Setting an IP SNMP ACL Policy

SNMP performs network management functions using a data structure called a Management Information Base (MIB). SNMP is widely implemented but not very secure, because it uses only text community strings for accessing controller or service platform configuration files.

Use SNMP ACLs to help reduce SNMP‘s vulnerabilities, as SNMP traffic can be exploited to produce a denial of service (DoS).

To create an IP SNMP ACL:

  1. Select Configuration > Security > IP Firewall.
  2. Expand the IP Firewall menu item and select IP SNMP ACL.
  3. Select Add to create a new SNMP firewall rule.
    Select an existing policy and click Edit to modify the attributes of that policy‘s configuration. Existing policies can be removed by highlighting them and selecting Delete.
  4. Provide a new IP SNMP ACL Name up to 32 characters in length to help distinguish this ACL from others with similar rules.
  5. Select + Add Row to launch a sub-screen where the ACL‘s permit/deny and network type rules can be applied.
    Allow Select this option to allow the SNMP MIB object traffic. The default setting is to permit SNMP traffic.
    Type Define whether the permit or deny ACL rule applied to the ACL is specific to a Host IP address, is applied to a Network address and subnet mask, or is applied to Any. The default setting is Network.
  6. Select Add to add additional IP firewall rule configurations.
    Select Remove to remove selected IP firewall rules as they become obsolete for filtering network access permissions.
  7. Select OK when completed to update the IP firewall rules.
    Select Reset to revert the screen to its last saved configuration.