Server Management - Systems Insight Manager
cancel
Showing results for 
Search instead for 
Did you mean: 

Security Concern

Mike Ng
Advisor

Security Concern

Hi,

I am using both Win2K and Windows 2003 for my managed system. Under Services, SNMP Properties, Agent tab. There are options for

Physical
Applications
Datalink and subnetwork
Internet
End-to-end

What are they and whether we need them ? Thanks.

My purpose is for security reason, and will tick only the bare minimum. Pls see attached file.

Thanks.
4 REPLIES
Daniel Leblanc
Honored Contributor

Re: Security Concern

Physical: Specifies that the computer manages any physical TCP/IP devices, such as a hard disk partition or a repeater.


Applications: Specifies whether this computer uses any programs that send data by using TCP/IP, such as electronic mail.

Datalink and subnetwork: Specifies whether this computer manages a TCP/IP subnetwork or datalink, such as a bridge.

Internet: Specifies whether this computer acts as an IP gateway (router).

End-to-end: Specifies whether this computer acts as an IP host.


NOTE: If you have installed additional TCP/IP network devices, such as a switch or a router, you should view the following RFC 1213 Web site for additional information:


IF you want more info go to Microsoft web site
http://support.microsoft.com/default.aspx?scid=kb;en-us;q315154&sd=tech
or
http://support.microsoft.com/default.aspx?scid=kb;en-us;324263
Mike Ng
Advisor

Re: Security Concern

Thanks, Daniel.

Let say, INTERNET is checked (specifies whether this computer acts as an IP gateway (router).

With this option checked, all TCP/IP traffic can make use of this server to pass thru traffic, which is what we do not want as it impact performance and for security concern (hacking).

Can u give insight into this few option. Thanks.




Craig McK
Trusted Contributor

Re: Security Concern

Is this setting not just to specify that this is what the device does, as opposed to actually configuring it as a router/gateway?
Daniel Leblanc
Honored Contributor

Re: Security Concern

Look we all check this items,but we uses SNMP+IPsec(using KerberoseV5 incryption), so ever goes over 161/162 port is secure.