Creating an SNMP Alert Response

You can create SNMP alert responses using SNMPv1, SNMPv2, or SNMPv3 for an device type except threat defense.

Note

When selecting SNMP versions for the SNMP protocol, note that SNMPv2 only supports read-only communities and SNMPv3 only supports read-only users. SNMPv3 also supports encryption with AES128.

If you want to monitor 64-bit values with SNMP, you must use SNMPv2 or SNMPv3. SNMPv1 does not support 64-bit monitoring.

Before you begin

  • If your network management system requires the Secure Firewall Management Center’s management information base (MIB) file, obtain it at /etc/sf/DCEALERT.MIB.

Procedure

Step 1

Choose Policies > Actions > Alerts.

Step 2

From the Create Alert drop-down menu, choose Create SNMP Alert.

Step 3

Edit the SNMP Alert Configuration fields:

  1. Name―Enter a name to identify the SNMP response.

  2. Trap Server―Enter the hostname or IP address of the SNMP trap server.

    Note

    The system does not warn you if you enter an invalid IPv4 address (such as 192.169.1.456) in this field. Instead, the invalid address is treated as a hostname.

  3. Version―Choose the SNMP version you want to use from the drop-down list. SNMPv3 is the default.

    Choose from:

    • SNMPv1 or SNMPv2: Enter a read-only SNMP community name in the Community String field, then skip to the end of the procedure.

      Note

      Do not include special characters (< > / % # & ? ', etc.) in the SNMP community string name.

    • For SNMPv3: Enter the name of the user that you want to authenticate with the SNMP server in the User Name field and continue to the next step.

  4. Authentication Protocol―Choose the protocol you want to use to encrypt authentication from the drop-down list.

    Choose from:

    • MD5—Message Digest 5 (MD5) hash function.

    • SHA—Secure Hash Algorithm (SHA) hash function.

  5. Authentication Password―Enter the password to enable authentication.

  6. Privacy Protocol―Choose the protocol you want to use to encrypt a private password from the drop-down list.

    Choose from:

    • DES—Data Encryption Standard (DES) using 56-bit keys in a symmetric secret-key block algorithm.

    • AES—Advanced Encryption Standard (AES) using 56-bit keys in a symmetric cipher algorithm.

    • AES128—AES using 128-bit keys in a symmetric cipher algorithm. A longer key provides higher security but a reduction in performance.

  7. Privacy Password―Enter the privacy password required by the SNMP server. If you specify a private password, privacy is enabled, and you must also specify an authentication password.

  8. Engine ID―Enter an identifier for the SNMP engine, in hexadecimal notation, using an even number of digits.

    When you use SNMPv3, the system uses an Engine ID value to encode the message. Your SNMP server requires this value to decode the message.

    Cisco recommends that you use the hexadecimal version of the Secure Firewall Management Center’s IP address. For example, if the Secure Firewall Management Center has an IP address of 10.1.1.77, use 0a01014D0.

Step 4

Click Save.

What to do next

Changes take effect immediately, EXCEPT:

If you are using alert responses to send connection logs, you must deploy configuration changes after you edit those alert responses.