KN3 zERT IPsec Summary Attributes

Use the zERT IPSec Summary attribute group to monitor zERT IPSec sessions.

Origin Node Unique identifier for the TCP/IP stack being displayed.

Sysplex Name The name of the sysplex that the monitored system is part of. The format is a text string no longer than 8 characters.

System ID The SMF system ID. The format is a text string no longer than 4 characters.

TCPIP STC Name The jobname of the TCP/IP address space.

Collection Time The time and date of data sampling.

Interval Length The length of time of the data sampling in hh:mm:ss format.

Application Name The jobname associated with the application address space that opened and bound the socket associated with the security session.

Protocol The IP Protocol for the security session. The format is an unsigned integer that can have the following values:
6 - TCP
17 - UDP

Server IP Address The server IP address. The format is a text string of up to 45 characters. The IPV6 Session attribute indicates whether this is an IPV6 IP address or not.

Client IP Address The client IP address. The format is a text string of up to 45 characters. The IPV6 Session attribute indicates whether this is an IPV6 IP address or not.

Port Range Start The starting value for the server port range. The format is an unsigned integer.

Port Range End The ending value for the server port range. The format is an unsigned integer.

Session ID The session identifier that uniquely identifies a security session based on the server and client endpoints plus the significant security attributes of the session. This is a text string of up to 42 characters.

IKE Version Version (major and minor) of the IKE protocol in use. The format is MAJOR.MINOR.

IKE Tunnel Local Endpoint The Local IP address of tunnel endpoint. The format is a text string of up to 45 characters.

IKE Tunnel Remote Endpoint The remote IP address of tunnel endpoint. The format is a text string of up to 45 characters.

