Roles of SNMP on the firewall

0

Simple Network Management Protocol (SNMP) has three roles.
�?Network management system (NMS)
The NMS sends all types of query packets to managed devices and receives alarms sent from managed devices.
�?Agent
The agent is a process that resides on managed devices.
The functions of the agent are as follows:
The agent receives and parses query packets sent from the NMS.
The agent reads or writes management variables based on the packet type, and generates and returns response packets to the NMS.
Based on the alarm conditions defined on each protocol module, when alarm conditions are met, for example, entry to or exit from the system view or device restart, the corresponding module active sends an alarm of such events to the NMS through the agent.
�?Managed device
Managed devices are managed by the NMS, and generate and report alarms.

Other related questions:
Precautions for using SNMP on the firewall
Precautions for using firewall SNMP: �?When adding users to an SNMP group, local users are not recommended. Instead, it is recommended that Authentication, Authorization, Accounting (AAA) users on the RADIUS server and Huawei Terminal Access Controller Access Control System (HWTACACS) server be used for verification. �?When the MIB browser or NMS interworks with the firewall, it is recommended that SNMPv2c or SNMPv3 be used to ensure that the MIB browser or NMS can read MIB information from the firewall properly. �?SNMPv3 is recommended because it outperforms SNMPv1 and SNMPv2c in security.

Problem and solution when the original active firewall does not preempt the active role after recovery
Possible causes are as follows: The preemption function is disabled. The preemption hold-on timer has not expired. The original active firewall does not perform preemption immediately after recovery. Setting preemption hold-on prevents repeated switchover resulting from unstable active firewall status.

Whether the USG firewall can cancel the SNMP key complexity
The configuration of the USG2000 & 5000 & 6000 SNMP secret key is as follows: Snmp-agent community {read | write} community-name [mib-view view-name | acl acl-number] * Community-name community name. When you use the display command, the community name is displayed as a cipher text. The string type can be: The Length of 1 to 32 of the plaintext The Length of 56 ciphertext To improve the security, the proposed community name to meet the minimum complexity requirements, that contains English capital letters (A ~ Z), English lowercase letters (a ~ z), numbers (0 ~ 9), special characters (such as #,% , $, Etc.) and contain at least 8 characters.

How to understand the role in the FusionInsight system?
A role is an element of a service. A service consists of one or multiple roles. Services are installed on hosts (servers) through roles, ensuring proper service running. For example, the HBase service consists of three roles, namely, HMaster (HM), RegionServer (RS), and ThriftServer (TS).

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top