Administration Guide › Managing SystemEDGE and Application Insight Modules (AIMs) › How to Configure SNMP and Access Control Lists › How to Configure SNMPv1/v2 Settings and Access Control Lists › Example for Three Server Groups

Example for Three Server Groups

The following example illustrates a use case that consists of three server groups, global SNMP settings, and ACLs specified at the global and policy level.

The datacenter consists of the following server groups:

• Infrastructure Manager Servers: CA Virtual Assurance system, SQL Server systems, CA EEM system, one or more distribution servers, three infrastructure manager systems (im1.ca.com, im2.ca.com, im3.ca.com). These systems are managed through va-im.ca.com, im1.ca.com.
• Sales Servers: All servers that belong to the Sales department, managed through va-im.ca.com, im1.ca.com, im2.ca.com.
• Development Servers: All servers that belong to the development department, managed through va-im.ca.com, im1.ca.com, im3.ca.com.

Follow these steps:

1. Specify the following global SNMP objects under Administration, SNMP:

   infrastructure-read: port 161, read-only access, community _public_, ACL: va-im.ca.com, im1.ca.com

   infrastructure-write: port 161, read-write access, community _admin_, ACL: va-im.ca.com, im1.ca.com

   sales-read: port 161, read-only access, community _public_, ACL: va-im.ca.com, im1.ca.com

   sales-write: port 161, read-write access, community _admin_, ACL: va-im.ca.com, im1.ca.com

   development-read: port 161, read-only access, community _public_, ACL: va-im.ca.com, im1.ca.com

   development-write: port 161, read-write access, community _admin_, ACL: va-im.ca.com, im1.ca.com

2. Create three policies (one for each server group) that are based on the default policy: infrastructure, sales, and development
3. Change to the infrastructure policy page, select the third option to apply global SNMP settings from the table:
   • Custom Selection
4. Add infrastructure-read and infrastructure-write global SNMP objects to the infrastructure policy.
5. Save the policy.
6. Change to the sales policy page, select the third option to apply global SNMP settings from the table:
   • Custom Selection
7. Add sales-read and sales-write global SNMP objects to the sales policy.
8. For the sales-read and sales-write objects, click the View links.

   The corresponding ACL dialog opens.

9. Add im2.ca.com to the sales-read and sales-write objects (Policy-specific SNMP Access Control List) and click OK.
10. Save the policy.
11. Change to the development policy page, select the third option to apply global SNMP settings from the table:
    • Custom Selection
12. Add development-read and development-write global SNMP objects to the development policy.
13. For the development-read and development-write objects, click the corresponding View link.

    The corresponding ACL dialog opens.

14. Add im3.ca.com to the development-read and development-write objects and click OK.
15. Save the policy.
16. Apply each policy (infrastructure, sales, development) to its associated server group.

More information:

Review SNMP Configuration and Policy Relationships