SNMP community settings do not match across cluster members-paloaltonetworks-panos

SNMP community settings do not match across cluster members-paloaltonetworks-panos

Vendor: paloaltonetworks

OS: panos

Description:
Indeni will identify when two devices are part of a cluster and alert if the SNMP settings do not match.

Remediation Steps:
Ensure all of the SNMP settings are configured correctly on all cluster members.

How does this work?
This alert uses the Palo Alto Networks API interface to parse through SNMP Trap profiles and alert the admin if the community name is set to “PUBLIC” or “PRIVATE”.

Why is this important?
If the default SNMP communities are configured, like “public” or “private” it could allow unauthorized clients to poll the device.

Without Indeni how would you find this?
Login to the device’s web interface and click on “Device” -> “Server Profiles” -> “SNMP Trap”.

panos-snmp-trap-default-community

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/panos-snmp-trap-default-community/panos-snmp-trap-default-community.ind.yaml

cross_vendor_snmp_communities_comparison

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_snmp_communities_comparison.scala

this is very cool. I would like to see similar post regarding this. thanks.

1 Like

This is very Useful information.