Cisco Cisco Web Security Appliance S170 사용자 가이드
18-10
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 18 Generate Reports to Monitor End-user Activity
SNMP Monitoring
•
For SNMPv1 and SNMPv2, you must specify a network from which SNMP GET requests are accepted.
•
To use traps, an SNMP manager (not included in AsyncOS) must be running and its IP address
entered as the trap target. (You can use a host name, but if you do, traps will only work if DNS
is working.)
entered as the trap target. (You can use a host name, but if you do, traps will only work if DNS
is working.)
Use the
snmpconfig
command to configure SNMP system status for the appliance. After you choose and
configure values for an interface, the appliance responds to SNMPv3 GET requests. These version 3
requests must include a matching passphrase. By default, version 1 and 2 requests are rejected. If
enabled, version 1 and 2 requests must have a matching community string.
requests must include a matching passphrase. By default, version 1 and 2 requests are rejected. If
enabled, version 1 and 2 requests must have a matching community string.
MIB Files
Cisco provides “enterprise” MIBs for Email and Web Security appliances as well as a “Structure of
Management Information” (SMI) file:
Management Information” (SMI) file:
•
asyncoswebsecurityappliance-mib.txt — an SNMPv2 compatible description of the Enterprise MIB
for Web Security appliances.
for Web Security appliances.
•
ASYNCOS-MAIL-MIB.txt — an SNMPv2 compatible description of the Enterprise MIB for Email
Security appliances.
Security appliances.
•
IRONPORT-SMI.txt — defines the role of the asyncoswebsecurityappliance-mib.
These files are available on the documentation CD included with your Cisco Web Security Appliance
appliance. You can also find these files here:
appliance. You can also find these files here:
http://www.cisco.com/en/US/customer/products/ps10164/tsd_products_support_series_home.h
tml
SNMP Traps
SNMP provides the ability to send traps, or notifications, to advise an administration application when one
or more conditions have been met. Traps are network packets that contain data relating to a component of
the system sending the trap. Traps are generated when a condition has been met on the SNMP agent (in this
case, the Cisco Web Security Appliance appliance). After the condition has been met, the SNMP agent then
forms an SNMP packet and sends it over port 162, the standard SNMP trap port. In the example below, the
trap target of
or more conditions have been met. Traps are network packets that contain data relating to a component of
the system sending the trap. Traps are generated when a condition has been met on the SNMP agent (in this
case, the Cisco Web Security Appliance appliance). After the condition has been met, the SNMP agent then
forms an SNMP packet and sends it over port 162, the standard SNMP trap port. In the example below, the
trap target of
10.1.1.29
and the Trap Community string are entered. This is the host running the SNMP
management console software that will receive the SNMP traps from the appliance.
You can configure SNMP traps (enable or disable specific traps) when you enable SNMP for an
interface. To specify multiple trap targets: when prompted for the trap target, you may enter up to 10
comma separated IP addresses.
interface. To specify multiple trap targets: when prompted for the trap target, you may enter up to 10
comma separated IP addresses.
CLI Example
In this example, the
snmpconfig
command is used to enable SNMP on the “PublicNet” interface on port
161. A passphrase for version 3 is entered and then re-entered for confirmation. The system is configured
to service version 1 and 2 requests, and the community string
to service version 1 and 2 requests, and the community string
public
is entered for GET requests from
those versions 1 and 2. The trap target of
10.1.1.29
is entered. Finally, system location and contact
information is entered.
example.com> snmpconfig
Current SNMP settings:
SNMP Disabled.