IKE Tunnel Local Auth Method The authentication method for the local endpoint. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000              
None=0X0001                 
RSA_signature=0X0002        
Preshared_key=0X0003        
ECDSA-256_signature=0X0004  
ECDSA-384_signature=0X0005  
ECDSA-521_signature=0X0006  
Digital_signature=0X0007    
IKE Tunnel Remote Auth Method The authentication method for the remote endpoint. The format is an unsigned integer that can have one of the following values:
 Unknown=0X0000             
 None=0X0001                
 RSA_signature=0X0002       
 Preshared_key=0X0003       
 ECDSA-256_signature=0X0004 
 ECDSA-384_signature=0X0005 
 ECDSA-521_signature=0X0006 
 Digital_signature=0X0007   
IKE Tunnel Authentication Algorithm The Tunnel authentication algorithm. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000             
None=0X0001                
MD2=0X0002                 
HMAC-MD5=0X0003            
HMAC-SHA1=0X0004           
HMAC-SHA2-224=0X0005       
HMAC-SHA2-256=0X0006       
HMAC-SHA2-384=0X0007       
HMAC-SHA2-512=0X0008       
AES-GMAC-128=0X0009        
AES-GMAC-256=0X000A        
AES-128-XCBC-96=0X000B     
HMAC-SHA2-256-128=0X000C   
HMAC-SHA2-384-192=0X000D   
HMAC-SHA2-512-256=0X000E   
HMAC-MD5-96=0X000F         
HMAC-SHA1-96=0X0010        
UMAC-64=0X0011             
UMAC-128=0X0012            
RIPEMD-160=0X0013          
IKE Tunnel Encryption Algorithm The tunnel encryption algorithm. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000          
None=0X0001             
DES=0X0002              
DES_40=0X0003           
3DES=0X0004             
RC2_40=0X0005           
RC2_128=0X0006          
RC2=0X0007              
RC4_40=0X0008           
RC4_128=0X0009          
RC4_256=0X000A          
RC4=0X000B              
AES_CBC_128=0X000C      
AES_CBC_192=0X000D      
AES_CBC_256=0X000E      
AES_CTR_128=0X000F      
AES_CTR_192=0X0010      
AES_CTR_256=0X0011      
AES_GCM_128=0X0012      
AES_GCM_256=0X0013      
AES_CCM_128=0X0014      
AES_CCM_256=0X0015      
AES_CCM8_128=0X0016     
AES_CCM8_256=0X0017     
AES_256=0X0018          
BLOWFISH=0X0019         
BLOWFISH_CBC=0X001A     
CAST_128_CBC=0X001B     
ARCFOUR_128=0X001C      
ARCFOUR_256=0X001D      
ARCFOUR=0X001E          
RIJNDAEL_CBC=0X001F     
ARIA_128_CBC=0X0020     
ARIA_128_CBC=0X0021     
ARIA_256_CBC=0X0022     
ARIA_128_GCM=0X0023     
ARIA_256_GCM=0X0024     
CAMELLIA_128_CBC=0X0025 
CAMELLIA_256_CBC=0X0026 
CAMELLIA_128_GCM=0X0027 
CAMELLIA_256_GCM=0X0028 
CHACHA20_POLY1305=0X0029
IDEA_CBC=0X002A         
SEED_CBC=0X002B         
FORTEZZA_CBC=0X002C     
GOST28147=0X002D        
TWOFISH_CBC_256=0X002E  
TWOFISH_CBC=0X002F      
TWOFISH_CBC_192=0X0030  
TWOFISH_CBC_128=0X0031  
SERPENT_CBC_256=0X0032  
SERPENT_CBC_192=0X0033  
SERPENT_CBC_128=0X0034  
IKE Tunnel Diffie-Hellman Group The Diffie-Hellman group that is used to generate the keying material for this IKE tunnel. The format is an unsigned integer that can have one the following values:
Unknown_or_manual_tunnel=0X0000    
DH_Group_1=0X0001                  
DH_Group_2=0X0002                  
DH_Group_5=0X0005                  
DH_Group_14=0X000E                 
DH_Group_19=0X0013                 
DH_Group_20=0X0014                 
DH_Group_21=0X0015                 
DH_Group_24=0X0018                 
No_DH_group_used=0X00FF            
IKE Tunnel Pseudo-Random Function The Pseudo-random function that is used for seeding keying material. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000        
None=0X0001           
HMAC-SHA2-256=0X0002  
HMAC-SHA2-384=0X0003  
HMAC-SHA2-512=0X0004  
AES-128-XCBC=0X0005   
HMAC-MD5=0X0006       
HMAC-SHA1=0X0007      
Local IKE Cert Signature Method The local IKE certificate signature method. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000             
None=0X0001                
RSA_with_MD2=0X0002        
RSA_with_MD5=0X0003        
RSA_with_SHA1=0X0004       
DSA_with_SHA1=0X0005       
RSA_with_SHA-224=0X0006    
RSA_with_SHA-256=0X0007    
RSA_with_SHA-384=0X0008    
RSA_with_SHA-512=0X0009    
ECDSA_with_SHA1=0X000A     
ECDSA_with_SHA-224=0X000B  
ECDSA_with_SHA-256=0X000C  
ECDSA_with_SHA-384=0X000D  
ECDSA_with_SHA-512=0X000E  
DSA_with_SHA-224=0X000F    
DSA_with_SHA-256=0X0010    
Local IKE Cert Encryption Method The local IKE certificate encryption method. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000
None=0X0001   
RSA=0X0002    
DSA=0X0003    
ECDSA=0X0004  
Local IKE Cert Digest Method The local IKE certificate digest algorithm. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000  
None=0X0001     
MD2=0X0002      
MD5=0X0003      
SHA1=0X0004     
SHA-224=0X0005  
SHA-256=0X0006  
SHA-384=0X0007  
SHA-512=0X0008  
Local IKE Certificate Key Type The local IKE certificate key type. The format is an unsigned integer that can have one of the following values:
Unknown=0                     
None=1                        
RSA=2                         
DSA=3                         
Diffie-Hellman=4              
Elliptic_Curve_Cryptography=5 
e

Local IKE Certificate Key Length The local IKE certificate key length. The format is an unsigned integer.

Remote IKE Cert Signature Method The remote IKE certificate signature method. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000            
None=0X0001               
RSA_with_MD2=0X0002       
RSA_with_MD5=0X0003       
RSA_with_SHA1=0X0004      
DSA_with_SHA1=0X0005      
RSA_with_SHA-224=0X0006   
RSA_with_SHA-256=0X0007   
RSA_with_SHA-384=0X0008   
RSA_with_SHA-512=0X0009   
ECDSA_with_SHA1=0X000A    
ECDSA_with_SHA-224=0X000B 
ECDSA_with_SHA-256=0X000C 
ECDSA_with_SHA-384=0X000D 
ECDSA_with_SHA-512=0X000E 
DSA_with_SHA-224=0X000F   
DSA_with_SHA-256=0X0010   
e
Remote IKE Cert Encryption Method The remote IKE certificate encryption method. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000
None=0X0001   
RSA=0X0002    
DSA=0X0003    
ECDSA=0X0004  
Remote IKE Cert Digest Method The remote IKE certificate digest algorithm. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000   
None=0X0001      
MD2=0X0002       
MD5=0X0003       
SHA1=0X0004      
SHA-224=0X0005   
SHA-256=0X0006   
SHA-384=0X0007   
SHA-512=0X0008   
Remote IKE Certificate Key Type The remote IKE certificate key type. The format is an unsigned integer that can have one of the following values:
Unknown=0                     
None=1                        
RSA=2                         
DSA=3                         
Diffie-Hellman=4              
Elliptic_Curve_Cryptography=5 

Remote IKE Certificate Key Length The remote IKE certificate key length in bits. The format is an unsigned integer.

