Previous Topic: Review Requirements (SNMPv1/2)Next Topic: Specify Global SNMP Settings and Access Control Lists

Administration GuideManaging SystemEDGE and Application Insight Modules (AIMs)How to Configure SNMP and Access Control ListsHow to Configure SNMPv1/v2 Settings and Access Control ListsReview SNMP Configuration and Policy Relationships

Review SNMP Configuration and Policy Relationships

An SNMP Settings object for SNMPv1/v2 comprises of a name, the community string, the type of operation (read-only or read-write), SNMP version, port, timeout, retry limit, and Access Control List (ACL).

An ACL specifies a list of manager systems for a group of managed systems on which SystemEDGE runs. The CA Virtual Assurance manager distributes SNMP settings and ACLs through Policy Configuration to the managed systems. These managed systems accept SNMP requests only from the manager systems listed in the ACL. If no ACL is specified, the managed systems accept SNMP requests from any system.

If ACLs are defined, the CA Virtual Assurance manager is also automatically added to the list of ACLs. The CA Virtual Assurance manager always has connectivity.

In most cases, the same SNMP credentials are used across many or all systems. To manage and apply those credentials appropriately, you can specify the SNMP credentials and ACLs at the global level. Consistent SNMP credentials and ACL settings on manager and agent systems are necessary to discover and manage systems properly. You specify global SNMP Settings objects under Administration, Configuration, SNMP.

In exceptional cases, you can add ACLs at the policy level or you can specify SNMP credentials and ACLs entirely at the system level. If you want to modify SNMP settings at the system level, change the settings for each affected system.

Only those SNMP settings are applied to a target system, which use the same port as the target system.

The following diagram illustrates the policy architecture:

Policy Architecture

You can configure SNMP settings at the global, policy, or system level and you can assign these settings to a policy (upper left arrow). The policy can be applied through CA Virtual Assurance to a group of managed systems. The Access Control Lists (ACLs) specify the names of the manager systems which manage the group of managed systems. If you add all required manager systems into an ACL, the managed systems respond only to SNMP requests from these managers.