Currently the NFA console for version 9.2.1 does not support SNMPv3 for the watchdog process. This does not comply with internal corporate security standards and we have been asked to get this issue addressed with the vendor (CA).
I've moved this idea, and your other idea (MYSQL Communications need to be encrypted to comply with security standards), to the CA Infrastructure Management community under the NFA category, where it's more likely that Product Management will see them.
Thanks for the assistance. First time submitting and idea I rushed the training video.
A nice thing would be to have the option to pick from the existing SNMP Profiles listed. I assume you are using something like NuDesign to get v3 supportability on Windows?
Having SNMPv1/SNMPv2 enabled and in use passes the community string (password) in the clear, and anyone with a sniffer trace can learn it an exploit it for all available SNMP information on NetQos devices. It is very outdated to not support the encrypted and authenticated SNMPv3 which is the current industry standard.
Great idea, but I don’t think it is easy to implement. Microsoft does not have SNMP v3 native support.
Principal Consultant, Technical Sales
Thanks for taking the time to acknowledge my request. My take is that security isn’t always (if ever) easy. I’m pretty sure ‘easy’ leads to insecure systems and security holes. Note that your CA product SystemEDGE SNMP agent does support SNMPv3, so thanks for that. So right now the CA Netqos/Netflow product does not work with the CA SystemEDGE product SNMPv3. I wish it did. You could include SystemEDGE agent with the Netflow bundle, that would be a solution. It seems we should open an SNMPv3 software request with Microsoft as well then. Of course, ultimately that may mean that customers may buy less CA SystemEDGE agents if the approach to get SNMPv3 capability is from Microsoft/OEM.
As the last update is quite old:
Are there any news on this? My customer has this requirement too.
Retrieving data ...