1.5.1 Set 'no snmp-server' to disable SNMP when unused

Information

If not in use, disable simple network management protocol (SNMP), read and write access.

SNMP read access allows remote monitoring and management of the device.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Disable SNMP read and write access if not in used to monitor and/or manage device.

hostname(config)#no snmp-server

Impact:

Organizations not using SNMP should require all SNMP services to be disabled by running the 'no snmp-server' command.

See Also

https://workbench.cisecurity.org/benchmarks/12917

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-4, CSCv7|9.2

Plugin: Cisco

Control ID: 93745813db0992aa0f01d9372cce67fceb7b0598ce17a6d4567e0f51d9dec024