04-29-2010 12:23 PM - edited 03-06-2019 10:52 AM
I have several Cisco devices and I recently purchased Solarwinds NPM. This software requires that SNMP be enable in order to mointor network devices and traffic.
Questions: if the snmp is enabled is enalbed on my Cisco equiptment is there any secuirty flaws that could give remote users access or infomations that could casues a security breach.
Solved! Go to Solution.
04-29-2010 12:51 PM
Also, a couple of more items .... don't use the default community strings of "public" and "private." Plus implement an ACL on each network device that will limit SNMP access for the specific IP address of the Solarwinds server.
04-30-2010 01:36 AM
I have several Cisco devices and I recently purchased Solarwinds NPM. This software requires that SNMP be enable in order to mointor network devices and traffic.
Questions: if the snmp is enabled is enalbed on my Cisco equiptment is there any secuirty flaws that could give remote users access or infomations that could casues a security breach.
Hi,
The best way is to have a standard community string configured between the devices and server with version 3 selected which is encrypted also to have high level of security and with cisco switches you can also have acl with sepecifc server can poll the switch with configured read only community string.
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
04-29-2010 12:28 PM
Hi,
The recommendation is to use SNMPv3 since it encrypts the traffic and requires authentication.
It provides greater security enhancements compared to the previous versions which provide little to no security at all.
Federico.
04-29-2010 12:51 PM
Also, a couple of more items .... don't use the default community strings of "public" and "private." Plus implement an ACL on each network device that will limit SNMP access for the specific IP address of the Solarwinds server.
04-30-2010 01:36 AM
I have several Cisco devices and I recently purchased Solarwinds NPM. This software requires that SNMP be enable in order to mointor network devices and traffic.
Questions: if the snmp is enabled is enalbed on my Cisco equiptment is there any secuirty flaws that could give remote users access or infomations that could casues a security breach.
Hi,
The best way is to have a standard community string configured between the devices and server with version 3 selected which is encrypted also to have high level of security and with cisco switches you can also have acl with sepecifc server can poll the switch with configured read only community string.
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
04-30-2010 04:54 AM
Thanks. The info you guys provided was a big help.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: