Policy Pages Reference : System Settings Policies : SNMP ACLs
  
SNMP ACLs
The SNMP ACLs page contains the following groups of settings:
•  Security Names
•  Groups
•  Views
•  Access Policies
Security Names
The security names identify an individual user (v1 or v2c only).
Complete the configuration as described in this table.
Control
Description
Add a New Security Name
Displays the controls to add a security name.
Security Name
Specify a name to identify a requestor (allowed to issue gets and sets). The security name can make changes to the View Based Access Control Model (VACM) security name configuration.
Note: Traps for v1 and v2c are independent of the security name.
Community String
Specify the password-like community string to control access. Use a combination of uppercase, lowercase, and numerical characters to reduce the chance of unauthorized access to the appliance.
Note: If you specify a read-only community string (located on the SNMP Basic page under SNMP Server Settings), it takes precedence over this community name and enables users to access the entire MIB tree from any source host. If this is not desired, delete the read-only community string.
Source IP Address and Mask Bits
Specify the host IP address and mask bits to that you permit access using the security name and community string.
You can access the entire MIB tree from any source host using the Read-Only Community String on the SNMP Basic page. For detailed information about the SNMP Basic page, see SNMP Basic.
Add
Adds the security name.
Remove Selected
Select the check box next to the name and click Remove Selected.
Groups
The groups identify a security-name, security model by a group, and referred to by a group-name.
Complete the configuration as described in this table.
Control
Description
Add a New Group
Displays the controls to add a new group.
Group Name
Specify a group name.
Security Model and Name Pairs
Click the plus (+) button and select a security model from the drop-down list:
•  v1 or v2c displays another drop-down list; select a security name.
•  usm displays another drop-down list, select a user.
To add another Security Model and Name pair, click the plus (+) button.
Add
Adds the group name and security model and name pairs.
Remove Selected
Select the check box next to the name and click Remove Selected.
Views
Complete the configuration as described in this table.
Control
Description
Add a New View
Displays the controls to add a new view.
View Name
Specify a descriptive view name to facilitate administration.
Includes
Specify the Object Identifiers (OIDs) to include in the view, separated by commas: for example, .1.3.6.1.2.1.1.
By default, the view excludes all OIDs. You can specify .iso or any subtree or subtree branch. You can specify an OID number or use its string for: for example, .iso.org.dod.internet.private.enterprises.rbt.products.SteelHead.system.model.
Excludes
Specify the OIDs to exclude in the view, separated by commas. By default, the view excludes all OIDs.
Add
Adds the view.
Remove Selected
Select the check box next to the name and click Remove Selected.
Access Policies
The access policies defines who gets access to that type of information. An access-policy is a comprised of <group-name, security-level, read-view-name>.
Complete the configuration as described in this table.
Control
Description
Add a New Access Policy
Displays the controls to add a new access policy.
Group Name
Select a group name from the drop-down list.
Security Level
Determines whether a single atomic message exchange is authenticated. Select one of the following from the drop-down list:
•  No Auth - Does not authenticate packets and does not use privacy. This is the default setting.
•  Auth - Authenticates packets but does not use privacy.
A security level applies to a group, not to an individual user.
Read View
Select a view from the drop-down list.
Add
Adds the policy to the policy list.
Remove Selected
Select the check box next to the name and click Remove Selected.