(Optional) Configuring SNMPv3 Anti-Attack

To defense against a user's attack on other users' passwords, configuring the SNMPv3 blacklist function to improve security.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run undo snmp-agent blacklist ip-block disable

    The blacklist function for an IP address is enabled.

  3. Run undo snmp-agent blacklist user-block disable

    The blacklist function for an SNMPv3 user is enabled.

  4. Run snmp-agent blacklist user-block failed-times failed-times period period-time

    The maximum number of consecutive authentication failures allowed for an SNMPv3 user is configured.

  5. Run snmp-agent blacklist user-block reactive reactive-time

    The locking period for an SNMPv3 user is configured after the user's authentication failures exceed a specified number of consecutive times.

    After the period of time elapses, the user is automatically unlocked and can continue to be authenticated.

    To unlock users during the locking period, run the snmp-agent activateusm-user user-name [ remote-engineid remote-engineid ] command.

  6. Run commit

    The configuration is committed.

Parent Topic: Configuring a Device to Communicate with an NMS Using SNMPv3 USM User
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >