Manualshelf

Release Notes K.12.12

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl 10/100-TX Module
11121314151617181920
10
Support Notes
Using SNMP To View and Configure Switch Authentication Features
Support Notes
Using SNMP To View and Configure Switch Authentication Features
Beginning with software release K.12.01, manager read/write access is available for a subset of the
SNMP MIB objects for switch authentication (hpSwitchAuth) features. That is, in the default state,
a device with management access to the switch can view the configuration for several authentication
features, and using SNMP sets, can change elements of the authentication configuration.
Security Note
In the default configuration for SNMP MIB object access, SNMP sets can be used to reconfigure
password and key MIB objects. This means that a device operating as a management station with
access to the switch can be used to change the SNMP MIB settings. This can pose a security risk if
the feature is used to incorrectly configure authentication features or to reconfigure authentication
features to unauthorized settings.
If you want to block the SNMP MIB object access described above, use the following command to
disable the feature:
ProCurve(config)# snmp-server mib hpswitchauthmib excluded
For more information on the above topic, refer to "Using SNMP To View and Configure Switch
Authentication Features" in the "RADIUS Authentication and Accounting" chapter of the Access
Security Guide for your switch. For an overview of the security features available on the switch,
refer to chapter 1, "Security Overview", in the Access Security Guide for your switch.
Known Issues
The following are Known Issues in release K.12.01 or newer, and are not yet resolved.
Resources (PR_1000388697) — When the switch is writing large files to flash (for
example, a transfer of a very large configuration or a software update), switch resources
may be impacted during the write operation, causing some potential loss of hello packets.
This may impact VRRP, OSPF or spanning tree protocol. In order to mitigate potentially
undesirable affects, updates to the switch software should be made during a scheduled
downtime. Increasing the hello interval of time sensitive protocols may also assist with
mitigation of this issue.