SNMP Configuration and Management Manual
Installing and Configuring the SNMP Agent
SNMP Configuration and Management Manual—424777-006
2-33
Security Scenarios for SNMP Managers Using
TCP/IP
Alternatively, you can simply alter the
default PROFILE entry and assign
READWRITE access to the “public”
community. In this case, you should also
alter the default host address to make it
more restrictive. (Otherwise, all SNMP
managers sending requests under the
“public” community can alter variables.)
Then activate the PROFILE entry.
STOP PROFILE
ALTER PROFILE
START PROFILE
Revoke Set privileges
from an SNMP
manager, but allow it
to retrieve
information.
Deactivate the authentication table entry for
the community under which the SNMP
manager has been sending requests. Alter
the SNMP manager’s access mode to
READONLY. Then reactivate the
authentication table entry.
The READONLY access will apply to all
managers using the community name. If
READONLY access is not acceptable, ask
the other SNMP administrators to
reconfigure their managers to send
requests under a different community name.
STOP PROFILE
ALTER PROFILE
START PROFILE
Revoke all access
privileges from an
SNMP manager.
Deactivate the authentication table entry for
the community under which the SNMP
manager has been sending requests.
The SNMP agent accepts no requests from
the SNMP manager.
STOP PROFILE
If more than one SNMP manager sends
requests under that community, alter the
host address to exclude the particular
manager. Then activate the entry.
STOP PROFILE
ALTER PROFILE
START PROFILE
If you cannot alter the host address to
exclude one manager, ask the other SNMP
administrators to reconfigure their
managers to send requests under a
different community name. Then add an
authentication table entry for the new
community and activate the entry.
STOP PROFILE
ADD PROFILE
START PROFILE
Table 2-3. Security Scenarios (page 2 of 2)
Scenario Tasks
Method
(SCF Commands)