We currently have some Cisco 3560X switches that are internet facing and also some Cisco 3750X switches that are within our Corporate DMZ.
The external facing switches are just really operating at layer 2, have no IP address configuration and just forward all traffic to our firewall.
We currently have HP NNM on our internal LAN for monitoring.
I want to be able to monitor the switches both inside our corporate DMZ and also the external internet facing switches in case of hardware failure etc. However at the same time I obviously want to make sure that this is done as securely as possible without introducing any unnecessary risks.
I was thinking of using SNMPv3 to monitor the switches but in the case of the internet facing switches I would need to assign external IP addresses to them (hence using our valuable external pool of addresses available).
I’d be grateful for any advice on the best way to complete this.
thanks Lee, I'm presuming that by using the managament interface and also putting an ACL on it then this would be the most secure ? This will also mean that I don't need to make our internet switches visible on the internet if i'm using the management interface.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :