Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can CS-MARS support SNMPv3?

Hi, can CS-MARS support SNMPv3 feature for monitor and mitigate devices?


Re: Can CS-MARS support SNMPv3?

Hi Zakhar.

The answer to your question is no.

MARS does not accept inbound SNMP traffic. This is a security feature so that MARS cannot be exploited by an outside device.

In a nutshell, SNMPv3 involves shared passwords between devices. The thinking is that you wouldn't want your router to have the password of the MARS box.

MARS does use SNMP to notify pre-defined users in the event of a high-level security incident.

Hope this helps.




Re: Can CS-MARS support SNMPv3?

Well, think about it. MARS is nothing

but a hardened customize Linux OS. All Linux

OS will let you configure snmpd with SNMPv3.

SNMPv3 has strong authentication and if you

configure your network properly, it should be

good enough.

If MARS does not accept inbound snmp traffic,

how does one go about monitoring this device

via to make sure that everything is working

properly? Guess what, even firewalls let

you configure snmp for monitoring, and you

don't think is an important device?

It does not make sense for MARS not to accept

inbound snmp if you ask me.


Re: Can CS-MARS support SNMPv3?

As far as I can tell MARS does accept incoming SNMP traps, but unfortunately only an SNMP community string can be used. I have been using this for all devices not touching the internet and configuring them with a read only string.

New Member

Re: Can CS-MARS support SNMPv3?

Thank you for your answers, guys. But I want define more precisely my question. If I tune snmp v3 on my network devieces. Is it possible to use snmp RO and RW community string from CS-MARS for recive and mitigate may network devices?