Perfect Forward Secrecy Group Diffie-Hellman group that is used for perfect forward secrecy. The format is an unsigned integer that can have one the following values:
Unknown_or_manual_tunnel=0X0000
DH_Group_1=0X0001              
DH_Group_2=0X0002              
DH_Group_5=0X0005              
DH_Group_14=0X000E             
DH_Group_19=0X0013             
DH_Group_20=0X0014             
DH_Group_21=0X0015             
DH_Group_24=0X0018             
No_DH_group_used=0X00FF        
IPSec Encapsulation Mode The IKE Tunnel encapsulation mode. The format is an unsigned integer that can have one the following values:
Unknown=0X0000        
Tunnel_mode=0X0001    
Transport_mode=0X0002 
IPSec Authentication Protocol The IKE Tunnel message authentication protocol. The format is an unsigned integer that can have one the following values:
Unknown=0                         
Encapsulating_Security_Payload=50 
Authentication_Header=51          
IPSec Authentication Algorithm The IKE tunnel authentication algorithm for IKE phase 2. The format is an unsigned integer that can have one of the following values:
 Unknown=0X0000               
 None=0X0001                  
 MD2=0X0002                   
 HMAC-MD5=0X0003              
 HMAC-SHA1=0X0004             
 HMAC-SHA2-224=0X0005         
 HMAC-SHA2-256=0X0006         
 HMAC-SHA2-384=0X0007         
 HMAC-SHA2-512=0X0008         
 AES-GMAC-128=0X0009          
 AES-GMAC-256=0X000A          
 AES-128-XCBC-96=0X000B       
 HMAC-SHA2-256-128=0X000C     
 HMAC-SHA2-384-192=0X000D     
 HMAC-SHA2-512-256=0X000E     
 HMAC-MD5-96=0X000F           
 HMAC-SHA1-96=0X0010          
 UMAC-64=0X0011               
 UMAC-128=0X0012              
 RIPEMD-160=0X0013B           
Tunnel Encryption Algorithm The IKE tunnel encryption algorithm for IKE phase 2. The format is an unsigned integer that can have one of the following values:
Unknown=0X0000           
None=0X0001              
DES=0X0002               
DES_40=0X0003            
3DES=0X0004              
RC2_40=0X0005            
RC2_128=0X0006           
RC2=0X0007               
RC4_40=0X0008            
RC4_128=0X0009           
RC4_256=0X000A           
RC4=0X000B               
AES_CBC_128=0X000C       
AES_CBC_192=0X000D       
AES_CBC_256=0X000E       
AES_CTR_128=0X000F       
AES_CTR_192=0X0010       
AES_CTR_256=0X0011       
AES_GCM_128=0X0012       
AES_GCM_256=0X0013       
AES_CCM_128=0X0014       
AES_CCM_256=0X0015       
AES_CCM8_128=0X0016      
AES_CCM8_256=0X0017      
AES_256=0X0018           
BLOWFISH=0X0019          
BLOWFISH_CBC=0X001A      
CAST_128_CBC=0X001B      
ARCFOUR_128=0X001C       
ARCFOUR_256=0X001D       
ARCFOUR=0X001E           
RIJNDAEL_CBC=0X001F      
ARIA_128_CBC=0X0020      
ARIA_128_CBC=0X0021      
ARIA_256_CBC=0X0022      
ARIA_128_GCM=0X0023      
ARIA_256_GCM=0X0024      
CAMELLIA_128_CBC=0X0025  
CAMELLIA_256_CBC=0X0026  
CAMELLIA_128_GCM=0X0027  
CAMELLIA_256_GCM=0X0028  
CHACHA20_POLY1305=0X0029 
IDEA_CBC=0X002A          
SEED_CBC=0X002B          
FORTEZZA_CBC=0X002C      
GOST28147=0X002D         
TWOFISH_CBC_256=0X002E   
TWOFISH_CBC=0X002F       
TWOFISH_CBC_192=0X0030   
TWOFISH_CBC_128=0X0031   
SERPENT_CBC_256=0X0032   
SERPENT_CBC_192=0X0033   
SERPENT_CBC_128=0X0034