Viewing the snmpv1/snmpv2 community list section, Snmpv1/snmpv2 community list section components – HP Secure Key Manager User Manual

Page 213

Advertising
background image

NOTE:

If you are configuring the agent to communicate with an NMS running SNMPv3 software, you can
disregard this section.

When creating a community on the SKM, it is a good security practice to secure agents by filtering
all SNMP requests by community name and source IP address. This filtering restricts where SNMP
requests are allowed to come from, and greatly reduces system vulnerability to outside attacks. In
addition, it is a good idea to use community names other than “public” and “private,” as these names
are very commonly used.

NOTE:

For security purposes, the SNMP community name is read–only. The set command is not allowed on
the SNMP agent.

Figure 119 Viewing the SNMPv1/SNMPv2 Community List section

The following table describes the components of the SNMPv1/SNMPv2 Community List section.

Table 100 SNMPv1/SNMPv2 Community List section components

Description

Component

Community names can contain only alphanumeric characters and punctuation marks
and they cannot contain non–printing characters and whitespaces. Community names
cannot exceed 64 characters.

Community Name

IP address(es) allowed to access the agent. You can enter a specific IP address range,
or you can enter a value of “any”. If you are listing a specific IP address, you must also
include the Subnet Mask. Separate the IP address and Subnet Mask with a slash (/). If
you are entering multiple IP address/Subnet Mask pairs, you must separate each IP
address/Subnet Mask pair with a comma (,).

IMPORTANT:

We recommend that you limit access to the agent to particular IP addresses.

Source IP/Subnet
Mask(s)

Enterprise: Contains caching, SSL, CPU utilization, and operational statistics.

Standard: Also known as MIB–II, the standard MIB contains information on network
interface utilization, system health, and statistics for IP, TCP, ICMP, UDP, and SNMP.

MIB Access

Click Edit to change the community name, source IP/subnet mask, or the MIB access for
the community.

Edit

Click Add to add a community to the SKM.

Add

Click Delete to remove a selected community from the SKM.

Delete

Secure Key Manager

213

Advertising
Popular Brands
Popular manuals