Device > Server Profiles > SNMP Trap
Table of Contents
Expand all | Collapse all
-
- Firewall Overview
- Features and Benefits
- Last Login Time and Failed Login Attempts
- Message of the Day
- Task Manager
- Language
- Alarms
- Commit Changes
- Save Candidate Configurations
- Revert Changes
- Lock Configurations
- Global Find
- Threat Details
- AutoFocus Intelligence Summary
- Configuration Table Export
- Change Boot Mode
-
- Objects > Addresses
- Objects > Address Groups
- Objects > Regions
- Objects > Dynamic User Groups
- Objects > Application Groups
- Objects > Application Filters
- Objects > Services
- Objects > Service Groups
- Objects > Devices
- Objects > External Dynamic Lists
- Objects > Custom Objects > Spyware/Vulnerability
- Objects > Custom Objects > URL Category
- Objects > Security Profiles > Antivirus
- Objects > Security Profiles > Anti-Spyware Profile
- Objects > Security Profiles > Vulnerability Protection
- Objects > Security Profiles > File Blocking
- Objects > Security Profiles > WildFire Analysis
- Objects > Security Profiles > Data Filtering
- Objects > Security Profiles > DoS Protection
- Objects > Security Profiles > Mobile Network Protection
- Objects > Security Profiles > SCTP Protection
- Objects > Security Profile Groups
- Objects > Log Forwarding
- Objects > Authentication
- Objects > Packet Broker Profile
- Objects > Schedules
-
-
- Firewall Interfaces Overview
- Common Building Blocks for Firewall Interfaces
- Common Building Blocks for PA-7000 Series Firewall Interfaces
- Tap Interface
- HA Interface
- Virtual Wire Interface
- Virtual Wire Subinterface
- PA-7000 Series Layer 2 Interface
- PA-7000 Series Layer 2 Subinterface
- PA-7000 Series Layer 3 Interface
- Layer 3 Interface
- Layer 3 Subinterface
- Log Card Interface
- Log Card Subinterface
- Decrypt Mirror Interface
- Aggregate Ethernet (AE) Interface Group
- Aggregate Ethernet (AE) Interface
- Network > Interfaces > VLAN
- Network > Interfaces > Loopback
- Network > Interfaces > Tunnel
- Network > Interfaces > SD-WAN
- Network > VLANs
- Network > Virtual Wires
-
- Network > Routing > Logical Routers > General
- Network > Routing > Logical Routers > Static
- Network > Routing > Logical Routers > OSPF
- Network > Routing > Logical Routers > OSPFv3
- Network > Routing > Logical Routers > RIPv2
- Network > Routing > Logical Routers > BGP
- Network > Routing > Logical Routers > Multicast
-
- Network > Routing > Routing Profiles > BGP
- Network > Routing > Routing Profiles > BFD
- Network > Routing > Routing Profiles > OSPF
- Network > Routing > Routing Profiles > OSPFv3
- Network > Routing > Routing Profiles > RIPv2
- Network > Routing > Routing Profiles > Filters
- Network > Routing > Routing Profiles > Multicast
-
- Network > Network Profiles > GlobalProtect IPSec Crypto
- Network > Network Profiles > IPSec Crypto
- Network > Network Profiles > IKE Crypto
- Network > Network Profiles > Monitor
- Network > Network Profiles > Interface Mgmt
- Network > Network Profiles > QoS
- Network > Network Profiles > LLDP Profile
- Network > Network Profiles > SD-WAN Interface Profile
-
-
- Device > Setup
- Device > Setup > Management
- Device > Setup > Interfaces
- Device > Setup > Telemetry
- Device > Setup > Content-ID
- Device > Setup > WildFire
- Device > Setup > ACE
- Device > Setup > DLP
- Device > Log Forwarding Card
- Device > Config Audit
- Device > Administrators
- Device > Admin Roles
- Device > Access Domain
- Device > Authentication Sequence
- Device > Device Quarantine
-
- Security Policy Match
- QoS Policy Match
- Authentication Policy Match
- Decryption/SSL Policy Match
- NAT Policy Match
- Policy Based Forwarding Policy Match
- DoS Policy Match
- Routing
- Test Wildfire
- Threat Vault
- Ping
- Trace Route
- Log Collector Connectivity
- External Dynamic List
- Update Server
- Test Cloud Logging Service Status
- Test Cloud GP Service Status
- Device > Virtual Systems
- Device > Shared Gateways
- Device > Certificate Management
- Device > Certificate Management > Certificate Profile
- Device > Certificate Management > OCSP Responder
- Device > Certificate Management > SSL/TLS Service Profile
- Device > Certificate Management > SCEP
- Device > Certificate Management > SSL Decryption Exclusion
- Device > Certificate Management > SSH Service Profile
- Device > Response Pages
- Device > Server Profiles
- Device > Server Profiles > SNMP Trap
- Device > Server Profiles > Syslog
- Device > Server Profiles > Email
- Device > Server Profiles > HTTP
- Device > Server Profiles > NetFlow
- Device > Server Profiles > RADIUS
- Device > Server Profiles > SCP
- Device > Server Profiles > TACACS+
- Device > Server Profiles > LDAP
- Device > Server Profiles > Kerberos
- Device > Server Profiles > SAML Identity Provider
- Device > Server Profiles > DNS
- Device > Server Profiles > Multi Factor Authentication
- Device > Local User Database > Users
- Device > Local User Database > User Groups
- Device > Scheduled Log Export
- Device > Software
- Device > Dynamic Updates
- Device > Licenses
- Device > Support
- Device > Policy Recommendation > IoT
- Device > Policy > Recommendation SaaS
