Cisco Cisco Firepower Management Center 4000
50-21
FireSIGHT System User Guide
Chapter 50 Managing System Policies
Configuring a System Policy
Configuring SNMP Polling
License:
Any
You can enable Simple Network Management Protocol (SNMP) polling of an appliance using the system
policy. The SNMP feature supports use of versions 1, 2, and 3 of the SNMP protocol.
policy. The SNMP feature supports use of versions 1, 2, and 3 of the SNMP protocol.
This feature allows access to:
•
the standard management information base (MIB) for the appliance, which includes system details
such as contact, administrative, location, service information, IP addressing and routing
information, and transmission protocol usage statistics
such as contact, administrative, location, service information, IP addressing and routing
information, and transmission protocol usage statistics
•
additional MIBs for managed devices that include statistics on traffic passing through physical
interfaces, logical interfaces, virtual interfaces, ARP, NDP, virtual bridges, and virtual routers
interfaces, logical interfaces, virtual interfaces, ARP, NDP, virtual bridges, and virtual routers
Note that enabling the system policy SNMP feature does not cause the appliance to send SNMP traps; it
only makes the information in the MIBs available for polling by your network management system.
only makes the information in the MIBs available for polling by your network management system.
Note
You must add SNMP access for any computer you plan to use to poll the appliance. For more
information, see
information, see
. Note that the SNMP MIB
contains information that could be used to attack your appliance. Cisco recommends that you restrict
your access list for SNMP access to the specific hosts that will be used to poll for the MIB. Cisco also
recommends you use SNMPv3 and use strong passwords for network management access.
your access list for SNMP access to the specific hosts that will be used to poll for the MIB. Cisco also
recommends you use SNMPv3 and use strong passwords for network management access.
To configure SNMP polling:
Access:
Admin
Step 1
Select
System > Local > System Policy
.
The System Policy page appears.
Step 2
You have the following options:
•
To modify the SNMP polling settings in an existing system policy, click the edit icon (
) next to
the system policy.
•
To configure the SNMP polling settings as part of a new system policy, click
Create Policy
.
Provide a name and description for the system policy as described in
, and click
Create
.
In either case, the Access List page appears.
Step 3
If you have not already added SNMP access for each computer you plan to use to poll the appliance, do
so now. For more information, see
so now. For more information, see
.
Step 4
Click
SNMP
.
The SNMP page appears.
Step 5
From the
SNMP Version
drop-down list, select the SNMP version you want to use.
The drop-down list displays the version you selected.
Step 6
You have the following options:
•
If you selected
Version 1
or
Version 2
, type the SNMP community name in the
Community String
field.
.
•
If you selected
Version 3
, click
Add User
to display the user definition page.