mirror of
https://github.com/Telecominfraproject/ols-ucentral-schema.git
synced 2026-01-27 02:21:39 +00:00
ols-848-intrusiondetection-draft-changes
This commit is contained in:
Binny
@@ -282,6 +282,7 @@ properties:
|
||||
- IP-ACL
|
||||
- Guest-VLAN
|
||||
- Storm-Control
|
||||
- Access-Lockout
|
||||
# Services
|
||||
- Service-SSH
|
||||
- Service-RSSH
|
||||
|
||||
@@ -545,6 +545,22 @@ properties:
|
||||
minLength: 1
|
||||
examples:
|
||||
- "A VoIP Phone"
|
||||
intrusion-detection-access-lockout:
|
||||
description: Enables protection against unauthorized login attempts by locking user access
|
||||
after a specified number of failed authentication attempts within a defined period.
|
||||
type: object
|
||||
properties:
|
||||
enabled:
|
||||
description: (Optional) Global flag to enable or disable the intrusion detection and access lockout feature.
|
||||
If the flag is not present but this object exists, then consider the feature enabled with other params below.
|
||||
type: boolean
|
||||
lockout-attempt-count:
|
||||
description: Number of consecutive failed login attempts allowed before the user account is locked.
|
||||
type: integer
|
||||
minimum: 1
|
||||
lockout-period-seconds:
|
||||
description: Duration (in seconds) for which the user account remains locked after exceeding the failed attempt threshold.
|
||||
type: integer
|
||||
arp-inspect:
|
||||
$ref: "https://ucentral.io/schema/v1/switch/arp-inspect/"
|
||||
ip-source-guard:
|
||||
@@ -557,4 +573,4 @@ properties:
|
||||
description: Define a global list of dns servers.
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
type: string
|
||||
@@ -187,4 +187,38 @@ properties:
|
||||
description: Total number of topology changes detected.
|
||||
last-topology-change-seconds:
|
||||
type: integer
|
||||
description: Time (in seconds) since the last topology change.
|
||||
description: Time (in seconds) since the last topology change.
|
||||
access-lockout:
|
||||
type: object
|
||||
description: Represents the operational state and statistics of the Intrusion Detection and Access Lockout feature.
|
||||
properties:
|
||||
user-sessions:
|
||||
type: array
|
||||
description: Displays a list of user sessions being tracked for failed login attempts.
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
username:
|
||||
type: string
|
||||
description: The username associated with the login attempts being tracked.
|
||||
source-ip:
|
||||
type: string
|
||||
description: The IP address from which the login attempts originated.
|
||||
failed-attempts:
|
||||
type: integer
|
||||
description: The number of consecutive failed login attempts recorded for this user session.
|
||||
status:
|
||||
type: string
|
||||
description: Indicates whether the user account is currently locked or active.
|
||||
enum:
|
||||
- active
|
||||
- locked
|
||||
last-failed-attempt-time:
|
||||
type: integer
|
||||
description: UNIX timestamp (in seconds) of the most recent failed login attempt.
|
||||
lockout-start-time:
|
||||
type: integer
|
||||
description: UNIX timestamp (in seconds) when the user account was locked.
|
||||
lockout-expiry-time:
|
||||
type: integer
|
||||
description: UNIX timestamp (in seconds) when the lockout period will end and access will be restored.
