Details
Enables Simple Network Management Protocol (SNMP) requests to be processed by this computer.
The recommended state for this setting is: Disabled or Not Installed.
Note: This service is not installed by default. It is supplied with Windows, but is installed by enabling an optional Windows feature (Simple Network Management Protocol (SNMP)).
Rationale:
Features that enable inbound network connections increase the attack surface. In a high security environment, management of secure workstations should be handled locally.
Solution
To establish the recommended configuration via GP, set the following UI path to: Disabled or ensure the service is not installed.
Computer ConfigurationPoliciesWindows SettingsSecurity SettingsSystem ServicesSNMP Service
Impact:
The computer will be unable to process SNMP requests.
Default Value:
Not Installed (Automatic when installed)
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.