 8038

11.2.2.3.  mibIndexIndicator

   A new Information Element "mibIndexIndicator" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: A set of bit fields that is used for marking the
      Information Elements of a Data Record that serve as INDEX MIB
      objects for an indexed columnar MIB object.  Each bit represents
      an Information Element in the Data Record, with the n-th least
      significant bit representing the n-th Information Element.  A bit
      set to 1 indicates that the corresponding Information Element is
      an index of the columnar object represented by the mibObjectValue.
      A bit set to 0 indicates that this is not the case.

      If the Data Record contains more than 64 Information Elements, the
      corresponding Template SHOULD be designed such that all index
      fields are among the first 64 Information Elements, because the
      mibIndexIndicator only contains 64 bits.  If the Data Record
      contains less than 64 Information Elements, then the extra bits in
      the mibIndexIndicator for which no corresponding Information
      Element exists MUST have the value 0 and must be disregarded by
      the Collector.  This Information Element may be exported with
      IPFIX reduced-size encoding.

Top      Up      ToC       Page 77 
      Abstract Data Type: unsigned64

      Data Type Semantics: flags

      ElementId: 447

      Status: current

      Reference: RFC 8038

11.2.2.4.  mibCaptureTimeSemantics

   A new Information Element "mibCaptureTimeSemantics" has been
   allocated in IANA's IPFIX registry [IANA-IPFIX], with the following
   definition:

      Description: Indicates when in the lifetime of the Flow the MIB
      value was retrieved from the MIB for a mibObjectIdentifier.  This
      is used to indicate if the value exported was collected from the
      MIB closer to Flow creation or Flow export time and refers to the
      Timestamp fields included in the same Data Record.  This field
      SHOULD be used when exporting a mibObjectValue that specifies
      counters or statistics.

      If the MIB value was sampled by SNMP prior to the IPFIX Metering
      Process or Exporting Process retrieving the value (i.e., the data
      is already stale) and it is important to know the exact sampling
      time, then an additional observationTime* element should be paired
      with the OID using IPFIX Structured Data [RFC6313].  Similarly, if
      different MIB capture times apply to different mibObjectValue
      elements within the Data Record, then individual
      mibCaptureTimeSemantics Information Elements should be paired with
      each OID using IPFIX Structured Data.

Top      Up      ToC       Page 78 
      Values:

         0  undefined

         1  begin - The value for the MIB object is captured from the
            MIB when the Flow is first observed

         2  end - The value for the MIB object is captured from the MIB
            when the Flow ends

         3  export - The value for the MIB object is captured from the
            MIB at export time

         4  average - The value for the MIB object is an average of
            multiple captures from the MIB over the observed life of
            the Flow

      Abstract Data Type: unsigned8

      Data Type Semantics: identifier

      ElementId: 448

      Status: current

      Reference: RFC 8038

11.2.2.5.  mibContextEngineID

   A new Information Element "mibContextEngineID" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: A mibContextEngineID that specifies the SNMP
      engine ID for a MIB field being exported over IPFIX.  Definition
      as per [RFC3411], Section 3.3.

      Abstract Data Type: octetArray

      Data Type Semantics: default

      ElementId: 449

      Status: current

      Reference: RFC 8038

Top      Up      ToC       Page 79 
11.2.2.6.  mibContextName

   A new Information Element "mibContextName" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: An Information Element that denotes that a MIB
      context name is specified for a MIB field being exported over
      IPFIX.  Reference [RFC3411], Section 3.3.

      Abstract Data Type: string

      Data Type Semantics: default

      ElementId: 450

      Status: current

      Reference: RFC 8038

11.2.3.  New MIB Type Information Elements

11.2.3.1.  mibObjectName

   A new Information Element "mibObjectName" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: The name (called a descriptor in [RFC2578]) of an
      object type definition.

      Abstract Data Type: string

      Data Type Semantics: default

      ElementId: 451

      Status: current

      Reference: RFC 8038

Top      Up      ToC       Page 80 
11.2.3.2.  mibObjectDescription

   A new Information Element "mibObjectDescription" has been allocated
   in IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: The value of the DESCRIPTION clause of a MIB object
      type definition.

      Abstract Data Type: string

      Data Type Semantics: default

      ElementId: 452

      Status: current

      Reference: RFC 8038

11.2.3.3.  mibObjectSyntax

   A new Information Element "mibObjectSyntax" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: The value of the SYNTAX clause of a MIB object type
      definition, which may include a textual convention or sub-typing.
      See [RFC2578].

