Configuring the SNMP Security Policy

This section describes how to configure the SNMP security policy for system security.

Context

Only super administrators and administrators can configure the SNMP security policy.

Procedure

  1. Choose Settings > SNMP Management > SNMP Security Policy.

  2. Configure the SNMP security policy.

    1. Set SNMP security policy parameters. Table 1 describes related parameters.
      Table 1 SNMP security policy parameters

      Parameter

      Description

      Min. Password Length

      Minimum length of a community and USM user password, which prevents an excessively short password from being set. The value must be an integer ranging from 8 to 32.

      Max. Password Length

      Maximum length of a community and USM user password, which prevents an excessively long password from being set. The value must be an integer ranging from 8 to 32.

      Password Complexity

      Complexity of a community and USM user password, which prevents an excessively simple password from being set.

      Possible options are as follows:
      • Containing at least one special character (!"#$%&\'()*+,-./:;<=>?@[\]^`{_|}~ and space), uppercase letter, lowercase letter, and digit
      • Containing at least one special character (!"#$%&\'()*+,-./:;<=>?@[\]^`{_|}~ and space) and any two types of uppercase letters, lowercase letters, and digits
      • Containing at least one of the following types: special character (!"#$%&\'()*+,-./:;<=>?@[\]^`{_|}~ and space), uppercase letter, lowercase letter, and digit

      Allow the authentication password and data encryption password to be the same

      Whether to allow the authentication password and data encryption password to be the same.

      Allow the USM user name and password to be the same

      Whether to allow the USM user name and password to be the same.

      Set different read and write community strings

      Whether to set different read and write community strings.

      Statistic Collection Interval of Authentication Failures (s)

      Number of authentication failures within the configured period. The value ranges from 1 to 600, in units of seconds.

      Allowed Consecutive Authentication Failures

      Allowed number of consecutive authentication failures. An IP address will be locked as soon as the value is reached. The value ranges from 3 to 100.

      IP Address Lockout Time (s)

      Duration for which an IP address remains locked. The value ranges from 10 to 3600, in units of seconds.
    2. Click Save.

Parent topic: Managing the SNMP Service