1.11.4 Ensure 'SNMP traps' is enabled

Information

Enables SNMP traps to be sent to the NMS

Rationale:

The purpose of the SNMP service is to monitor in real time the events occurring on systems in order to meet the security requirement of availability of systems and services. The traps are SNMP notifications sent to the NMS and should be enabled in order to be sent and processed by the NMS. The NMS will then provide a comprehensive aggregation and reporting of events generated, thus helping administrator.

Solution

Run the following command to enable SNMP traps

hostname(config)# snmp-server enable traps snmp authentication
hostname(config)# snmp-server enable traps snmp coldstart
hostname(config)# snmp-server enable traps snmp linkdown
hostname(config)# snmp-server enable traps snmp linkup

Default Value:

By default, only syslog traps are enabled

See Also

https://workbench.cisecurity.org/benchmarks/7194

Item Details

Category: CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CM-7, 800-53|CP-6, 800-53|CP-7, 800-53|PL-8, 800-53|PM-7, 800-53|SA-8, 800-53|SC-7, CSCv7|11.1

Plugin: Cisco

Control ID: 66fafc4b696d61496ca5ca87ba52f1b0f683895c6243d2d91df597d043ada62d