-
- Network > GlobalProtect > MDM
- Network > GlobalProtect > Clientless Apps
- Network > GlobalProtect > Clientless App Groups
- Objects > GlobalProtect > HIP Profiles
-
- Use the Panorama Web Interface
- Context Switch
- Panorama Commit Operations
- Defining Policies on Panorama
- Log Storage Partitions for a Panorama Virtual Appliance in Legacy Mode
- Panorama > Setup > Interfaces
- Panorama > High Availability
- Panorama > Administrators
- Panorama > Admin Roles
- Panorama > Access Domains
- Panorama > Device Groups
- Panorama > Plugins
- Panorama > Log Ingestion Profile
- Panorama > Log Settings
- Panorama > Server Profiles > SCP
- Panorama > Scheduled Config Export
- Panorama > Device Registration Auth Key
Device > Server Profiles > SNMP Trap
Simple Network Management Protocol (SNMP) is a standard
protocol for monitoring the devices on your network. To alert you
to system events or threats on your network, monitored devices send
SNMP traps to SNMP managers (trap servers). Select DeviceServer ProfilesSNMP Trap or PanoramaServer ProfilesSNMP Trap to configure the
server profile that enables the firewall or Panorama to send traps
to the SNMP managers. To enable SNMP GET messages (statistics requests
from an SNMP manager), see Enable
SNMP Monitoring.
After creating the server profile, you must specify which log
types will trigger the firewall to send SNMP traps (Device
> Log Settings). For a list of the MIBs that you must load
into the SNMP manager so it can interpret traps, see Supported MIBs
.
Don’t delete a server profile that any system log setting
or logging profile uses.
SNMP Trap Server Profile
Settings | Description |
---|---|
Name | Enter a name for the SNMP profile (up to
31 characters). The name is case-sensitive and must be unique. Use
only letters, numbers, spaces, hyphens, and underscores. |
Location | Select the scope in which the profile is
available. In the context of a firewall that has more than one virtual
system (vsys), select a vsys or select Shared (all
virtual systems). In any other context, you can’t select the Location;
its value is predefined as Shared (firewalls) or as Panorama.
After you save the profile, you can’t change its Location. |
Version | Select the SNMP version: V2c (default)
or V3. Your selection controls the remaining
fields that the dialog displays. For either version, you can add
up to four SNMP managers. Use SNMPv3,
which provides authentication and other features to keep network
connections secure. |
For SNMP V2c | |
Name | Specify a name for the SNMP manager. The
name can have up to 31 characters that are alphanumeric, periods,
underscores, or hyphens. |
SNMP Manager | Specify the FQDN or IP address of the SNMP
manager. |
Community | Enter the community string, which identifies
an SNMP community of SNMP managers and monitored devices
and also serves as a password to authenticate the community members
to each other during trap forwarding. The string can have up to
127 characters, accepts all characters, and is case-sensitive. Don’t use default community strings (don’t
set the community string to public or private).
Use unique community strings, which avoids conflicts if you use
multiple SNMP services. Because SNMP messages contain community
strings in clear text, consider the security requirements of your
network when defining community membership (administrator access). |
For SNMP V3 | |
Name | Specify a name for the SNMP manager. The
name can have up to 31 characters that are alphanumeric, periods,
underscores, or hyphens. |
SNMP Manager | Specify the FQDN or IP address of the SNMP
manager. |
User | Specify a username to identify the SNMP
user account (up to 31 characters). The username you configure on
the firewall must match the username configured on the SNMP manager. |
EngineID | Specify the engine ID of the firewall. When
an SNMP manager and the firewall authenticate to each other, trap
messages use this value to uniquely identify the firewall. If you
leave the field blank, the messages use the firewall serial number
as the EngineID. If you enter a value, it
must be in hexadecimal format, prefixed with 0x, and with another
10-128 characters to represent any number of 5-64 bytes (2 characters
per byte). For firewalls in a high availability (HA) configuration,
leave the field blank so that the SNMP manager can identify which
HA peer sent the traps; otherwise, the value is synchronized and
both peers will use the same EngineID. |
Auth Password | Specify the authentication password of the
SNMP user. The firewall uses the password to authenticate to the
SNMP manager. The password must be 8–256 characters and all characters
are allowed. |
Priv Password | Specify the privacy password of the SNMP
user. The password must be 8–256 characters and all characters are
allowed. |
Authentication Protocol | Select the Secured Hash Algorithm (SHA)
for the SNMP manager password. You can select SHA-1, SHA-224, SHA-256, SHA-384,
or SHA-512. |
Privacy Protocol | Select the Advanced Encryption Standard
(AES) for SNMP traps and responses to statistics requests. You can
select AES-128, AES-192, or AES-256. |