Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
912
Views
0
Helpful
1
Replies

remediate AS5400 regarding removal of old version of SNMP

Go to solution
ttrothst1
Level 1
Level 1

‎06-27-2019 12:21 PM - edited ‎02-21-2020 11:07 AM

Considering this gateway is not supported any longer, How can we remediate the vulnerability described below.

AS5400XM, Cisco IOS Software, 5400 Software (C5400-JK9S-M), Version 15.1(4)M6, RELEASE SOFTWARE (fc2)

Qualys vulnerability calls out the following actions(see my questions for each item):

*Disable or remove SNMPv1/2c authentication. - can this be done without affecting the gateway, if so, how do we do this.

*Use SNMP version 3 authentication - can we use this with our current version?

Workaround:

*As a temporary measure, block access to SNMP services at the network perimeter. - how is this done

*In situations where blocking or disabling SNMP is not possible,restrict all SNMP access to separate, isolated management       networks that are not publicly accessible. - again, how is this done

*If SNMP can not be used, look into third party applications / remote services that can be a replacement for SNMP. - what are our options on this gateway given it is no longer supported by Cisco.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
howon
Cisco Employee
Cisco Employee

‎06-29-2019 12:01 AM

I don't think your question is in the right forum but to answer your question:
- Disable SNMP: In general disabling SNMP should not affect the main functionality of the device aside from remote management

- SNMPv3: You can try running 'snmp-server group' command and see if 'v3' is an option. This will show whether v3 is supported or not. More information here: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/command/nm-snmp-cr-book/nm-snmp-cr-s5.html#wp1853214142

The workaround listed below is suggesting limiting SNMP access to the device by using FW or filtering device that is present in front of the device.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
howon
Cisco Employee
Cisco Employee

‎06-29-2019 12:01 AM

I don't think your question is in the right forum but to answer your question:
- Disable SNMP: In general disabling SNMP should not affect the main functionality of the device aside from remote management

- SNMPv3: You can try running 'snmp-server group' command and see if 'v3' is an option. This will show whether v3 is supported or not. More information here: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/command/nm-snmp-cr-book/nm-snmp-cr-s5.html#wp1853214142

The workaround listed below is suggesting limiting SNMP access to the device by using FW or filtering device that is present in front of the device.

0 Helpful
Customers Also Viewed These Support Documents