Cisco Cisco Web Security Appliance S170 사용자 가이드
12-28
AsyncOS 9.2 for Cisco Web Security Appliances User Guide
Chapter 12 Perform System Administration Tasks
Monitoring System Health and Status Using SNMP
Monitoring System Health and Status Using SNMP
The AsyncOS operating system supports system status monitoring via SNMP (Simple Network
Management Protocol). (For more information about SNMP, see RFCs 1065, 1066, and 1067.)
Management Protocol). (For more information about SNMP, see RFCs 1065, 1066, and 1067.)
Please note:
•
SNMP is off by default.
•
SNMP SET operations (configuration) are not implemented.
•
AsyncOS supports SNMPv1, v2, and v3. For more information on SNMPv3, see RFCs 2571-2575.
•
Message authentication and encryption are mandatory when enabling SNMPv3. Passphrases for
authentication and encryption should be different. The encryption algorithm can be AES
(recommended) or DES. The authentication algorithm can be SHA-1 (recommended) or MD5. The
authentication and encryption should be different. The encryption algorithm can be AES
(recommended) or DES. The authentication algorithm can be SHA-1 (recommended) or MD5. The
snmpconfig
command “remembers” your passphrases the next time you run the command.
•
The SNMPv3 username is: v3get.
•
If you use only SNMPv1 or SNMPv2, you must set a community string. The community string does
not default to
not default to
public
.
•
For SNMPv1 and SNMPv2, you must specify a network from which SNMP GET requests are accepted.
•
To use traps, an SNMP manager (not included in AsyncOS) must be running and its IP address
entered as the trap target. (You can use a host name, but if you do, traps will only work if DNS
is working.)
entered as the trap target. (You can use a host name, but if you do, traps will only work if DNS
is working.)
MIB Files
MIB files are available from
Use the latest version of each MIB file.
There are multiple MIB files:
•
asyncoswebsecurityappliance-mib.txt — an SNMPv2 compatible description of the Enterprise MIB
for Web Security appliances.
for Web Security appliances.
•
ASYNCOS-MAIL-MIB.txt — an SNMPv2 compatible description of the Enterprise MIB for Email
Security appliances.
Security appliances.
•
IRONPORT-SMI.txt — This “Structure of Management Information” file defines the role of the
asyncoswebsecurityappliance-mib.
asyncoswebsecurityappliance-mib.
This release implements a read-only subset of MIB-II as defined in RFCs 1213 and 1907.
Enabling and Configuring SNMP Monitoring
To configure SNMP to gather system status information for the appliance, use the
snmpconfig
command
in the command-line interface (CLI). After you choose and configure values for an interface, the
appliance responds to SNMPv3 GET requests.
appliance responds to SNMPv3 GET requests.
When you use SNMP monitoring, keep the following points in mind:
> snmpwalk -v 3 -l AuthNoPriv -u v3get -a MD5 serv.example.com