Filter
Top Products
6
254 Nokia Network Voyager for IPSO 4.0 Reference Guide
SNMP query operations. In this case, you might have to delete the FloodGate package from
your system.
Enabling SNMP and Selecting the Version
The SNMP daemon is enabled by default. If you choose to use SNMP, configure it according to
your security requirements. At minimum, you must change the default community string to
something other than public. You should also select SNMPv3, rather than the default v1/v2/v3, if
your management station supports it.
Caution
If you do not plan to use SNMP to manage the network, disable it. Enabling SNMP opens
potential attack vectors for surveillance activity by enabling an attacker to learn about the
configuration of the device and the network.
You can choose to use all versions of SNMP (v1, v2, and v3) on your system or to allow
SNMPv3 access only. If your management station supports v3, select to use only v3 on your
IPSO system. SNMPv3 limits community access; only requests from users with enabled
SNMPv3 access are allowed and all other requests are rejected.
To enable or disable SNMP
1. Choose SNMP under Configuration in the tree view.
2. Select Yes or No for Enable SNMP Daemon.
3. If you are enabling SNMP, click Apply.
The SNMP configuration options appear.
Caution
To run the Check Point and SNMP daemons simultaneously, you must start the Check
Point SNMP daemon after you start VPN-1/Firewall NG. If you start the Check Point
SNMP daemon before you start VPN-1FireWall-1 NG, the IPSO daemon does not start.
4. From the SNMP version drop-down list, select the version of SNMP to run:
SNMPv1/v2/v3
Select this option if your management station does not support SNMPv3.
SNMPv3
Select this option if your management station supports v3. SNMPv3 provides a higher
level of security than v1 or v2.
5. If you selected v1/v2/v3, enter a new read-only community string under Community Strings.
This is a basic security precaution that you should always take.