|
|
|
Simple Network Management Protocol (SNMP) is an Internet standard protocol for communicating management information between networked applications. SNMP traps are messages that convey information about unscheduled events.
CA ACF2 and CA Top Secret use SNMP traps to notify Unicenter workstations about security violations. This lets security administrators deal with violations in real time, rather than waiting for a daily violation report.
You can configure CA Auditor to use SNMP traps to notify a Unicenter workstation of audit-worthy events. When CA Auditor is used online for improvised queries, such notification is unnecessary: the person running CA Auditor sees the results of those queries immediately. But you can use SNMP traps in CA Auditor batch scripts that are run periodically by a scheduling package, such as CA Scheduler or CA 7. These batch scripts can run day after day or hour after hour, silently auditing the system. When they discover something audit-worthy, they can send an SNMP trap message to a Unicenter workstation, notifying security personnel to review the details in the job’s output.
You can use SNMP traps optionally to notify Unicenter whenever someone enters or leaves CA Auditor. This feature has many uses:
Since excessive use of SNMP traps could clutter consoles, you can restrict their use by specifying parameters in the CA Auditor central parameter file. (The central parameter file is described in the Installation Guide. Use of the central parameter file is optional, but you must use it if you use SNMP traps.)
Use of traps can be restricted as follows:
SNMP traps to indicate CA Auditor use can be generated as follows:
CA Auditor functions that can generate SNMP traps are:
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |