cancel
Showing results for 
Search instead for 
Did you mean: 

Does XMC need SNMP write access to switches?

Does XMC need SNMP write access to switches?

paulc
New Contributor

For security best practices typically I would only allow SNMP with RO (read only) access on network devices. Does XMC need write access to be allowed on Extreme switches for any functionality? These are all VOSS and EXOS switches. Thanks.

1 ACCEPTED SOLUTION

StephanH
Valued Contributor III

Hello Paulc,

in addition to Mig's answer. If you used XMC only for monitoring and you don't use ExtremeControl, then it is sufficient to have read-only access via SNMP.

However, XMC also offers the possibility to change configuration on the switch. For example you can change the name of a switch. Here write access is necessary.

Basically it is recommended (XMC best practise) to allow write access via SNMP, but this should be done via SNMPv3.

 

Regards Stephan

View solution in original post

3 REPLIES 3

paulc
New Contributor

Great, thank you both!

StephanH
Valued Contributor III

Hello Paulc,

in addition to Mig's answer. If you used XMC only for monitoring and you don't use ExtremeControl, then it is sufficient to have read-only access via SNMP.

However, XMC also offers the possibility to change configuration on the switch. For example you can change the name of a switch. Here write access is necessary.

Basically it is recommended (XMC best practise) to allow write access via SNMP, but this should be done via SNMPv3.

 

Regards Stephan

Miguel-Angel_RO
Valued Contributor II

Paulc,

The CoA (reauthentication 802.1X or MAC auth) is very often performed via SNMP.

If you want to secure that define an access policy that will allow SNMP to authorized devices only.

Mig

GTM-P2G8KFN