Solved

Vmware management asssistant disable snmp access

Posted on 2013-06-10
3
1,104 Views
Last Modified: 2013-06-27
Our vulnerability system(QUALYS) reported the following for VMA 4.1U1 that we are having:  
EOL/Obsolete Software SNMP Version Detected (4) ,
THREAT:
Simple Network Management Protocol (SNMP) is an "Interrnet-standard protocol for managing devices on IP networks."
The authentication of clients of earlier versions of SNMP is performed only by a "community string", in effect a type of password, which is
transmitted in cleartext.
All Servers Vulnerabilities by level page 29
The Internet Engineering Task Force (IETF) has designated SNMPv3 a full Internet standard, the highest maturity level for an RFC. It
considers earlier versions to be obsolete designating them ("Historic"). (http://www.ietf.org/rfc/rfc3410.txt)
IMPACT:
The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is
more vulnerable to viruses and other attacks.
SOLUTION:
Disable or remove SNMPv1/2c authentication. Use SNMP version 3 authentication

Open in new window


If I understand properly there is snmp clinet which is running on the linux system and it accept communications through old snmp protocol.

Could you help me how to fix the issue.
0
Comment
Question by:dedri
  • 2
3 Comments
 
LVL 117
ID: 39234815
Try replacing with vMA 5.1

https://my.vmware.com/web/vmware/details?downloadGroup=VSP510-VMA-510&productId=285

Do not be surprised if you also get alarms with 5.1.
0
 

Author Comment

by:dedri
ID: 39234843
any idea how to fix the problem?
0
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 39234909
Again, there may not be an issue, other than what is being observed by your over zealous scanner, other than upgrade to a later version of vMA 5.1, I do not believe updates are available for vMA.

What is the risk to your organization, that this get's red flagged?

It's highly likely that vMA 4.1 does not supported v3 of SNMP, are you using SNMP in the vMA 4.x appliance, if not disable it.

SNMP has been removed from vMA 5.x. It's no longer supported.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This article is an update and follow-up of my previous article:   Storage 101: common concepts in the IT enterprise storage This time, I expand on more frequently used storage concepts.
In this article, I show you step by step with screenshots to assist you - HOW TO: Deploy and Install the VMware vCenter Server Appliance 6.5 (VCSA 6.5), with some helpful tips along the way.
Teach the user how to configure vSphere Replication and how to protect and recover VMs Open vSphere Web Client: Verify vsphere Replication is enabled: Enable vSphere Replication for a virtual machine: Verify replicated VM is created: Recover replica…
Teach the user how to install and configure the vCenter Orchestrator virtual appliance Open vSphere Web Client: Deploy vCenter Orchestrator virtual appliance OVA file: Verify vCenter Orchestrator virtual appliance boots successfully: Connect to the …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now