There are significant differences between versions 1/2/3 that you need to explore this policy would be inappropriate for clear text v.1, but might be an acceptable risk to your company for v.3 that is encrypted and has further controls.
Chad Lorenc Information Security Officer Ent "Where You Belong." 7250 Campus Drive, C/S, CO 80920 800-525-9623 ext 6522 (719) 574-1100 local (719)-388-9080 Fax -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 08, 2006 3:57 PM To: Subject: SNMP service We could us some guidance regarding SNMP. Below is the requirements we were given and our proposed approach. What if any issues do you see with our approach? Have you implemented something like this in your environment, and if so, how many devices do you have conforming to a similar requirement? Requirements: Using one standard community name, enable SNMP read capabilities on all devices supporting SNMP services throughout the corporate network, while mitigating risk of any known vulnerability. Approach: On all supported platforms (i.e. Windows, Solaris, Linux, AIX, etc.) configure the SNMP Service using a unique community name with read only rights and configure the community .name to accept packets from specified trusted hosts. thanks, kathy --------------------------------------------------------------------------- --------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
