Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1976
Views
0
Helpful
3
Replies

SNMP Security Best Practices

gaurav_saxena
Level 1
Level 1

‎09-19-2005 06:45 AM - edited ‎03-09-2019 12:27 PM

As SNMP protocol vulnarabilities are well known,what are the best practices to implement to secure the network/routers etc

Labels:
0 Helpful
3 Replies 3

spremkumar
Level 9
Level 9

‎09-19-2005 08:10 PM

hi

1.Create a access list which permits your snmp server ip address to poll the equipments..

2.Create proper permission either RO or RW based on your requirement.

3.Create a strong unguessable community string which can be used to communicate with ur server.

4.You can also enable the location id,contact details and also the chasis id which may be ur serial number of that equipment which can be later used for easy identification purpose.

regds

0 Helpful

jackko
Level 7
Level 7
In response to spremkumar

‎09-19-2005 10:00 PM

we also create a lan-lan vpn tunnel between the device and the monitoring server

0 Helpful

konigl
Level 7
Level 7

‎09-29-2005 06:46 PM

In case you haven't seen these yet, here are links to recommendations from the National Security Agency. SNMP is covered, as well as many other security topics. Interesting reading...

Router Security Configuration Guide, Executive Summary

http://www.nsa.gov/snac/routers/cisco_exec_sum.pdf

Router Security Configuration Guide

http://www.nsa.gov/snac/routers/cisco_scg-1.1b.pdf

Cisco IOS Switch Security Configuration Guide

http://www.nsa.gov/snac/os/switch-guide-version1_01.pdf

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents