Set ‘no snmp-server’ to disable SNMP when unused

Details

If not in use, disable simple network management protocol (SNMP), read and write access.

Rationale:

SNMP read access allows remote monitoring and management of the device.

Impact:

Organizations not using SNMP should require all SNMP services to be disabled by running the ‘no snmp-server’ command.

Solution

Disable SNMP read and write access if not in used to monitor and/or manage device.

hostname(config)#no snmp-server

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/3160https://workbench.cisecurity.org/files/3160

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Cisco.

References

800-53|SI-4
CSCv6|9.1
CSCv7|9.2

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles