SNMP Support


Overview

SNMP is a networking protocol that can be used to monitor network-attached Mercury hardware. SNMP allows for the retrieval of management data in the form of variables on the managed systems. These variables can be queried with GET commands (and sometimes set) by command line applications such as SNMP “walkers” as well as networking software such as GetIF that comes with a graphical user interface.

Mercury hardware does not currently support SET or TRAP functions but has variables that can be retrieved and displayed to the administrator. GetIF also displays the device’s up-time; the time since last reset. 

SNMP support was re-enabled starting in 1.17.0 EP firmware. Mercury Security's Private Enterprise Number (PEN) is 40334 (http://www.iana.org/assignments/enterprise-numbers).

SNMP Version and Implementation

  • SNMP will be enabled/disabled through the use of a checkbox in the web configuration page.
  • When an SNMP v2c user is defined, the default community string “public” will be replaced with the cName defined in the 2250 command (this applies to both EP and MPL products)
  • EP products will only support SNMP v1 and SNMP v2c
  • EP products will only support 1 SNMP v2c user
  • EP Linux products (EP-4502) will support SNMP v2c and/or SNMP v3
  • MPL products (EP-4502) will support up to 2 SNMP users (1) v2c and (1) v3 user
  • MPL products (EP-4502) will support the following SNMP v3 security options ( authNoPriv or authPriv) 

Disabling SNMP

SNMP can be disabled on the Mercury controllers if needed for security reasons. The web configuration Users page has a checkbox labeled "Disable SNMP" that can be used to turn off SNMP. By default SNMP is enabled.

Example

Here is an example of GetIF returning the system variable information for an EP1502 Mercury controller on the network. To select which host to retrieve the variables off of, specify the IP address in the host name dialog box outlined in red below. The IP address of this particular EP1502 is 192.168.1.199. Each variable is automatically filled into a text box that has the corresponding label next to it. Along with a description of the device, the SysDescr (system description) variable also returns the firmware build
number that is running on the device. The OEM code in SysContact will change based on the partner’s ID. SysUpTime shows the amount of time since the board’s last reboot. The SysObjectID shows that Mercury Security has OIDs registered under the enterprise number 40334.

GetIf Utility

GetIF also supports a Management Information Base (MIB) browser that can get even more system variables from the device. These other variables include things such as the MAC address (.iso.1.1.3.6.1.2.1.2.2.1.6.2), subnet mask (.iso.1.1.3.6.1.2.1.4.20.1.3.192.168.1.199), etc. 


  • 609
  • 23-Oct-2017
  • 2147 Views