Skip to content

Security: splunk/splunk-connect-for-snmp

Security

docs/security.md

Security Considerations

The SC4SNMP solution implements SNMP in a compatible mode for current and legacy network device gear. SNMP is a protocol widely considered to be risky and requires threat mitigation at the network level.

  • Do not expose SNMP endpoints to untrusted connections such as the internet or general LAN network of a typical enterprise.
  • Do not allow SNMPv1 or SNMPv2 connections to cross a network zone where a man in the middle interception is possible.
  • Many SNMPv3 devices rely on insecure cryptography including DES, MD5, and SHA. Do not assume that SNMPv3 devices and connections are secure by default.
  • When possible use SNMPv3 with the most secure mutually supported protocol options.
  • The default IP of each node should be considered a management interface and should be protected from network access by an untrusted device by a hardware or software firewall. When possible the IP allocated for SNMP communication should not be shared by the management interface.

There aren’t any published security advisories