04-29-2010 12:23 PM - edited 03-06-2019 10:52 AM
I have several Cisco devices and I recently purchased Solarwinds NPM. This software requires that SNMP be enable in order to mointor network devices and traffic.
Questions: if the snmp is enabled is enalbed on my Cisco equiptment is there any secuirty flaws that could give remote users access or infomations that could casues a security breach.
Solved! Go to Solution.
04-29-2010 12:51 PM
Also, a couple of more items .... don't use the default community strings of "public" and "private." Plus implement an ACL on each network device that will limit SNMP access for the specific IP address of the Solarwinds server.
04-30-2010 01:36 AM
I have several Cisco devices and I recently purchased Solarwinds NPM. This software requires that SNMP be enable in order to mointor network devices and traffic.
Questions: if the snmp is enabled is enalbed on my Cisco equiptment is there any secuirty flaws that could give remote users access or infomations that could casues a security breach.
Hi,
The best way is to have a standard community string configured between the devices and server with version 3 selected which is encrypted also to have high level of security and with cisco switches you can also have acl with sepecifc server can poll the switch with configured read only community string.
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
04-29-2010 12:28 PM
Hi,
The recommendation is to use SNMPv3 since it encrypts the traffic and requires authentication.
It provides greater security enhancements compared to the previous versions which provide little to no security at all.
Federico.
04-29-2010 12:51 PM
Also, a couple of more items .... don't use the default community strings of "public" and "private." Plus implement an ACL on each network device that will limit SNMP access for the specific IP address of the Solarwinds server.
04-30-2010 01:36 AM
I have several Cisco devices and I recently purchased Solarwinds NPM. This software requires that SNMP be enable in order to mointor network devices and traffic.
Questions: if the snmp is enabled is enalbed on my Cisco equiptment is there any secuirty flaws that could give remote users access or infomations that could casues a security breach.
Hi,
The best way is to have a standard community string configured between the devices and server with version 3 selected which is encrypted also to have high level of security and with cisco switches you can also have acl with sepecifc server can poll the switch with configured read only community string.
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
04-30-2010 04:54 AM
Thanks. The info you guys provided was a big help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide