Create an SNMP Agent for SNMP version 3

Configure an SNMP Agent for SNMP version 3 so that NGFW Engines or the SMC Appliance can share network management information using the SNMP protocol.

For more details about the product and how to configure features, click Help or press F1.

Steps

Select Configuration.
Browse to Other Elements > Engine Properties > SNMP Agents.
Right-click SNMP Agents, then select New SNMP Agent.
In the Name field, enter a unique for the SNMP Agent.
From the Version drop-down list, select v3.
In the User Names section, add one or more users names.
1. Click Add.
2. In the User Name field, enter the user name.
3. From the Protocol options, select the authentication protocol, then enter a password in the Password field.
4. From the Privacy options, select the privacy protocol, then enter a password in the Privacy Password field.
(Optional) In the Monitoring section, click Add, then select the user for monitoring.
(Optional) In the Listening Port field, enter the UDP port number that the SNMP agent listens to.
In the Contact field, enter the contact information for the person responsible for the NGFW Engines or the SMC Appliance.
Click OK.

SNMP Agent Properties dialog box

Use this dialog box to define the properties of an SNMP Agent.

Note: Some options are not supported when you use the SNMP Agent with the SMC Appliance. The SMC Appliance ignores the unsupported options.

Option	Definition
Name	The name of the element.
Version	Specifies the SNMP version. v1 — SNMPv1 (RFC1157) Note: The SMC Appliance does not support SNMP v1. v2c — SNMPv2c (RFCs 1901 and 3416) v3 — SNMPv3 (RFC 3414)
Comment (Optional)	A comment for your own reference.
Category (Optional)	Includes the element in predefined categories. Click Select to select a category.

Option	Definition
When Version is v1 or v2c
Monitoring section
Communities	Shows the selected communities.
Add	Adds a community or a user name. Opens a Properties dialog box.
Remove	Removes the selected community or user name.
Listening Port (NGFW Engines only)	Specifies the UDP Listening Port number that the SNMP agent listens to. The default port is 161. The SMC Appliance always uses the default port.
Contact	Specifies the contact information for the person responsible for the engines. This string is returned to queries from the SNMPv2-MIB object.
Traps section (NGFW Engines only)
Community	Enter the community string.
Destinations	Specifies the IP addresses and UDP ports of the destinations to which the SNMP traps are sent. The default port is 162. Click to edit the cells.
Add	Adds a row to the table.
Remove	Removes the selected destination.
Active Traps	Specifies the events for which you want to set a trap. The possible events are: Boot (for example, startup of the agent process by minit) Shutdown Going Online Going Offline Policy Applied User Login (via console or with SSH) Hardware Alerts (for appliances that support hardware monitoring)
Active	Shows whether traps are active for the event.
Event	Shows the available events.

Option	Definition
When Version is v3
User Names section
Name	Shows the user name.
Authentication Protocol	Shows the authentication protocol defined for the SNMP user.
Privacy Protocol	Shows the privacy protocol defined for the SNMP user.
Add	Opens the SNMP User Properties dialog box.
Edit	Opens the SNMP User Properties dialog box for the selected user name.
Remove	Removes the selected user name.
Monitoring section
User Names	Shows the selected user names.
Add	Adds a community or a user name. Opens a Properties dialog box.
Remove	Removes the selected community or user name.
Listening Port (NGFW Engines only)	Specifies the UDP Listening Port number that the SNMP agent listens to. The default port is 161. The SMC Appliance always uses the default port.
Contact	Specifies the contact information for the person responsible for the engines. This string is returned to queries from the SNMPv2-MIB object.
Traps section (NGFW Engines only)
User Name	Select the user name from the drop-down list.
Destinations	Specifies the IP addresses and UDP ports of the destinations to which the SNMP traps are sent. The default port is 162. Click to edit the cells.
Add	Adds a row to the table.
Remove	Removes the selected destination.
Active Traps	Specifies the events for which you want to set a trap. The possible events are: Boot (for example, startup of the agent process by minit) Shutdown Going Online Going Offline Policy Applied User Login (via console or with SSH) Hardware Alerts (for appliances that support hardware monitoring)
Active	Shows whether traps are active for the event.
Event	Shows the available events.

SNMP User Properties dialog box

Use this dialog box to define the properties of an SNMP User.

Option	Definition
User name	Specifies the SNMP user name.
Authentication
Protocol	Specifies the authentication protocol for the SNMP user: No — No authentication protocol is used. MD5 — The MD5 authentication protocol is used. SHA — The SHA authentication protocol is used.
Password	Enter the password. By default, passwords and keys are not shown in plain text. To show the password or key, deselect the Hide option. The Password option is not available when the Protocol is No.
Privacy
Privacy Protocol	Specifies the privacy protocol for the SNMP user: No — No encryption protocol is used. DES — The DES encryption protocol is used. AES — The AES encryption protocol is used.
Privacy Password	Enter the password. By default, passwords and keys are not shown in plain text. To show the password or key, deselect the Hide option. The Privacy Password option is not available when the Privacy Protocol is No.

Properties dialog box (SNMP monitoring)

Use this dialog box to add a community or a user name for SNMP monitoring.

Option	Definition
Enter a community (SNMP v1 or v2c only)	Enter the community string. The community string is used for authentication in monitoring.
Select a User Name (SNMP v3 only)	Select the user name from the drop-down list.