      Abstract Data Type: string

      Data Type Semantics: default

      ElementId: 453

      Status: current

      Reference: RFC 8038

Top      Up      ToC       Page 81 
11.2.3.4.  mibModuleName

   A new Information Element "mibModuleName" has been allocated in
   IANA's IPFIX registry [IANA-IPFIX], with the following definition:

      Description: The textual name of the MIB module that defines a MIB
      object.

      Abstract Data Type: string

      Data Type Semantics: default

      ElementId: 454

      Status: current

      Reference: RFC 8038

12.  References

12.1.  Normative References

   [IANA-IPFIX]
              IANA, "IP Flow Information Export (IPFIX) Entities",
              <http://www.iana.org/assignments/ipfix/>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC2578]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Structure of Management Information
              Version 2 (SMIv2)", STD 58, RFC 2578,
              DOI 10.17487/RFC2578, April 1999,
              <http://www.rfc-editor.org/info/rfc2578>.

   [RFC2856]  Bierman, A., McCloghrie, K., and R. Presuhn, "Textual
              Conventions for Additional High Capacity Data Types",
              RFC 2856, DOI 10.17487/RFC2856, June 2000,
              <http://www.rfc-editor.org/info/rfc2856>.

   [RFC3411]  Harrington, D., Presuhn, R., and B. Wijnen, "An
              Architecture for Describing Simple Network Management
              Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
              DOI 10.17487/RFC3411, December 2002,
              <http://www.rfc-editor.org/info/rfc3411>.

Top      Up      ToC       Page 82 
   [RFC6526]  Claise, B., Aitken, P., Johnson, A., and G. Muenz,
              "IP Flow Information Export (IPFIX) Per Stream Control
              Transmission Protocol (SCTP) Stream", RFC 6526,
              DOI 10.17487/RFC6526, March 2012,
              <http://www.rfc-editor.org/info/rfc6526>.

   [RFC7011]  Claise, B., Ed., Trammell, B., Ed., and P. Aitken,
              "Specification of the IP Flow Information Export (IPFIX)
              Protocol for the Exchange of Flow Information", STD 77,
              RFC 7011, DOI 10.17487/RFC7011, September 2013,
              <http://www.rfc-editor.org/info/rfc7011>.

   [RFC7012]  Claise, B., Ed., and B. Trammell, Ed., "Information Model
              for IP Flow Information Export (IPFIX)", RFC 7012,
              DOI 10.17487/RFC7012, September 2013,
              <http://www.rfc-editor.org/info/rfc7012>.

   [X.690]    International Telecommunication Union, "Information
              Technology - ASN.1 encoding rules: Specification of Basic
              Encoding Rules (BER), Canonical Encoding Rules (CER) and
              Distinguished Encoding Rules (DER)", ITU-T Recommendation
              X.690, ISO/IEC 8825-1, August 2015,
              <https://www.itu.int/rec/T-REC-X.690>.

12.2.  Informative References

   [CISCO-PROCESS-MIB]
              Cisco Systems Inc., "CISCO-PROCESS-MIB.my: MIB for CPU and
              process statistics", <ftp://ftp.cisco.com/pub/mibs/v2/
              CISCO-PROCESS-MIB.my>.

   [RFC2863]  McCloghrie, K. and F. Kastenholz, "The Interfaces Group
              MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000,
              <http://www.rfc-editor.org/info/rfc2863>.

   [RFC2982]  Kavasseri, R., Ed., "Distributed Management Expression
              MIB", RFC 2982, DOI 10.17487/RFC2982, October 2000,
              <http://www.rfc-editor.org/info/rfc2982>.

   [RFC3414]  Blumenthal, U. and B. Wijnen, "User-based Security Model
              (USM) for version 3 of the Simple Network Management
              Protocol (SNMPv3)", STD 62, RFC 3414,
              DOI 10.17487/RFC3414, December 2002,
              <http://www.rfc-editor.org/info/rfc3414>.

Top      Up      ToC       Page 83 
   [RFC3415]  Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
              Access Control Model (VACM) for the Simple Network
              Management Protocol (SNMP)", STD 62, RFC 3415,
              DOI 10.17487/RFC3415, December 2002,
              <http://www.rfc-editor.org/info/rfc3415>.

   [RFC3444]  Pras, A. and J. Schoenwaelder, "On the Difference between
              Information Models and Data Models", RFC 3444,
              DOI 10.17487/RFC3444, January 2003,
              <http://www.rfc-editor.org/info/rfc3444>.

   [RFC4022]  Raghunarayan, R., Ed., "Management Information Base for
              the Transmission Control Protocol (TCP)", RFC 4022,
              DOI 10.17487/RFC4022, March 2005,
              <http://www.rfc-editor.org/info/rfc4022>.

