Skip to main content
Skyhigh Security

Configure event monitoring with SNMP

To enable the use of SNMP for monitoring system events on an appliance, configure an SNMP protocol version, a user or community that is allowed to view monitored information, and other settings.

Task

  1. Select Configuration | Appliances.
  2. On the appliances tree, select the appliance where you want to configure SNMP event monitoring, then click SNMP.
  3. Under SNMP Port Settings and SNMP System information add and modify information about listener ports and management stations as needed.
  4. To work with SNMPv1 or SNMPv2c, complete these options. Otherwise, continue with step 4.
    1. Under SNMP Protocol Options, make sure the respective version is selected.
    2. Above the list of communities that are allowed to view monitored information, click the Add icon, then create an entry for a community in the window that opens.
      • Under Community string, type the name of a community. For example, public.
      • Under Allowed root OID, type a root Object ID to identify the item on the MIB (Management Information Base) tree where the information begins that is allowed for viewing.
        For example, type this root Object ID to allow all information that is related to Skyhigh Security for viewing:
        .1.3.6.1.4.1.1230
        Information related to Web Gateway is a part of this information. So, type the following to allow only this information for viewing:
        .1.3.6.1.4.1.1230.2
        If you type an * (asterisk) here, all information is allowed for viewing.
      • Under Allowed from, specify the host system where viewing the information is allowed.
        If you specify no host system here, viewing is allowed from any system.
    3. Under SNMP Trap Sinks,.click the Add icon above the list and configure trap sinks as needed.
  5. To work with SNMPv3, complete these options.
    1. Under SNMP Protocol Options, make sure this version is selected.
    2. Above the list of users who are allowed to view monitored information, click the Add icon, then create an entry for a user in the window that opens.
      • Under User name, type the name of a user.
      • Next to Password, click Set, then set a password in the window that opens.
      • Under Allowed root OID, type a root Object ID to identify the item on the MIB (Management Information Base) tree where the information that is allowed for viewing begins.
        If you type an * (asterisk) here, all information is allowed for viewing.
      • Under Authentication, select a method for calculating a hash value that is used to verify and control authentication data.
        Available methods: MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
        Some authentication methods cannot be used together with some encryption methods that are used with regard to SNMP traffic. You cannot configure the following:
        • MD5 or SHA-1 with encryption method AES-192 or AES-256
        • SHA-224 with encryption method AES-256
      • If you want to have the SNMP traffic encrypted, select a method for this encryption under Encryption.
        Available methods: DES, AES, AES-128, AES-192, AES-256, or None (no encryption).
        Some encryption methods cannot be used together with some authentication methods that are also used for creating SNMP user information. See above for combinations that will not work.
    3. Under SNMP Trap Sinks,.click the Add icon above the list for SNMPv3 and configure trap sinks as needed.
  6. Click Save Changes.
  • Was this article helpful?