Configuring basic components
A filter rule has to be configured when the SNS firewall is to be queried in SNMP. Only monitoring servers must be allowed to query the SNS firewall will in SNMP, and only in read-only mode.
R50 | SNS-SMC | Filter SNMP queries
It is advisable to allow only monitoring servers to query SNS firewalls in SNMP, by using an adapted filter rule.
On an SNS firewall, the parameters Location(syslocation) and Contact(syscontact) found in the Configuration > Notifications > SNMP agent > General menu refer respectively to the physical location of the SNS firewall and the contact to use when a failure occurs. By configuring these parameters, it becomes easier to map SNS firewalls in monitoring and alarm tools.
R51 | SNS | Use SNMPv3
SNMP version 3 is recommended as it provides authentication and encryption mechanisms. SNMPv3 can be enabled in Configuration > Notifications > SNMP Agent > General.
By configuring the Connection to the SNMP agent field in the SNMPv3 tab on the SNS firewall, the algorithms and passwords used for authentication and encryption can be set.
R52 | SNS | Configure access to the SNMP agent
AES is recommended as the encryption algorithm, and SHA1 for hashing. This gives data exchanges an acceptable level of security that does not, however, comply with the RGS. Passwords must comply with the guide Recommendations relating to multifactor authentication and passwords (in French).
On an SNS firewall, when peers are entered in the List of SNMP servers field in the SNMPv3 tab in Notifications > SNMP agent > SNMPv3, the SNS firewall will send SNMP traps to them.
WARNING
SNMP traps that the SNS firewall sends are part of an implicit filter rule. This rule is included in the hosted services rule found in the Implicit rules menu. It is advisable to disable this rule in compliance with the chapter Implicit rules and to replace it with custom rules.