09-19-2005 06:45 AM - edited 03-09-2019 12:27 PM
As SNMP protocol vulnarabilities are well known,what are the best practices to implement to secure the network/routers etc
09-19-2005 08:10 PM
hi
1.Create a access list which permits your snmp server ip address to poll the equipments..
2.Create proper permission either RO or RW based on your requirement.
3.Create a strong unguessable community string which can be used to communicate with ur server.
4.You can also enable the location id,contact details and also the chasis id which may be ur serial number of that equipment which can be later used for easy identification purpose.
regds
09-19-2005 10:00 PM
we also create a lan-lan vpn tunnel between the device and the monitoring server
09-29-2005 06:46 PM
In case you haven't seen these yet, here are links to recommendations from the National Security Agency. SNMP is covered, as well as many other security topics. Interesting reading...
Router Security Configuration Guide, Executive Summary
http://www.nsa.gov/snac/routers/cisco_exec_sum.pdf
Router Security Configuration Guide
http://www.nsa.gov/snac/routers/cisco_scg-1.1b.pdf
Cisco IOS Switch Security Configuration Guide
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide