Configure the SNMP Agent on Security Server
Bitdefender Security Server is a dedicated virtual appliance running on an Ubuntu machine, which deduplicates and centralizes most of the antimalware functionality of antimalware agents, acting as a scan server.
Simple Network Management Protocol (SNMP) is used for collecting information from network devices such as servers, hubs, switches and routers on an Internet Protocol network. It is designed to have minimal transport requirements and to continue working when most other network applications fail. SNMP is collecting information such as CPU and RAM usage, server load, and traffic status on a network interface.
The SNMP agent is a program that is packaged within the network element. Enabling the agent allows it to collect the management information database from the device locally and makes it available to the SNMP manager, when it is queried for.
In typical uses of SNMP, one or more administrative computers called Managers have the task of monitoring or managing a group of hosts or devices on a computer network. Each managed system executes a software component called Agent, which reports information via SNMP to the Manager.
This article explains how to configure the SNMP Agent on Bitdefender Security Server to make possible the communication and information delivery to your SNMP Manager.
The SNMP package is present on the Security Server Multi-Platform starting with version 220.127.116.1105.
To configure the SNMP Agent on the Security Server:
- Log in to Security Server via SSH, using the root credentials or another user with administrative privileges, if set.
The default password for root is sve. We recommend changing it as soon as possible!
- Open the configuration file of the snmp daemon with the following command:
$ sudo nano /etc/snmp/snmpd.conf
- Change the agentAddress directive to allow all connections instead of only those originating from the local computer.
For this purpose, you need to comment out the first agentAddress line and uncomment the second one.
- Create a user named bootstrap to allow access from the SNMP Manager. For this purpose, insert the following line in the config file and replace the parameters with their actual values, as described in the table:
createUser bootstrap auth_type auth_password privacy_protocol encrypt_password
Parameter Description Value auth_type The authentication method to be used. MD5 or SHA auth_password The pass phrase used to authenticate the connection. It must be at least eight characters long. privacy_protocol The encryption method to be used. This parameter is optional. DES or AES encrypt_password The pass phrase used to encrypt communication. If missing, the authentication pass phrase will be used for the privacy protocol as well. It must be at least eight characters long.
createUser bootstrap MD5 MyAuthPassword DES
- Insert the following line to set up the user rights to read/write and enforce encryption:
rwuser bootstrap priv
- Save and close the file.
- Restart the snmpd service to apply the changes with the following command:
sudo service snmpd restart
if the SNMP Manager cannot connect, please try:
sudo service snmpd stop sudo service snmpd start
You should now be able to connect to the Security Server from the SNMP manager server.
By default, the SNMPD service starts manually. To start the service automatically when the Security Server restarts, run these commands:
# systemctl enable snmpd # systemctl start snmpd