cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2859
Views
0
Helpful
4
Replies

Security Pros and Cons with enable SNMP

reginaldjohnson
Level 1
Level 1

I have several Cisco devices and I recently purchased Solarwinds NPM. This software requires that SNMP be enable in order to mointor network devices and traffic.

Questions: if the snmp is enabled is enalbed on my Cisco equiptment is there any secuirty flaws that could give remote users access or infomations that could casues a security breach.

2 Accepted Solutions

Accepted Solutions

stephenshaw
Level 1
Level 1

Also, a couple of more items .... don't use the default community strings of "public" and "private." Plus implement an ACL on each network device that will limit SNMP access for the specific IP address of the Solarwinds server.

View solution in original post

Ganesh Hariharan
VIP Alumni
VIP Alumni

I have several Cisco devices and I recently purchased Solarwinds NPM. This software requires that SNMP be enable in order to mointor network devices and traffic.

Questions: if the snmp is enabled is enalbed on my Cisco equiptment is there any secuirty flaws that could give remote users access or infomations that could casues a security breach.

Hi,

The best way is to have a standard community string configured between the devices and server with version 3 selected which is encrypted also to have high level of security and with cisco switches you can also have acl with sepecifc server can poll the switch with configured read only community string.

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

View solution in original post

4 Replies 4

Hi,

The recommendation is to use SNMPv3 since it encrypts the traffic and requires authentication.

It provides greater security enhancements compared to the previous versions which provide little to no security at all.

Federico.

stephenshaw
Level 1
Level 1

Also, a couple of more items .... don't use the default community strings of "public" and "private." Plus implement an ACL on each network device that will limit SNMP access for the specific IP address of the Solarwinds server.

Ganesh Hariharan
VIP Alumni
VIP Alumni

I have several Cisco devices and I recently purchased Solarwinds NPM. This software requires that SNMP be enable in order to mointor network devices and traffic.

Questions: if the snmp is enabled is enalbed on my Cisco equiptment is there any secuirty flaws that could give remote users access or infomations that could casues a security breach.

Hi,

The best way is to have a standard community string configured between the devices and server with version 3 selected which is encrypted also to have high level of security and with cisco switches you can also have acl with sepecifc server can poll the switch with configured read only community string.

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

reginaldjohnson
Level 1
Level 1

Thanks. The info you guys provided was a big help.

Review Cisco Networking for a $25 gift card