Disable Unapproved SNMP Protocols
By default, SNMPv1 and SNMPv2c are enabled on the ZFS storage appliance. The
ZFS storage appliance supports SNMPv1/v2c across all supported versions of the
product. Starting with version 2013.1.2, the ZFS storage appliance also supports
SNMPv3.
Note -
Version 3 of the SNMP protocol introduced support for the USM (User-based
Security Model). This functionality replaces the traditional SNMP community
strings with actual user accounts that can be configured with specific
permissions, authentication, and privacy protocols, and passwords. By
default, the ZFS storage appliance does not include a user name or password
for the integrated (read-only) USM account. For security purposes, configure
the USM credentials and protocols based upon deployment, management, and
monitoring requirements.
Ensure that unused or older versions of the SNMP protocol are disabled unless
they are required.
-
Log in to the ZFS storage appliance.
See Log into the ZFS Storage Appliance.
-
Determine which version of the SNMP protocol is used by the device.
hostname:> configuration services snmp get version
version = v2
-
Enable the use of SNMPv3 (if available).
The use of SNMPv1/v2c and SNMPv3 is mutually exclusive, so when you enable
SNMPv3, SNMPv1/v2c are disabled.
hostname:> configuration services snmp set version=v3
version = v3
-
Verify the version of SNMP.
hostname:> configuration services snmp get version
version = v3