Managing network security notifications, Managing network security notifications -26 – HP 2910AL User Manual
Page 354
Configuring for Network Management Applications
Using SNMP Tools To Manage the Switch
An example of how to configure SNMPv3 notification is shown here:
The tag _name value in snmpv3 notify command matches the
tag _name value in the snmpv3 targetaddress command.
Params _name value in the snmpv3 targetaddress command
matches the params _name value in the snmpv3 params
command.
Configuring the security model ver3 requires you to configure
message processing ver3 and a security service level.
Figure 14-10. Example of an SNMPv3 Notification Configuration
Managing Network Security Notifications
By default, a switch is enabled to send the SNMP notifications listed in
“Supported Notifications” on page 14-17 when a network security event (for
example, authentication failure) occurs. However, before security
notifications can be sent, you must first configure one or more trap receivers
or SNMPv3 management stations as described in:
■
“Configuring an SNMP Trap Receiver” on page 14-19
■
“Configuring SNMPv3 Notifications” on page 14-23
You can manage the default configuration of the switch to disable and re-
enable notifications to be sent for the following types of security events:
■
ARP protection events
■
Unable to establish a connection with the RADIUS or TACACS+ authen
tication server
■
DHCP snooping events
■
Link change notification
■
Invalid password entered in a login attempt through a direct serial, Telnet,
or SSH connection
■
Manager password changes
■
Port-security (web, MAC, or 802.1X) authentication failure
■
SNMP authentication failure
14-26