Fortinet Document Library

Version:


Table of Contents

2.0.0
Download PDF
Copy Link

SNMP

SNMP is a method for a FortiDeceptor system to monitor your FortiDeceptor system on your local computer. You will need an SNMP agent on your computer to read the SNMP information.

Using SNMP, your FortiDeceptor system monitors for system events including CPU usage, memory usage, log disk space, interface changes, and malware detection. Go to System > SNMP to configure your FortiDeceptor system’s SNMP settings.

SNMP has two parts - the SNMP agent or the device that is sending traps, and the SNMP manager that monitors those traps. The SNMP communities on the monitored FortiDeceptor are hard coded and configured in the SNMP menu.

The FortiDeceptor SNMP implementation is read-only — SNMP v1, v2c, v3 compliant SNMP manager applications, such as those on your local computer, have read-only access to FortiDeceptor system information and can receive FortiDeceptor system traps.

From here you can also download FortiDeceptor and Fortinet core MIB files.

Configure the SNMP agent

The SNMP agent sends SNMP traps that originate on the FortiDeceptor system to an external monitoring SNMP manager defined in one of the FortiDeceptor SNMP communities. Typically, an SNMP manager is an application on a local computer that can read the SNMP traps and generate reports or graphs from them.

The SNMP manager can monitor the FortiDeceptor system to determine if it is operating properly, or if there are any critical events occurring. The description, location, and contact information for this FortiDeceptor system will be part of the information an SNMP manager will have. This information is useful if the SNMP manager is monitoring many devices, and it will enable faster responses when the FortiDeceptor system requires attention.

To configure SNMP agents:
  1. Go to System > SNMP to configure the SNMP agent.
  2. Configure the following settings:

    SNMP Agent

    Select to enable the FortiDeceptor SNMP agent. When this is enabled, it sends FortiDeceptor SNMP traps.

    Description

    Enter a description of this FortiDeceptor system to help uniquely identify this unit.

    Location

    Enter the location of this FortiDeceptor system to help find it in the event it requires attention.

    Contact

    Enter the contact information for the person in charge of this FortiDeceptor system.

    SNMP v1/v2c

    Create new, edit, or delete SNMP v1 and v2c communities. You can select to enable or disable communities in the edit page. The following columns are displayed: Community Name, Queries, Traps, Enable

    SNMP v3

    Create new, edit, or delete SNMP v3 entries. You can select to enable or disable queries in the edit page. The following columns are displayed: User Name, Security Level, Notification Host, Queries.

To create a new SNMP v1/v2c community:
  1. Go to System > SNMP.
  2. In the SNMP v1/v2c section of the screen, select Create New from the toolbar.
  3. Configure the following settings:

    Enable

    Select to enable the SNMP community.

    Community Name

    Enter a name to identify the SNMP community.

    Hosts

    The list of hosts that can use the settings in this SNMP community to monitor the FortiDeceptor system.

     

    IP/Netmask

    Enter the IP address and netmask of the SNMP hosts. Select the Add button to add additional hosts.

    Queries v1

    Enter the port number and select to enable. Enable queries for each SNMP version that the FortiDeceptor system uses.

    Queries v2c

    Enter the port number and select to enable. Enable queries for each SNMP version that the FortiDeceptor system uses.

    Traps v1

    Enter the local port number, remote port number, and select to enable. Enable traps for each SNMP version that the FortiDeceptor system uses.

    Traps v2c

    Enter the local port number, remote port number, and select to enable. Enable traps for each SNMP version that the FortiDeceptor system uses.

    SNMP Events

    Enable the events that will cause the FortiDeceptor unit to send SNMP traps to the community.

    • CPU usage is high
    • Memory is low
    • Log disk space is low
    • Incident is detected

    • Power supply failure

  4. Select OK to create the SNMP community.
To create a new SNMP v3 user:
  1. Go to System > SNMP.
  2. In the SNMP v3 section of the screen select Create New from the toolbar.
  3. Configure the following settings:

    Username

    Enter the name of the SNMPv3 user.

    Security Level

    Select the security level of the user. Select one of the following:

    • None
    • Authentication only
    • Encryption and authentication

    Authentication

    Authentication is required when Security Level is either Authentication only or Encryption and authentication.

     

    Method

    Select the authentication method. Select either: 

    • MD5 (Message Digest 5 algorithm)
    • SHA1 (Secure Hash algorithm)

     

    Password

    Enter the authentication password. The password must be a minimum of 8 characters.

    Encryption

    Encryption is required when Security Level is Encryption and authentication.

     

    Method

    Select the encryption method, either DES or AES.

     

    Key

    Enter the encryption key. The encryption key value must be a minimum of 8 characters.

    Notification Hosts (Traps)

     

    IP/Netmask

    Enter the IP address and netmask. Click the Add button to add additional hosts.

    Query

     

    Port

    Enter the port number. Select to Enable the query port.

    SNMP V3 Events

    Select the SNMP events that will be associated with that user. 

    • CPU usage is high
    • Memory is low
    • Log disk space is low
    • Incident is detected
    • Power supply failure
  4. Select OK to create the SNMP community.

MIB files

To download MIB files, scroll to the bottom of the SNMP page, and select the MIB file that you would like to download to your management computer.

