Today we will show you how to configure secure monitoring of Flowmon appliance using SNMPv3 in several easy steps.
Simple Network Management Protocol (SNMP) is conventional and simple method for resources monitoring in infrastructure, the latest version SNMPv3 is secured to avoid possible data leakage or information modification.
SNMPv3 is also ready to use in Flowmon, you can easily setup and start SNMP service and monitor Flowmon from your SNMP monitoring system. The communication will be encrypted and authenticated after simple setup.
Firstly, in Configuration Center → System → System setting setup SNMP server community and “Save settings”
Now, from SSH console via “flowmon” account:
1. Stop snmpd service
sudo service snmpd stop[flowmon@internal ~]$
Redirecting to /bin/systemctl stop snmpd.service
2. Add SNMPv3 user
[flowmon@internal ~]$ sudo net-snmp-config --create-snmpv3-user -a 'authpasswd' -x 'privpasswd' -X AES -A SHA username
adding the following line to /var/lib/net-snmp/snmpd.conf:
createUser username SHA "authpasswd" AES privpasswd
adding the following line to /etc/snmp/snmpd.conf:
3. Start snmpd service again
[flowmon@internal ~]$ sudo service snmpd start
Redirecting to /bin/systemctl start snmpd.service
Configuration file /var/lib/net-snmp/snmpd.conf is not accessible for “flowmon” user but using the sudo command the file is updated with username and password.
Also /etc/snmp/snmpd.conf is modified and the settings is visible via “Edit snmpd.conf” in SNMP server settings at the end of the configuration file.
The user is correctly created.
The same procedure can be used also for password change, SNMPv3 user can be removed from snmpd.conf manually, just delete the row. After clicking on “Save” button, the snmpd service is restarted automatically.
Do not forget to enable UDP port 162 communication on your firewall, after that the SNMPv3 monitoring of Flowmon appliance is ready to use.