Snmpv1/snmpv2 community list, 98 snmp agent settings section components – HP Secure Key Manager User Manual

Table 98 SNMP Agent Settings section components

Component

Description

SNMP Agent IP

This field specifies the IP address on which SNMP is enabled. You can select “All” or

an individual IP address. We recommend that you specify an individual IP address.

SNMP Agent Port

This value specifies the port on which the SKM listens to requests from the NMS.

The default is 161.

Enable SNMP Traps By default, the SKM does not send SNMP traps. To enable the sending of SNMP

traps, check the Enable SNMP Traps box.

Edit

Click Edit to modify the SNMP agent settings.

SNMPv1/SNMPv2 Community List

As the name suggests, the SNMPv1/SNMPv2 Community List is used to configure the agent to

communicate with an NMS running either SNMPv1 or SNMPv2 software. You can think of this

section of the Communities & Usernames tab as the place where you define from which SNMPv1/v2

management stations the SKM receives SNMP MIB requests. Use this section to add, edit, or delete a

community on the SKM.

NOTE:

If you are configuring the agent to communicate with an NMS running SNMPv3 software, you can

disregard this section.

When creating a community on the SKM, it is a good security practice to secure agents by filtering all

SNMP requests by community name and source IP address. This filtering restricts where SNMP requests

are allowed to come from, and greatly reduces system vulnerability to outside attacks. In addition, it

is a good idea to use community names other than “public” and “private,” as these names are very

commonly used.

NOTE:

For security purposes, the SNMP community name is read–only. The set command is not allowed

on the SNMP agent.

Figure 119 Viewing the SNMPv1/SNMPv2 Community List section

The following table describes the components of the SNMPv1/SNMPv2 Community List section.

Secure Key Manager

193