48-7
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter48 Configuring Device Access Settings on Firewall Devices
Configuring SNMP
Field Reference
Configuring SNMP
Simple Network Management Protocol (SNMP) defines a standard way for network management
stations running on PCs or workstations to monitor the health and status of many types of devices,
including switches, routers and security appliances. You can use the SNMP page to configure a firewall
device for monitoring by SNMP management stations.
The Simple Network Management Protocol (SNMP) enables monitoring of network devices from a
central location. Cisco security appliances support network monitoring using SNMP versions 1 and 2c,
as well as traps and SNMP read access; SNMP write access is not supported.
You can configure a security appliance to send “traps” (event notifications) to a network management
station (NMS), or you can use the NMS to browse the management information bases (MIBs) on the
security appliance. Use CiscoWorks for Windows or any other SNMP MIB-II-compliant browser to
receive SNMP traps and browse a MIB.
The security appliance has an SNMP agent that notifies designated management stations if specified
events occur, for example, when a link in the network goes up or down. The notification includes an
SNMP system object ID (OID), identifying the device to the management stations. The security
appliance SNMP agent also replies when a management station asks for information.
SNMP MIBs and OIDs
An SNMP trap reports significant events occurring on a network device, most often errors or failures.
SNMP traps are defined in Management Information Bases (MIBs), which can be either standard or
enterprise-specific.
Standard traps and MIBs are created by the Internet Engineering Task Force (IETF) and documented in
various RFCs. Standard traps are compiled into the security appliance software. If needed, you can also
download RFCs, standard MIBS, and standard traps from the IETF website: http://www.ietf.org/.
For Cisco MIB files and OIDs, refer to:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml. OIDs may be downloaded from this
FTP site: ftp://ftp.cisco.com/pub/mibs/oid/oid.tar.gz.
This section contains the following topics:
SNMP Terminology, page 48-8
SNMP Page, page 48-8
Table48-6 Add and Edit Host Dialog Boxes
Element Description
Interface Enter or Select the name of the device interface on which SSH
connections are permitted.
IP Addresses Enter the name or IP address for each host or network that is permitted
to establish an SSH connection with the security device on the specified
interface; use commas to separate multiple entries. You also can click
Select to select Networks/Hosts objects from a list.