Description
NethSecurity should provide a simple and minimal UI to configure SNMP monitoring.
At the moment, SNMP can be configured manually on the underlying system, but there is no dedicated UI to enable and manage it easily. This makes the feature less accessible for users who need to integrate NethSecurity with monitoring platforms such as Zabbix, LibreNMS, PRTG, Centreon, Nagios/Icinga, or similar tools.
The UI should focus only on the essential configuration needed to expose monitoring data safely, without trying to expose the full complexity of snmpd.
The feature should support both:
- SNMP v2c, for compatibility with existing monitoring systems.
- SNMP v3, as the recommended and more secure option.
The UI should be minimal, clear, and security-oriented. SNMP should be disabled by default and, when enabled, access should be restricted to explicitly configured source IPs or networks.
Expected behavior
The SNMP page should allow the administrator to:
-
Enable or disable the SNMP service.
-
Select the SNMP version:
-
Configure the minimum required credentials.
-
Define the source IPs or networks allowed to query SNMP.
-
Select the interfaces or zones where SNMP should be reachable.
-
Keep the configuration read-only from the SNMP client perspective.
Security requirements
The UI should avoid unsafe defaults:
- SNMP must be disabled by default.
- SNMP access from WAN should be discouraged or blocked unless explicitly configured.
- SNMP v2c should not allow weak default communities such as
public or private.
- Source IP or source network should be mandatory.
- SNMP v3 should be presented as the recommended option.
- Read/write SNMP access should not be exposed in the basic UI.
Proposed UI approach
The page should not expose all low-level snmpd options. It should provide only a small set of fields required for common monitoring scenarios.
Components
NethSecurity 8.7.2.
Description
NethSecurity should provide a simple and minimal UI to configure SNMP monitoring.
At the moment, SNMP can be configured manually on the underlying system, but there is no dedicated UI to enable and manage it easily. This makes the feature less accessible for users who need to integrate NethSecurity with monitoring platforms such as Zabbix, LibreNMS, PRTG, Centreon, Nagios/Icinga, or similar tools.
The UI should focus only on the essential configuration needed to expose monitoring data safely, without trying to expose the full complexity of
snmpd.The feature should support both:
The UI should be minimal, clear, and security-oriented. SNMP should be disabled by default and, when enabled, access should be restricted to explicitly configured source IPs or networks.
Expected behavior
The SNMP page should allow the administrator to:
Enable or disable the SNMP service.
Select the SNMP version:
Configure the minimum required credentials.
Define the source IPs or networks allowed to query SNMP.
Select the interfaces or zones where SNMP should be reachable.
Keep the configuration read-only from the SNMP client perspective.
Security requirements
The UI should avoid unsafe defaults:
publicorprivate.Proposed UI approach
The page should not expose all low-level
snmpdoptions. It should provide only a small set of fields required for common monitoring scenarios.Components
NethSecurity 8.7.2.