Is there a way on CAS s400 version 184.108.40.206 to block IPs from sending requests via SNMP. The ACL on ProxySG works but any internal device seems to be able to poll CAS through SNMP.
Release : 220.127.116.11
Please be informed that here isn't a command/ACL to block "IPs" from polling the CAS device. From the Symantec CAS Best Practice, we have the below.
The ACL would be configured from the network.
SNMP polling involves retrieving Management Information Base (MIB) variables from devices in order to determine faulty behavior or connection problems. Faulty devices or faulty connections are then diagnosed by applying predefined formulas to the extracted MIB variables.
A Machine Information Base (MIB) file is a document (written in the ASN.1 data description language) that contains descriptions of managed objects. SNMP uses a specified set of commands and queries, and the MIB contains information on these commands and the target objects. MIBs are typically read using MIB browsers.
When an SNMP manager polls a device for information, the SNMP agent on the device responds to the queries.
Howbeit, the View-based access control (VACM) SNMPv3 mechanism regulates access to MIB objects by providing a fine-grained access control mechanism associating users with MIB views. The VACM facilities are essential in ensuring a completely secure agent.
SNMP uses the vacm feature to secure the MIBs and, please implement this with SNMPv3. The 3 key security features of SNMP v3 are listed below.