SNMP

SNMP is a method for a FortiDeceptor system to monitor your FortiDeceptor system on your local computer. You will need an SNMP agent on your computer to read the SNMP information.

Using SNMP, your FortiDeceptor system monitors for system events including CPU usage, memory usage, log disk space, interface changes, and malware detection. Go to System > SNMP to configure your FortiDeceptor system’s SNMP settings.

SNMP has two parts - the SNMP agent or the device that is sending traps, and the SNMP manager that monitors those traps. The SNMP communities on the monitored FortiDeceptor are hard coded and configured in the SNMP menu.

The FortiDeceptor SNMP implementation is read-only — SNMP v1, v2c, v3 compliant SNMP manager applications, such as those on your local computer, have read-only access to FortiDeceptor system information and can receive FortiDeceptor system traps.

From here you can also download FortiDeceptor and Fortinet core MIB files.

Configure the SNMP agent

The SNMP agent sends SNMP traps that originate on the FortiDeceptor system to an external monitoring SNMP manager defined in one of the FortiDeceptor SNMP communities. Typically, an SNMP manager is an application on a local computer that can read the SNMP traps and generate reports or graphs from them.

The SNMP manager can monitor the FortiDeceptor system to determine if it is operating properly, or if there are any critical events occurring. The description, location, and contact information for this FortiDeceptor system will be part of the information an SNMP manager will have. This information is useful if the SNMP manager is monitoring many devices, and it will enable faster responses when the FortiDeceptor system requires attention.

To configure SNMP agents:
  1. Go to System > SNMP to configure the SNMP agent.
  2. Configure the following settings:

    SNMP Agent

    Select to enable the FortiDeceptor SNMP agent. When this is enabled, it sends FortiDeceptor SNMP traps.

    Description

    Enter a description of this FortiDeceptor system to help uniquely identify this unit.

    Location

    Enter the location of this FortiDeceptor system to help find it in the event it requires attention.

    Contact

    Enter the contact information for the person in charge of this FortiDeceptor system.

    SNMP v1/v2c

    Create new, edit, or delete SNMP v1 and v2c communities. You can select to enable or disable communities in the edit page. The following columns are displayed: Community Name, Queries, Traps, Enable

    SNMP v3

    Create new, edit, or delete SNMP v3 entries. You can select to enable or disable queries in the edit page. The following columns are displayed: User Name, Security Level, Notification Host, Queries.

To create a new SNMP v1/v2c community:
  1. Go to System > SNMP.
  2. In the SNMP v1/v2c section of the screen, select Create New from the toolbar.
  3. Configure the following settings:

    Enable

    Select to enable the SNMP community.

    Community Name

    Enter a name to identify the SNMP community.

    Hosts

    The list of hosts that can use the settings in this SNMP community to monitor the FortiDeceptor system.

     

    IP/Netmask

    Enter the IP address and netmask of the SNMP hosts. Select the Add button to add additional hosts.

    Queries v1

    Enter the port number and select to enable. Enable queries for each SNMP version that the FortiDeceptor system uses.

    Queries v2c

    Enter the port number and select to enable. Enable queries for each SNMP version that the FortiDeceptor system uses.

    Traps v1

    Enter the local port number, remote port number, and select to enable. Enable traps for each SNMP version that the FortiDeceptor system uses.

    Traps v2c

    Enter the local port number, remote port number, and select to enable. Enable traps for each SNMP version that the FortiDeceptor system uses.

    SNMP Events

    Enable the events that will cause the FortiDeceptor unit to send SNMP traps to the community.

    • CPU usage is high
    • Memory is low
    • Log disk space is low
    • Incident is detected

    • Power supply failure

  4. Select OK to create the SNMP community.
To create a new SNMP v3 user:
  1. Go to System > SNMP.
  2. In the SNMP v3 section of the screen select Create New from the toolbar.
  3. Configure the following settings:

    Username

    Enter the name of the SNMPv3 user.

    Security Level

    Select the security level of the user. Select one of the following:

    • None
    • Authentication only
    • Encryption and authentication

    Authentication

    Authentication is required when Security Level is either Authentication only or Encryption and authentication.

     

    Method

    Select the authentication method. Select either: 

    • MD5 (Message Digest 5 algorithm)
    • SHA1 (Secure Hash algorithm)

     

    Password

    Enter the authentication password. The password must be a minimum of 8 characters.

    Encryption

    Encryption is required when Security Level is Encryption and authentication.

     

    Method

    Select the encryption method, either DES or AES.

     

    Key

    Enter the encryption key. The encryption key value must be a minimum of 8 characters.

    Notification Hosts (Traps)

     

    IP/Netmask

    Enter the IP address and netmask. Click the Add button to add additional hosts.

    Query

     

    Port

    Enter the port number. Select to Enable the query port.

    SNMP V3 Events

    Select the SNMP events that will be associated with that user. 

    • CPU usage is high
    • Memory is low
    • Log disk space is low
    • Incident is detected
    • Power supply failure
  4. Select OK to create the SNMP community.

MIB files

To download MIB files, scroll to the bottom of the SNMP page, and select the MIB file that you would like to download to your management computer.