Details

You can use access lists to control the transmission of packets on an interface, control Simple Network Management Protocol (SNMP) access, and restrict the contents of routing updates. The Cisco IOS software stops checking the extended access list after a match occurs.

Solution

Configure SNMP ACL for restricting access to the device from authorized management stations segmented in a trusted management zone.
hostname(config)#access-list permit
hostname(config)#access-list deny any log

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/508https://workbench.cisecurity.org/files/508

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Cisco.

References

• 800-53|SC-7(5)
• 800-53|SC-7(15)

Source

• Tenable.com/audits