Device > Server Profiles > SNMP Trap
Table of Contents
Expand all | Collapse all
-
- Objects > Addresses
- Objects > Address Groups
- Objects > Regions
- Objects > Dynamic User Groups
- Objects > Application Groups
- Objects > Application Filters
- Objects > Services
- Objects > Service Groups
- Objects > External Dynamic Lists
- Objects > Custom Objects > Spyware/Vulnerability
- Objects > Custom Objects > URL Category
- Objects > Security Profiles > Antivirus
- Objects > Security Profiles > Anti-Spyware Profile
- Objects > Security Profiles > Vulnerability Protection
- Objects > Security Profiles > File Blocking
- Objects > Security Profiles > WildFire Analysis
- Objects > Security Profiles > Data Filtering
- Objects > Security Profiles > DoS Protection
- Objects > Security Profiles > GTP Protection
- Objects > Security Profiles > SCTP Protection
- Objects > Security Profile Groups
- Objects > Log Forwarding
- Objects > Authentication
- Objects > Decryption > Forwarding Profile
- Objects > Schedules
-
-
- Firewall Interfaces Overview
- Common Building Blocks for Firewall Interfaces
- Common Building Blocks for PA-7000 Series Firewall Interfaces
- Tap Interface
- HA Interface
- Virtual Wire Interface
- Virtual Wire Subinterface
- PA-7000 Series Layer 2 Interface
- PA-7000 Series Layer 2 Subinterface
- PA-7000 Series Layer 3 Interface
- Layer 3 Interface
- Layer 3 Subinterface
- Log Card Interface
- Log Card Subinterface
- Decrypt Mirror Interface
- Aggregate Ethernet (AE) Interface Group
- Aggregate Ethernet (AE) Interface
- Network > Interfaces > VLAN
- Network > Interfaces > Loopback
- Network > Interfaces > Tunnel
- Network > Interfaces > SD-WAN
- Network > VLANs
- Network > Virtual Wires
-
- Network > Network Profiles > GlobalProtect IPSec Crypto
- Network > Network Profiles > IPSec Crypto
- Network > Network Profiles > IKE Crypto
- Network > Network Profiles > Monitor
- Network > Network Profiles > Interface Mgmt
- Network > Network Profiles > QoS
- Network > Network Profiles > LLDP Profile
- Network > Network Profiles > SD-WAN Interface Profile
-
-
- Device > Setup
- Device > Setup > Management
- Device > Setup > Interfaces
- Device > Setup > Telemetry
- Device > Setup > Content-ID
- Device > Setup > WildFire
- Device > Log Forwarding Card
- Device > Config Audit
- Device > Administrators
- Device > Admin Roles
- Device > Access Domain
- Device > Authentication Sequence
-
- Security Policy Match
- QoS Policy Match
- Authentication Policy Match
- Decryption/SSL Policy Match
- NAT Policy Match
- Policy Based Forwarding Policy Match
- DoS Policy Match
- Routing
- Test Wildfire
- Threat Vault
- Ping
- Trace Route
- Log Collector Connectivity
- External Dynamic List
- Update Server
- Test Cloud Logging Service Status
- Test Cloud GP Service Status
- Device > Virtual Systems
- Device > Shared Gateways
- Device > Certificate Management
- Device > Certificate Management > Certificate Profile
- Device > Certificate Management > OCSP Responder
- Device > Certificate Management > SSL/TLS Service Profile
- Device > Certificate Management > SCEP
- Device > Certificate Management > SSL Decryption Exclusion
- Device > Response Pages
- Device > Server Profiles
- Device > Server Profiles > SNMP Trap
- Device > Server Profiles > Syslog
- Device > Server Profiles > Email
- Device > Server Profiles > HTTP
- Device > Server Profiles > NetFlow
- Device > Server Profiles > RADIUS
- Device > Server Profiles > TACACS+
- Device > Server Profiles > LDAP
- Device > Server Profiles > Kerberos
- Device > Server Profiles > SAML Identity Provider
- Device > Server Profiles > DNS
- Device > Server Profiles > Multi Factor Authentication
- Device > Local User Database > Users
- Device > Local User Database > User Groups
- Device > Scheduled Log Export
- Device > Software
- Device > Dynamic Updates
- Device > Licenses
- Device > Support
-
- Network > GlobalProtect > MDM
- Network > GlobalProtect > Device Block List
- Network > GlobalProtect > Clientless Apps
- Network > GlobalProtect > Clientless App Groups
- Objects > GlobalProtect > HIP Profiles
-
- Use the Panorama Web Interface
- Context Switch
- Panorama Commit Operations
- Defining Policies on Panorama
- Log Storage Partitions for a Panorama Virtual Appliance in Legacy Mode
- Panorama > Setup > Interfaces
- Panorama > High Availability
- Panorama > Administrators
- Panorama > Admin Roles
- Panorama > Access Domains
- Panorama > Device Groups
- Panorama > Plugins
- Panorama > Log Ingestion Profile
- Panorama > Log Settings
- Panorama > Scheduled Config Export
End-of-Life (EoL)
Device > Server Profiles > SNMP Trap
Simple Network Management Protocol (SNMP) is a standard
protocol for monitoring the devices on your network. To alert you
to system events or threats on your network, monitored devices send
SNMP traps to SNMP managers (trap servers). Select DeviceServer ProfilesSNMP Trap or PanoramaServer ProfilesSNMP Trap to configure the
server profile that enables the firewall or Panorama to send traps
to the SNMP managers. To enable SNMP GET messages (statistics requests
from an SNMP manager), see Enable
SNMP Monitoring.