   [RFC4293]  Routhier, S., Ed., "Management Information Base for the
              Internet Protocol (IP)", RFC 4293, DOI 10.17487/RFC4293,
              April 2006, <http://www.rfc-editor.org/info/rfc4293>.

   [RFC4750]  Joyal, D., Ed., Galecki, P., Ed., Giacalone, S., Ed.,
              Coltun, R., and F. Baker, "OSPF Version 2 Management
              Information Base", RFC 4750, DOI 10.17487/RFC4750,
              December 2006, <http://www.rfc-editor.org/info/rfc4750>.

   [RFC4960]  Stewart, R., Ed., "Stream Control Transmission Protocol",
              RFC 4960, DOI 10.17487/RFC4960, September 2007,
              <http://www.rfc-editor.org/info/rfc4960>.

   [RFC5102]  Quittek, J., Bryant, S., Claise, B., Aitken, P., and J.
              Meyer, "Information Model for IP Flow Information Export",
              RFC 5102, DOI 10.17487/RFC5102, January 2008,
              <http://www.rfc-editor.org/info/rfc5102>.

   [RFC5476]  Claise, B., Ed., Johnson, A., and J. Quittek, "Packet
              Sampling (PSAMP) Protocol Specifications", RFC 5476,
              DOI 10.17487/RFC5476, March 2009,
              <http://www.rfc-editor.org/info/rfc5476>.

   [RFC5591]  Harrington, D. and W. Hardaker, "Transport Security Model
              for the Simple Network Management Protocol (SNMP)",
              STD 78, RFC 5591, DOI 10.17487/RFC5591, June 2009,
              <http://www.rfc-editor.org/info/rfc5591>.

   [RFC5592]  Harrington, D., Salowey, J., and W. Hardaker, "Secure
              Shell Transport Model for the Simple Network Management
              Protocol (SNMP)", RFC 5592, DOI 10.17487/RFC5592,
              June 2009, <http://www.rfc-editor.org/info/rfc5592>.

Top      Up      ToC       Page 84 
   [RFC6235]  Boschi, E. and B. Trammell, "IP Flow Anonymization
              Support", RFC 6235, DOI 10.17487/RFC6235, May 2011,
              <http://www.rfc-editor.org/info/rfc6235>.

   [RFC6313]  Claise, B., Dhandapani, G., Aitken, P., and S. Yates,
              "Export of Structured Data in IP Flow Information Export
              (IPFIX)", RFC 6313, DOI 10.17487/RFC6313, July 2011,
              <http://www.rfc-editor.org/info/rfc6313>.

   [RFC6353]  Hardaker, W., "Transport Layer Security (TLS) Transport
              Model for the Simple Network Management Protocol (SNMP)",
              STD 78, RFC 6353, DOI 10.17487/RFC6353, July 2011,
              <http://www.rfc-editor.org/info/rfc6353>.

Acknowledgments

   The authors would like to thank Andrew Johnson for his collaboration
   on the first draft version of this document, and to thank Andrew
   Feren and Brian Trammell for their detailed reviews.

   Juergen Schoenwaelder was partly funded by Flamingo, a Network of
   Excellence project (ICT-318488) supported by the European Commission
   under its Seventh Framework Programme.

Authors' Addresses

   Paul Aitken (editor)
   Brocade Communications Systems, Inc.
   19a Canning Street, Level 3
   Edinburgh, Scotland  EH3 8EG
   United Kingdom

   Phone: +44 203 005 0731
   Email: paitken@brocade.com


   Benoit Claise
   Cisco Systems, Inc.
   De Kleetlaan 6a b1
   Diegem  1813
   Belgium

   Phone: +32 2 704 5622
   Email: bclaise@cisco.com

Top      Up      ToC       Page 85 
   Srikar B S
   Mojo Networks, Inc.
   S. No. 7, Pinnac House II
   Kothrud, Pune  411038
   India

   Phone: +91 94 4847 6672
   Email: srikarbs@gmail.com


   Colin McDowall
   Brocade Communications Systems, Inc.
   19a Canning Street, Level 3
   Edinburgh, Scotland  EH3 8EG
   United Kingdom

   Phone: +44 203 005 0687
   Email: cmcdowal@brocade.com


   Juergen Schoenwaelder
   Jacobs University Bremen
   Campus Ring 1
   Bremen  28725
   Germany

   Phone: +49 421 200 3587
   Email: j.schoenwaelder@jacobs-university.de