Create an SNMP alert response

Configure an SNMP alert response in Firewall Management Center using SNMP versions SNPMv1, SNPMv2, or SNMPv3 to monitor network events.

Note

When you select an SNMP version for the SNMP protocol, note that:

  • The recommended version for SNMP alert response is SNMPv3 as it supports advanced encryption.

  • SNMPv2 supports only read-only communities. SNMPv3 supports only read-only users and provides encryption with AES128.

  • To monitor 64-bit values with SNMP, you must use either SNMPv2 or SNMPv3. SNMPv1 does not support 64-bit monitoring.

Before you begin

If your network management system requires the Firewall Management Center’s management information base (MIB) file, obtain it at /etc/sf/DCEALERT.MIB.

Procedure

Step 1

Choose Administration > Alerts.

Step 2

From the Create Alert drop-down menu, choose Create SNMP Alert.

Step 3

Edit the SNMP Alert Configuration fields:

  1. Name―Enter a name to identify the SNMP response.

  2. Trap Server―Enter the hostname or IP address of the SNMP trap server.

    Attention

    Firewall Management Center does not warn you if you enter an invalid IPv4 address (such as 192.169.1.456) in this field. Instead, Firewall Management Center treats the invalid address as a hostname.

  3. Version―Choose the SNMP version you want to use from the drop-down list. SNMPv3 is the default.

    These protocols are available:

    • SNMPv1 or SNMPv2: Enter a read-only SNMP community name in the Community String field, and then skip to the final step of this task.

      Note

      Allowed characters for this field include alphanumeric characters, underscore (_), hyphen (-), asterisk (*), and dollar sign ($). The maximum length allowed is 128 characters.

    • For SNMPv3: Enter the name of the user that you want to authenticate with the SNMP server in the User Name field and continue to the next step.

  4. Authentication Protocol―Choose the protocol you want to use to encrypt authentication from the drop-down list.

    Choose from:

    • MD5—Message Digest 5 (MD5) hash function.

    • SHA—Secure Hash Algorithm (SHA) hash function.

  5. Authentication Password―Enter the password to enable authentication.

  6. Privacy Protocol―Choose the protocol you want to use to encrypt a private password from the drop-down list.

    Choose from:

    • DES—Data Encryption Standard (DES) using 56-bit keys in a symmetric secret-key block algorithm.

    • AES—Advanced Encryption Standard (AES) using 56-bit keys in a symmetric cipher algorithm.

    • AES128—AES using 128-bit keys in a symmetric cipher algorithm. A longer key provides higher security but a reduction in performance.

  7. Privacy Password―Enter the privacy password required by the SNMP server. Specifying a private password enables privacy and requires you to also specify an authentication password.

  8. Engine ID―Enter an identifier for the SNMP engine, in hexadecimal notation, using an even number of digits.

    When you use SNMPv3, the system uses an Engine ID value to encode the message. Your SNMP server requires this value to decode the message.

    Cisco recommends using the hexadecimal version of the Firewall Management Center’s IP address. For example, if the Firewall Management Center has an IP address of 10.1.1.77, use 0a01014D0.

Step 4

Click Save.

What to do next

If you are using SNMP alert responses to send connection logs to a SNMP trap server, you must deploy configuration changes after you modify the SNMP alert response.