cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
254
Views
0
Helpful
1
Replies
Beginner

remediate AS5400 regarding removal of old version of SNMP

Considering this gateway is not supported any longer, How can we remediate the vulnerability described below.

AS5400XM, Cisco IOS Software, 5400 Software (C5400-JK9S-M), Version 15.1(4)M6, RELEASE SOFTWARE (fc2)

Qualys vulnerability calls out the following actions(see my questions for each item):

*Disable or remove SNMPv1/2c authentication. - can this be done without affecting the gateway, if so, how do we do this.

*Use SNMP version 3 authentication - can we use this with our current version?

Workaround:

*As a temporary measure, block access to SNMP services at the network perimeter. - how is this done

*In situations where blocking or disabling SNMP is not possible,restrict all SNMP access to separate, isolated management       networks that are not publicly accessible. - again, how is this done

*If SNMP can not be used, look into third party applications / remote services that can be a replacement for SNMP. - what are our options on this gateway given it is no longer supported by Cisco.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: remediate AS5400 regarding removal of old version of SNMP

I don't think your question is in the right forum but to answer your question:
- Disable SNMP: In general disabling SNMP should not affect the main functionality of the device aside from remote management

- SNMPv3: You can try running 'snmp-server group' command and see if 'v3' is an option. This will show whether v3 is supported or not. More information here: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/command/nm-snmp-cr-book/nm-snmp-cr-s5.html#wp1853214142

The workaround listed below is suggesting limiting SNMP access to the device by using FW or filtering device that is present in front of the device.

1 REPLY 1
Highlighted
Cisco Employee

Re: remediate AS5400 regarding removal of old version of SNMP

I don't think your question is in the right forum but to answer your question:
- Disable SNMP: In general disabling SNMP should not affect the main functionality of the device aside from remote management

- SNMPv3: You can try running 'snmp-server group' command and see if 'v3' is an option. This will show whether v3 is supported or not. More information here: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/command/nm-snmp-cr-book/nm-snmp-cr-s5.html#wp1853214142

The workaround listed below is suggesting limiting SNMP access to the device by using FW or filtering device that is present in front of the device.