HP ProCurve 9304M Security Manual page 155

Routing switches

Hide thumbs Also See for ProCurve 9304M:

Management and configuration manual (690 pages)

Installation and configuration manual (504 pages)

Installation and getting started manual (348 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

page of 172

/ 172
Contents
Table of Contents
Bookmarks

Table of Contents

Simple Network Management Protocol (SNMP) is a set of protocols for managing complex networks. SNMP

sends messages, called protocol data units (PDUs), to different parts of a network. SNMP-compliant devices,

called agents, store data about themselves in Management Information Bases (MIBs) and return this data to the

SNMP requesters.

The chapter "Securing Access to Management Functions" on page 2-1 introduced a few methods used to secure

SNMP access. They included the following:

•

"Using ACLs to Restrict SNMP Access" on page 2-5

•

"Restricting SNMP Access to a Specific IP Address" on page 2-8

•

"Restricting SNMP Access to a Specific VLAN" on page 2-9

•

"Disabling SNMP Access" on page 2-11

This chapter presents additional methods for securing SNMP access to HP devices. It contains the following

sections:

•

"Establishing SNMP Community Strings" on page 10-1

•

"Using the User-Based Security Model" on page 10-5

•

"Defining SNMP Views" on page 10-10

Restricting SNMP access using ACL, VLAN, or a specific IP address constitute the first level of defense when the

packet arrives at an HP device. The next level uses one of the following methods:

•

Community string match In SNMP versions 1 and 2

•

User-based model in SNMP version 3

SNMP views are incorporated in community strings and the user-based model.

Establishing SNMP Community Strings

SNMP versions 1 and 2 use community strings to restrict SNMP access. The default passwords for Web

management access are the SNMP community strings configured on the device.

•

The default read-only community string is "public". To open a read-only Web management session, enter

"get" and "public" for the user name and password.

•

There is no default read-write community string. Thus, by default, you cannot open a read-write management

session using the Web management interface. You first must configure a read-write community string using

the CLI. Then you can log on using "set" as the user name and the read-write community string you configure

June 2005

Securing SNMP Access

Chapter 10

10 - 1

Table of Contents

This manual is also suitable for:

J4139aProcurve 9308mJ4874a Procurve 9408sl J4138a J8680a ... Show all

HP ProCurve 9304M Security Manual page 155

Related Manuals for HP ProCurve 9304M

Related Products for HP ProCurve 9304M

This manual is also suitable for:

Table of Contents