Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

PCM 2.0 Telnet during discovery

Les Ligetfalvy
Esteemed Contributor

PCM 2.0 Telnet during discovery

It is very disconcerting to see that PCM+ 2.0 now TELNETs in to all my switches many times a day. I view TELNET as a convenient but evil tool because of the low security. I realize SSH is gaining support and that some switches support management VLANs, but I really dislike that I am now forced to deploy those security measures immediately rather than as my time allows.

I can take the measured risk of using telnet on rare occasions because the odds of someone intercepting session packets are rare but when PCM does it on a scheduled basis many times a day to many devices, the odds become astronomical. Mine is just a small network but I can just imagine the risk that larger install bases will face. Large networks present greater opportunities for traffic to be intercepted.

I also monitor for (log) and alert on telnet access but not all switch models (like the 2524) return the source IP, so I cannot filter out PCM telnet from other telnet sources. Also, my logs are now filling up with the "noise" of all these events that I need to parse through looking for anomalies.

Is nobody else bothered by this?
4 REPLIES
Preston Gallwas
Valued Contributor

Re: PCM 2.0 Telnet during discovery

Les, I have all of our stack commanders to report 'ALL' to PCM, and I havent seen the TELNET Logins reported back to PCM, unless I go into the switch and and use stack access (at which point) I see that.

Of course, it could be because my discovery was not working because the CPU is being pegged by the sql piece :(
Mohamed Hamedi
Respected Contributor

Re: PCM 2.0 Telnet during discovery

Hi Les,

I can't imagine why PCM would need to telnet during discovery. My guess would be this is something else, maybe scheduled Config scan or another policy that you might have set.

But i am pretty positive that the Discovery uses SNMP.
Les Ligetfalvy
Esteemed Contributor

Re: PCM 2.0 Telnet during discovery

Mohamed,
During beta testing, I did pose the question to the beta team and while I generally keep confidential our discussions, here is the confirmation given to me.

Yes, PCM will telnet to its managed devices several times a day due the various phases of discovery. Some of these discovery phases use a CLI session to access the data they are collecting because it is not available via SNMP.

I am positive that the Discovery uses SNMP too, only not exclusively. You could of course, install PCM2 and see for yourself.
Mohamed Hamedi
Respected Contributor

Re: PCM 2.0 Telnet during discovery

Ahhh, yes, i think this is true to do VLAN discovery i think.