SNMP

Fudo Enterprise’s status can be monitored over SNMPv3 protocol.

Configuring SNMP

1. Select Settings > System.
2. Select SNMPv3 option in the Maintenance and supervision section.
3. From the IP address drop-down list select IP address, which will be used for SNMP communication.
4. Click Save.

5. Select Management > Users.
6. Click Add.

7. Select service from the Role drop-down list and fill in the rest of the General section parameters.
8. Select password from the Authentication drop-down list and enter the password string.

Note

• SNMP user password must be at least eight characters long.
• SNMP service authenticates the service account using the first defined password.

9. Select Enabled option in the SNMP section.

10. Select authentication methods from the Authentication method drop-down list.
11. Select the SNMP encryption algorithm from the Encryption drop-down list.

12. Click Save.

Configuring SNMPv3 TRAP

On Policies violation, Fudo is able to send a SNMPv3 TRAP, fudoPolicyViolationNotification with information containing during which session which user violated which policy. For more details check Fudo’s MIB definition in the following section.

To configure SNMP TRAPs the administrator has to configure the service in the System settings and enable them for particular policy.

To configure the policy to send SNMPv3 TRAP notifications about suspicious sessions, follow the procedure:

1. Create a user for SNMPv3 service:

   • Select Management > Users.

   • Create a new one.

   • Enter Login.

   • Choose the service in the Role field.

   • Select Password in the Authentication Type field and provide your password.

   • In the SNMP section, define the settings:

     • Enable SNMP.
     • Select SHA or MD5 in the Authentication Method field.
     • Select AES or DES in the Encryption field.

   • Click Save.

2. Configure SNMPv3 TRAP:

   • Select Settings > System
   • Scroll down to the Maintenance and supervision section
   • Configure the SNMPv3 TRAP server address and port
   • Select the user with service role, created in step 1.
   • Click Save.

As Fudo Enterprise uses SNMPv3 for sending TRAPs, the manager software (such as snmptrapd from Net-SNMP) has to know the user’s name and password.

Note

The fudoPolicyViolationNotification TRAP contains Fudo object identifiers: sessionId, userId and policyId. As all identifiers in Fudo Enterprise are 64-bit integers and SNMP doesn’t support 64-bit integers natively, those ids are encoded as big-endian 8-byte arrays.

SNMP MIBs

Fudo Enterprise supports following MIBs:

• MIB-II (RFC 1213)
• HOST-RESOURCES-MIB (RFC 2790) - partly supported
• UCD-SNMP-MIB

Getting SNMP readings using snmpwalk

Note

Getting SNMP readings requires installing Net-SNMP 5.7.3.

Fetching all SNMP information

snmpwalk -v3 -u "${SNMP_USER}" -a SHA -A "${SNMP_PASSWORD}" -x AES -X "${SNMP_PASSWORD}" -l authPriv "${FUDO_IP}" .1

Fetching specific SNMP information

snmpwalk -v3 -u "${SNMP_USER}" -a SHA -A "${SNMP_PASSWORD}" -x AES -X "${SNMP_PASSWORD}" -l authPriv "${FUDO_IP}" .1.3.6.1.4.1.24410

Data specifier	Description
.1.3.6.1.4.1.24410.1.1.1	Disk status (ZFS status)
.1.3.6.1.4.1.24410.1.1.2	Power supply status Note This feature is not supported on all Fudo Enterprise units. Contact technical support for more information.
.1.3.6.1.4.1.24410.1.1.3	CPU temperatures
.1.3.6.1.4.1.24410.1.1.4	S.M.A.R.T status

Fudo Enterprise specific SNMP extensions

Overview

Extensions enable monitoring the number of active sessions, ZFS status, PSU status (if available), CPU temperature on all cores, S.M.A.R.T status such as temperature, health or reallocated sectors.

MIB specification file

MIB specification files (Fudo Security Common MIB and Fudo Security PAM MIB) are available for downloading at the Settings > System in the Maintenance and supervision section:

Related topics:

• Security measures
• Troubleshooting
• Policies