Adding snmp read and write hosts, Adding snmp read and write hosts -22 – Lucent Technologies PortMaster User Manual

Configuring SNMP

3-22

PortMaster Configuration Guide

information can be set on the SNMP agent. The default write community string is
private. Community strings must be set on SNMP agents so that configuration
information is not changed by unauthorized users.

To use this feature, you must set both a read community string and a write community
string for your network.

To set SNMP read and write community strings, use the following command:

Command> set snmp readcommunity|writecommunity String

Note – Use of the default write community string—private—is strongly discouraged.
Because it is the default, it is known to all users and therefore provides no security. Use
another value for the write community string.

Adding SNMP Read and Write Hosts

PortMaster products allow you to control SNMP security by specifying the IP addresses
of the hosts that are allowed to access SNMP information. The specification of read and
write hosts allows another level of security beyond the community strings. If SNMP
hosts are specified, each host attempting to access SNMP information must not only
possess the correct community string, it must also be on the read or write host list. This
additional level of security allows only authorized SNMP managers to access or change
sensitive MIB information.

You can also specify a list of hosts allowed to read or write SNMP information. You can
permit all hosts or you can deny all hosts.

Note – Permitting all hosts to read and write SNMP information can compromise
security and is not recommended.

To add SNMP read and write hosts, use the following command:

Command> add snmphost reader|writer any|none|Ipaddress

To delete read and write hosts, use the following command:

Command> delete snmphost reader|writer Ipaddress

✍

✍