6.2 Ensure minimum SNMP version is set to V3 for agent access

Information

To disable the usage of weak SNMP protocols

Rationale:

Impact:

Abuse of SNMP settings could allow an unauthorised third party to gain access to a network device when weak SNMP protocols are used.These protocols ( prior to v3) lack the ability of authentication and encryption .

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

1-Login to Configuration utility

2- Go to System > SNMP > Agent > SNMP Access (v1, v2c) :
Select all listed entries and click 'Delete'

3-Go to System > SNMP > Agent > SNMP Access (v3) :
Make sure there is one entry at least , otherwise create one.

See Also

https://workbench.cisecurity.org/files/3587

Item Details

Category: CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CM-7, 800-53|CP-6, 800-53|CP-7, 800-53|PL-8, 800-53|PM-7, 800-53|SA-8, 800-53|SC-7, CSCv7|11.1

Plugin: F5

Control ID: 9d18f1627c2b0ddf65f8660aadffc205d6963386acee05e4191aea2793ec44d6