|
||||
@@ -344,6 +344,7 @@
|
||||
"IP-ACL",
|
||||
"Guest-VLAN",
|
||||
"Storm-Control",
|
||||
"Access-Lockout",
|
||||
"Service-SSH",
|
||||
"Service-RSSH",
|
||||
"Service-Telnet",
|
||||
|
||||
@@ -1434,6 +1434,25 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"intrusion-detection-access-lockout": {
|
||||
"description": "Enables protection against unauthorized login attempts by locking user access after a specified number of failed authentication attempts within a defined period.",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"description": "(Optional) Global flag to enable or disable the intrusion detection and access lockout feature. If the flag is not present but this object exists, then consider the feature enabled with other params below.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"lockout-attempt-count": {
|
||||
"description": "Number of consecutive failed login attempts allowed before the user account is locked.",
|
||||
"type": "integer",
|
||||
"minimum": 1
|
||||
},
|
||||
"lockout-period-seconds": {
|
||||
"description": "Duration (in seconds) for which the user account remains locked after exceeding the failed attempt threshold.",
|
||||
"type": "integer"
|
||||
}
|
||||
}
|
||||
},
|
||||
"arp-inspect": {
|
||||
"type": "object",
|
||||
"description": "Global configuration for ARP Inspection on the switch.",
|
||||
|
||||
@@ -1599,6 +1599,21 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"intrusion-detection-access-lockout": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"lockout-attempt-count": {
|
||||
"type": "integer",
|
||||
"minimum": 1
|
||||
},
|
||||
"lockout-period-seconds": {
|
||||
"type": "integer"
|
||||
}
|
||||
}
|
||||
},
|
||||
"arp-inspect": {
|
||||
"$ref": "#/$defs/switch.arp-inspect"
|
||||
},
|
||||
|
||||
@@ -1892,6 +1892,25 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"intrusion-detection-access-lockout": {
|
||||
"description": "Enables protection against unauthorized login attempts by locking user access after a specified number of failed authentication attempts within a defined period.",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"description": "(Optional) Global flag to enable or disable the intrusion detection and access lockout feature. If the flag is not present but this object exists, then consider the feature enabled with other params below.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"lockout-attempt-count": {
|
||||
"description": "Number of consecutive failed login attempts allowed before the user account is locked.",
|
||||
"type": "integer",
|
||||
"minimum": 1
|
||||
},
|
||||
"lockout-period-seconds": {
|
||||
"description": "Duration (in seconds) for which the user account remains locked after exceeding the failed attempt threshold.",
|
||||
"type": "integer"
|
||||
}
|
||||
}
|
||||
},
|
||||
"arp-inspect": {
|
||||
"$ref": "#/$defs/switch.arp-inspect"
|
||||
},
|
||||
|
||||
@@ -256,6 +256,53 @@
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"access-lockout": {
|
||||
"type": "object",
|
||||
"description": "Represents the operational state and statistics of the Intrusion Detection and Access Lockout feature.",
|
||||
"properties": {
|
||||
"user-sessions": {
|
||||
"type": "array",
|
||||
"description": "Displays a list of user sessions being tracked for failed login attempts.",
|
||||
"items": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"username": {
|
||||
"type": "string",
|
||||
"description": "The username associated with the login attempts being tracked."
|
||||
},
|
||||
"source-ip": {
|
||||
"type": "string",
|
||||
"description": "The IP address from which the login attempts originated."
|
||||
},
|
||||
"failed-attempts": {
|
||||
"type": "integer",
|
||||
"description": "The number of consecutive failed login attempts recorded for this user session."
|
||||
},
|
||||
"status": {
|
||||
"type": "string",
|
||||
"description": "Indicates whether the user account is currently locked or active.",
|
||||
"enum": [
|
||||
"active",
|
||||
"locked"
|
||||
]
|
||||
},
|
||||
"last-failed-attempt-time": {
|
||||
"type": "integer",
|
||||
"description": "UNIX timestamp (in seconds) of the most recent failed login attempt."
|
||||
},
|
||||
"lockout-start-time": {
|
||||
"type": "integer",
|
||||
"description": "UNIX timestamp (in seconds) when the user account was locked."
|
||||
},
|
||||
"lockout-expiry-time": {
|
||||
"type": "integer",
|
||||
"description": "UNIX timestamp (in seconds) when the lockout period will end and access will be restored."
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"$defs": {
|
||||
|
||||
Reference in New Issue
Block a user