After the SNMP blacklist function is enabled, if an SNMP user fails to connect to the device, the IP address used by the user is recorded in the SNMP blacklist on the device; that is, the IP address is locked. Within the locking period, the SNMP user cannot connect to the device.
If the connection fails to be established several times in succession, the device locks the IP address for 8 seconds on the first attempt, 16 seconds on the second attempt, and 32 seconds on the third attempt. Any subsequent failed attempts result in the IP address being locked for 5 minutes. When the locking period arrives, the IP address is automatically unlocked.
After the SNMP blacklist function is disabled, the IP addresses of SNMP users who fail to connect to the device are not locked. The device is vulnerable to attacks and cracking by unauthorized users, affecting device security. Therefore, you are advised to enable the IP blacklist function.