Configuring the SNMP Security Policy

This operation enables you to configure the SNMP security policy for system security.

Procedure

  1. Choose Settings > System Settings > SNMP Security Policy,
  2. Configure the SNMP security policy.

    1. Set SNMP security policy parameters. Table 1 describes related parameters.
      Table 1 SNMP security policy parameters

      Parameter

      Description

      Min. Password Length

      Indicates the minimum password length of a USM user, which prevents an excessively short password from being set. The value must be an integer ranging from 4 to 32.

      Max. Password Length

      Indicates the maximum password length of a USM user, which prevents an excessively long password from being set. The value must be an integer ranging from 4 to 32.

      Password Complexity

      Indicates the password complexity, which prevents an excessively simple password from being set.

      Possible options are as follows:
      • Containing at least one special character (!"#$%&\'()*+,-./:;<=>?@[\]^`{_|}~ and space), uppercase letter, lowercase letter, and digit
      • Containing at least one special character (!"#$%&\'()*+,-./:;<=>?@[\]^`{_|}~ and space) and any two types of uppercase letters, lowercase letters, and digits
      • Containing at least one of the following types: special character (!"#$%&\'()*+,-./:;<=>?@[\]^`{_|}~ and space), uppercase letter, lowercase letter, and digit

      Allow the authentication password and data encryption password to be the same

      Indicates whether to allow the authentication password and data encryption password to be the same.

      Allow the USM user name and password to be the same

      Indicates whether to allow the USM user name and password to be the same.

      Set different read and write community strings

      Indicates whether to set different read and write community strings.

      Statistic Collection Interval of Authentication Failures (s)

      Indicates a period within which the number of authentication failures is counted. The value ranges from 1 to 600, in units of seconds.

      Allowed Consecutive Authentication Failures

      Indicates the allowed number of consecutive authentication failures. An IP address will be locked as soon as the value is exceeded. The value ranges from 3 to 100.

      IP Address Lockout Time (s)

      Indicates the duration for which an IP address remains locked. The value ranges from 10 to 3600, in units of seconds.
    2. Click Save.

Parent topic: Managing the SNMP Service