2.8 Protocol Access Controls - 'snmp.access has been configured'

Information

Data ONTAP allows the configuration of filters for the following protocols: RSH, telnet, SSH, HTTP, SNMP, NDMP, SnapMirror, and SnapVault. The filters can specify host names, IP addresses, IP subnets, or interface names, which are either allowed or disallowed for each protocol. Each application then uses the filter on the listening socket to control access. In conjunction with disabling insecure protocols, this allows fine-grained control of access from limited areas. NetApp recommends as a best practice that you configure protocol access filters for any administrative protocol that is enabled on the NetApp storage system.

Solution

Configure SNMP to allow connections only from known trusted hosts

See Also

http://media.netapp.com/documents/tr-3649.pdf

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(12), CSCv6|9.2

Plugin: NetApp

Control ID: acbc70820a355339c8a5dfd4ecd15bfcf00a5249d5a905ae2a825fa90217ed56