On the Management > SNMP > Query page you can enable the usage of SNMP queries.
To configure SNMP queries, proceed as follows:
Enable SNMP Queries.
Click the toggle switch.
The sections SNMP Version and SNMP Access Control become editable.
Select the SNMP version.
In the SNMP Version section, select a version from the drop-down list. SNMP version 3 requires authentication.
Select allowed networks.
Networks listed in the Allowed Networks box are able to query the SNMP agent running on Sophos UTM on AWS. You should only add networks to the Allowed Networks that will query the SNMP agent, it is not advisable to add any none private networks to the list. Note that the access is always read-only.
Community string: When using version 2, enter a community string. An SNMP community string acts as a password that is used to protect access to the SNMP agent. By default, the SNMP community string is "public", but you can change it to any setting that best suits your needs.
Note – Allowed characters for the community string are: (a-z), (A-Z), (0-9), (+), (_), (@), (.), (-), (blank).
- Username/Password: When using version 3, authentication is required. Enter a username and password (second time for verification) to enable the remote administrator to send queries. The password must have at least eight characters. SNMPv3 uses SHA-1 for authentication and AES-128 for encryption. Note that username and password are used for both of them.
Your settings will be saved.
Furthermore, you can enter additional information about Sophos UTM on AWS.
The Device Information text boxes can be used to specify additional information about Sophos UTM on AWS such as its name, location, and administrator. This information can be read by SNMP management tools to help identify Sophos UTM on AWS.
Note – All SNMP traffic (protocol version 2) between Sophos UTM on AWS and the Allowed Networks is not encrypted and can be read during the transfer over public networks.
Astaro Notifier MIB
This section allows you to download the Astaro MIB which contains the definitions of the Sophos UTM on AWS notification SNMP traps. For historical reasons the MIB uses the Astaro Private Enterprise Code (SNMPv2-SMI::enterprises.astaro).