After creating the server profile, you must specify which log
types will trigger the firewall to send SNMP traps (Device
> Log Settings). For a list of the MIBs that you must load
into the SNMP manager so it can interpret traps, see Supported MIBs
.
Don’t delete a server profile that any system log setting
or logging profile uses.
SNMP Trap Server
Profile Settings | Description |
---|---|
Name | Enter a name for the SNMP profile (up to
31 characters). The name is case-sensitive and must be unique. Use
only letters, numbers, spaces, hyphens, and underscores. |
Location | Select the scope in which the profile is
available. In the context of a firewall that has more than one virtual
system (vsys), select a vsys or select Shared (all
virtual systems). In any other context, you can’t select the Location;
its value is predefined as Shared (firewalls) or as Panorama.
After you save the profile, you can’t change its Location. |
Version | Select the SNMP version: V2c (default) or V3.
Your selection controls the remaining fields that the dialog displays.
For either version, you can add up to four SNMP managers. Use SNMPv3, which provides authentication
and other features to keep network connections secure. |
For SNMP V2c | |
Name | Specify a name for the SNMP manager. The
name can have up to 31 characters that are alphanumeric, periods,
underscores, or hyphens. |
SNMP Manager | Specify the FQDN or IP address of the SNMP
manager. |
Community | Enter the community string, which identifies
an SNMP community of SNMP managers and monitored devices
and also serves as a password to authenticate the community members
to each other during trap forwarding. The string can have up to
127 characters, accepts all characters, and is case-sensitive. Don’t use default community strings (don’t
set the community string to public or private).
Use unique community strings, which avoids conflicts if you use
multiple SNMP services. Because SNMP messages contain community
strings in clear text, consider the security requirements of your
network when defining community membership (administrator access). |
For SNMP V3 | |
Name | Specify a name for the SNMP manager. The
name can have up to 31 characters that are alphanumeric, periods,
underscores, or hyphens. |
SNMP Manager | Specify the FQDN or IP address of the SNMP
manager. |
User | Specify a username to identify the SNMP
user account (up to 31 characters). The username you configure on
the firewall must match the username configured on the SNMP manager. |
EngineID |
Specify the engine ID of the firewall. When an SNMP manager and the
firewall authenticate to each other, trap messages use this value to
uniquely identify the firewall. If you leave the field blank, the
messages use the firewall serial number as the
EngineID. If you enter a value, it must
be in hexadecimal format, prefixed with 0x, and with another 10-128
characters to represent any number of 5-64 bytes (2 characters per
byte). For firewalls in a high availability (HA) configuration,
leave the field blank so that the SNMP manager can identify which HA
peer sent the traps; otherwise, the value is synchronized and both
peers will use the same EngineID.
|
Auth Password | Specify the authentication password of the
SNMP user. The firewall uses the password to authenticate to the
SNMP manager. The firewall uses Secure Hash Algorithm (SHA-1 160)
to encrypt the password. The password must be 8–256 characters and
all characters are allowed. |
Priv Password | Specify the privacy password of the SNMP
user. The firewall uses the password and Advanced Encryption Standard
(AES-128) to encrypt traps. The password must be 8–256 characters
and all characters are allowed. |