30
SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
C
HAPTER
5:
Configuring SonicWALL Security Appliance Administration Settings
Â
Cross Reference: For more information on SonicWALL Global Management System, go to
http://www.sonicwall.com.
Enabling SNMP Management
SNMP (Simple Network Management Protocol) is a network protocol used over User Datagram
Protocol (UDP) that allows network administrators to monitor the status of the SonicWALL security
appliance and receive notification of critical events as they occur on the network. The SonicWALL
security appliance supports SNMP v1/v2c and all relevant Management Information Base II (MIB)
groups except egp and at. The SonicWALL security appliance replies to SNMP Get commands for
MIBII via any interface and supports a custom SonicWALL MIB for generating trap messages. The
custom SonicWALL MIB is available for download from the SonicWALL Web site and can be loaded
into third-party SNMP management software such as HP Openview, Tivoli, or SNMPC.
Configuring SNMP Management
To enable SNMP on the SonicWALL security appliance, log into the Management interface and click
System, then Administration. Select the Enable SNMP checkbox, and then click Configure.
1
Type the host name of the SonicWALL security appliance in the System Name field.
2
Type the network administrator’s name in the System Contact field.
3
Type an e-mail address, telephone number, or pager number in the System Location field.
4
Type a name for a group or community of administrators who can view SNMP data in the Get
Community Name field.
5
Type a name for a group or community of administrators who can view SNMP traps in the Trap
Community Name field.
6
Type the IP address or host name of the SNMP management system receiving SNMP traps in the
Host 1 through Host 4 fields. You must configure at least one IP address or host name, but up to
four addresses or host names can be used.
7
Click OK.
Configuring Log/Log Settings for SNMP
Trap messages are generated only for the alert message categories normally sent by the SonicWALL
security appliance. For example, attacks, system errors, or blocked Web sites generate trap
messages. If none of the categories are selected on the Log>Settings page, then no trap messages
are generated.
Configuring SNMP as a Service and Adding Rules
By default, the SonicWALL security appliance responds only to Get SNMP messages received on its
LAN interface. Appropriate rules must be configured to allow SNMP traffic to and from the WAN
interface. SNMP trap messages can be sent via the LAN or WAN.
Â
Cross Reference: For instructions on adding services and rules to the SonicWALL security appliance,
see Part 5 Firewall.
If your SNMP management system supports discovery, the SonicWALL security appliance agent
automatically discover the SonicWALL security appliance on the network. Otherwise, you must add
the SonicWALL security appliance to the list of SNMP-managed devices on the SNMP management
system.