AppManager uses SNMP queries to access network devices and to enable functionality of NetIQ SNMP Trap Receiver. Before discovering network devices, enter SNMP community string information into AppManager Security Manager.
The type of information you configure varies according to the version of SNMP that is implemented on the network device.
AppManager for Network Devices supports SNMP versions 1, 2, and 3.
If you do not indicate an SNMP version, AppManager attempts to determine the version during the Discovery job. This process can be time consuming.
By configuring SNMP information, you provide AppManager the permission it needs to access the Management Information Bases (MIBs) on SNMP-enabled network devices.
Configure community string and version information for each network device that is being monitored by each proxy agent computer.
Complete the following fields on the Custom tab in Security Manager:
|
Field |
Type |
|---|---|
|
Label |
NetworkDevice |
|
Sub-Label |
Indicate whether the community string information will be used for a single device or for all devices.
|
|
Value 1 |
Read-only community string, such as private or public |
|
Value 3 |
If you do not specify either SNMP version, AppManager attempts to determine the version during the Discovery_NetworkDevice job. This process can be time consuming. |
|
Extended application support |
Leave this option unselected |
AppManager for Network Devices supports the following modes for SNMP v3:
No authentication; no privacy
Authentication; no privacy
Authentication and privacy
In addition, the module supports the following protocols for SNMP v3:
MD5 (Message-Digest algorithm 5, an authentication protocol)
SHA (Secure Hash Algorithm, an authentication protocol)
DES (Data Encryption Standard, encryption protocol)
AES (Advanced Encryption Standard, an encryption protocol, 128-bit keys only)
Your SNMP v3 implementation may support one or more combinations of mode and protocol. That combination dictates the type of information you configure in AppManager Security Manager: user name (or entity), context name, protocol name, and protocol passwords.
Configure SNMP v3 information for each network device that is being monitored by each proxy agent computer.
Complete the following fields on the Custom tab in Security Manager:
|
Field |
Description |
|---|---|
|
Label |
NetworkDevice |
|
Sub-Label |
Indicate whether the community string information will be used for a single device or for all devices.
|
|
Value 1 |
SNMP user name, or entity, configured for the device. All SNMP v3 modes require an entry in the Value 1 field. |
|
Value 2 |
Name of a context associated with the user name or entity you entered in the Value 1 field. A context is a collection of SNMP information that is accessible by an entity. If possible, enter a context that provides access to all MIBs for a device. If the device does not support context, type an asterisk (*). All SNMP v3 modes require an entry in the Value 2 field. |
|
Value 3 |
Combination of protocol and password appropriate for the SNMP v3 mode you implemented.
|
|
Extended application support |
Leave this option unselected. |
If the Trap Receiver device uses different Read and Trap SNMP permissions (for instance, the Read community string is one value and the Trap community string is another), then an additional entry in AppManager Security Manager is required:
For the Read permission, use the instructions for your version of SNMP in Section 2.6, Configuring SNMP Permissions and type NetworkDevice in the Label field.
For the Trap permission, use the instructions for your version of SNMP in Section 2.6, Configuring SNMP Permissions and type SNMPTrap in the Label field.
When you run the Section 3.44, SNMPTrap_Async script, AppManager searches for Security Manager Label entries in the following order:
SNMPTrap (first specific, then default permissions)
NetworkDevice (first specific, then default permissions)
SNMP (first specific, then default permissions)