Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SNMP Security Best Practices

As SNMP protocol vulnarabilities are well known,what are the best practices to implement to secure the network/routers etc

3 REPLIES

Re: SNMP Security Best Practices

hi

1.Create a access list which permits your snmp server ip address to poll the equipments..

2.Create proper permission either RO or RW based on your requirement.

3.Create a strong unguessable community string which can be used to communicate with ur server.

4.You can also enable the location id,contact details and also the chasis id which may be ur serial number of that equipment which can be later used for easy identification purpose.

regds

Gold

Re: SNMP Security Best Practices

we also create a lan-lan vpn tunnel between the device and the monitoring server

Gold

Re: SNMP Security Best Practices

In case you haven't seen these yet, here are links to recommendations from the National Security Agency. SNMP is covered, as well as many other security topics. Interesting reading...

Router Security Configuration Guide, Executive Summary

http://www.nsa.gov/snac/routers/cisco_exec_sum.pdf

Router Security Configuration Guide

http://www.nsa.gov/snac/routers/cisco_scg-1.1b.pdf

Cisco IOS Switch Security Configuration Guide

http://www.nsa.gov/snac/os/switch-guide-version1_01.pdf

464
Views
0
Helpful
3
Replies