Advertisement
In this case study:
Each Cisco IOS device is identified by a fixed and stable loopback IP address for network
management purposes. The IP address functions as an device ID.
One block of loopback IP addresses is used to simplify IP-security filtering at the NOC. This
technique protects the NOC from devices that should not access management services, such as
TACACS+, RADIUS, syslog, and SNMP.
The dial NMS environment interfaces with SNMP through these applications:
`
UCD-SNMP
`
SNMP Commander
`
Multi-Router Traffic Grapher (MRTG)
`
HP OpenView (HPOV)
`
Cisco Works 2000 Resource Manager Essentials (CW2000 RME)
Avoid using well-known community strings, such as "public," "private," or "cisco."
These strings are easily guessed and leave your device open to malicious attacks or
inadvertent access. To further enhance SNMP security, apply access lists to the community
strings.
Advertisement
