Disable Unapproved SNMP Protocols (IB Switch)
By default, SNMPv1, SNMPv2c, and SNMPv3 are all enabled for the SNMP service
that is used to monitor and manage the IB switch. Ensure that older versions of
the SNMP protocol remain disabled unless required.
Note -
Version 3 of the SNMP protocol introduced support for the User-based
Security Model (USM). This functionality replaces the traditional SNMP
community strings with actual user accounts that can be configured with
specific permissions, authentication, and privacy protocols, and passwords.
By default, the IB switch does not include any USM accounts. Configure
SNMPv3 USM accounts based upon your own deployment, management, and
monitoring requirements.
-
Log into an IB switch as ilom-admin.
See Log Into an IB Switch.
-
Determine the status of each of the SNMP protocols.
-> show /SP/services/snmp v1 v2c v3
/SP/services/snmp
Properties:
v1 = enabled
v2c = enabled
v3 = enabled
-
If needed, disable SNMPv1 and SNMPv2c.
-> set /SP/services/snmp v1=disabled
-> set /SP/services/snmp v2c=disabled