SNMP access to the authentication configuration MIB

A management station running an SNMP networked device management application can access the management information base (MIB) for read access to the switch status and read/write access to the switch authentication configuration (hpSwitchAuth). This means that the switch default configuration now allows SNMP access to security settings in hpSwitchAuth.

CAUTION:

If SNMP access to the hpSwitchAuth MIB is considered a security risk in your network, then you should implement the security precautions described in this procedure.

NOTE:

Downloading and booting enables SNMP access to the authentication configuration MIB (the default action). If SNMPv3 and other security safeguards are not in place, the switch authentication configuration MIB is exposed to unprotected SNMP access and you must use the command shown below to disable this access.

For details on this feature, see Using SNMP to view and configure switch authentication features.

See “Configuring for Network Management Applications” in the management and configuration guide for your switch.

Procedure
  • If SNMP access to the authentication configuration (hpSwitchAuth) MIB described above is not desirable for your network, then immediately use the following command to disable this feature:

    snmp-server mib hpswitchauthmib excluded

  • If you choose to leave the authentication configuration MIB accessible, then you must do the following to help ensure that unauthorized workstations cannot use SNMP tools to access the MIB:
    1. Configure SNMP version 3 management and access security on the switch.
    2. Disable SNMP version 2c on the switch.