Download Print this page

HP ProCurve J8766A Release Note: Snmp Access (simple Network Management Protocol)

Hp procurve j8766a: release note.
Hide thumbs

Advertisement

Enforcing Switch Security
Switch Management Access Security

SNMP Access (Simple Network Management Protocol)

In the default configuration, the switch is open to access by management stations running SNMP
management applications capable of viewing and changing the settings and status data in the switch's
MIB (Management Information Base). Thus, controlling SNMP access to the switch and preventing
unauthorized SNMP access should be a key element of your network security strategy.
General SNMP Access to the Switch. The switch supports SNMP versions 1, 2c, and 3, including
SNMP community and trap configuration. The default configuration supports versions 1 and 2c
compatibility, which uses plain text and does not provide security options. ProCurve recommends
that you enable SNMP version 3 for improved security. SNMPv3 includes the ability to configure
restricted access and to block all non-version 3 messages (which blocks version 1 and 2c unprotected
operation). SNMPv3 security options include:
configuring device communities as a means for excluding management access by
unauthorized stations
configuring for access authentication and privacy
reporting events to the switch CLI and to SNMP trap receivers
restricting non-SNMPv3 agents to either read-only access or no access
co-existing with SNMPv1 and v2c if necessary
For more on SNMPV3, refer to the next subsection and to the chapter titled "Configuring for
Network Management Applications" in the Management and Configuration Guide for your switch.
SNMP Access to the Switch's Authentication Configuration MIB. A management station
running an SNMP networked device management application such as ProCurve Manager Plus
(PCM+) or HP OpenView can access the switch's management information base (MIB) for read access
to the switch's status and read/write access to the switch's configuration. In earlier software versions,
SNMP access to the switch's authentication configuration (hpSwitchAuth) MIB was not allowed.
However, beginning with software release L.10.20, the switch's default configuration allows SNMP
access to security settings in hpSwitchAuth. If SNMP access to the hpSwitchAuth MIB is considered
a security risk in your network, then you should implement the following security precautions when
downloading and booting from software release L.10.20 or greater:
1.
If SNMP access to the authentication configuration (hpSwitchAuth) MIB described above and
in the section titled
51) is not desirable for your network, then immediately after downloading and booting from the
L.10.20 or greater software for the first time, use the following command to disable this feature:
snmp-server mib hpswitchauthmib excluded
10
"Using SNMP To View and Configure Switch Authentication Features"
(page

Advertisement

   Related Manuals for HP ProCurve J8766A

   Related Content for HP ProCurve J8766A

This manual also for:

Procurve 4200vl

Comments to this Manuals

Symbols: 0
Latest comments: