Configuring SNMP Security

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

There is no specific command that you use to enable SNMP. To configure SNMP support, perform the tasks described in the following steps, only the first two steps are mandatory:

1.Enable the SNMP community string to define the relationship between the network
management station and the agent with the following command:

snmp−server community {ro|rw} {number}

The number value references an optional access−list.

2.Use this command to configure the router to send traps to an NMS host:

snmp−server host host [version {1|2c}]


3.Configure the type of traps for which a notification is sent to the NMS. You do so with the following command:

snmp−server enable traps [notification type] –
[notification option]

4.Set the system contact, location, and serial number. You can set the systems contact with the snmp−server contact [text] command. You set the location with the snmp−server location [text] command, and you set the serial number with the snmp−server chassis−id [text] command.

5.Use the access−list command to specify a list of hosts that are allowed read−, read/write, or write−only access to the router.

The picture below: shows Router 1, which is configured to allow SNMP read−only access and read/write access from two separate hosts. Router 1 is also configured to send SNMP trap information to the same two hosts. The following lines show how Router 1 should be configured so SNMP access from both host 192.168.10.1 and 192.168.10.2 is allowed and SNMP trap information is sent to both hosts:

access−list 12 permit 192.168.10.1
access−list 13 permit 192.168.10.2
snmp−server contact VISA
snmp−server location Network Engineers
snmp−server chassis−id 200000444
snmp−server community observe RO 12
snmp−server community adjust RW 13
snmp−server host 192.168.10.1 observe snmp
snmp−server host 192.168.10.2 adjust snmp

Router 1 configured for SNMP

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

Securing your network with SNMP

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

After my previous post about Physical and Logical security, today I want to show you about securing the network with SNMP.

What is SNMP?

SNMP stands for Simple Network Management Protocol, is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It is used in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is alsow known as an application−layer protocol that helps to facilitate the exchange of management information between network devices. SNMP helps network administrators to manage network performance, and troubleshoot network problems, and plan for network growth.

3 basic components of SNMP:

An SNMP-managed network consists of three key components:

1. Managed devices: A managed device is a network node that contains an SNMP agent and that resides on a managed network. Managed devices collect and store management information and make this information available to NMSs using SNMP. Managed devices, sometimes called network elements, can be any type of device including, but not limited to, routers, access servers, switches, bridges, hubs, IP telephones, computer hosts, and printers.

2. Agents: An agent is a network-management software module that resides in a managed device. An agent has local knowledge of management information and translates that information into a form compatible with SNMP.

3. Network-management stations (NMSs): An NMS executes applications that monitor and control managed devices.NMSs provide the bulk of the processing and memory resources required for network management. One or more NMSs may exist on any managed network.

An SNMP managed device has various access levels:

+Read−only: Allows read access of the Management Information Base (MIB) on the managed device.

+Read/write: Allows read and write access of the Management Information Base on the managed device.

+Write−only: Allows write access of the Management Information Base on the managed
device.

Cisco IOS software supports 3 versions of SNMP: SNMPv1, SNMPv2c, and SNMPv3.

SNMPv1 and SNMPv2c

These two versions use a community based form of security. The group of managers eables to access the agent is defined by an access list and password.

How about SNMPv2c?

SNMPv2c support includes a bulk retrieval echanism and more detailed error message reporting to management stations. The bulk retrieval mechanism supports the retrieval of large quantities of information, minimizing the number of polls required. The SNMPv2c improved error handling support includes a larger number of error codes that distinguish different kinds of error conditions. Error return codes in SNMPv2c report the error type.

How is SNMPv3?

SNMPv3 provides for both security models and security levels. A security model is an authentication strategy that is set up for a user and the group in which the user resides. A security level is the permitted level of security within a security model. A combination of a security model and a security level will determine which security mechanism is employed when an SNMP packet is handled.

==>You can read more about SNMP at http://www.cisco.com/en/US/docs/internetworking/technology/handbook/SNMP.html

Other sites you may want to see:

Entertainment on Flixya: http://visalittleboy.flixya.com/
WWE: http://visa-wwe.blogspot.com/
The Kingdom of Wonder: http://welcome2cambodia.blogspot.com/
Daily Blogging: http://visablogging.blogspot.com/
Love Sharing: http://visa-love.blogspot.com/
NetworkSecurity: http://networksecuritynotes.blogspot.com/
About Insurance:http://visa-insurance.blogspot.com
All about Love: http://visa-love.blogspot.com/
Learning English Online: http://visa-elb.blogspot.com/
Discovery Internet: http://visa-isp.blogspot.com/

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner