Focal Point™ 2.1 SNMP Software (free of charge)

Download Focal Point™

Features

Focal Point Screen Shots

Management Security Features

See also:

Focal Point™ Data Sheet

Focal Point™ Intro Presentation

Focal Point™ Intro Flash Presentation

Focal Point™ FAQs

Focal Point™ Quick Installation Guide

Focal Point™ Complete Installation Manual

Point System™ offers a comprehensive approach to SNMP management security. It was designed with several levels of access protection to ensure that network management is accessible only to those who are authorized.

Password (a.k.a Community names)
Two levels of access privileges are password protected.

Read access (monitor ONLY) - a Community Name with a particular set of privileges to monitor the network without the right to change any of its configuration
Read/Write (View & make changes) - a Community Name with an extended set of privileges to monitor the network as well as actively change any of its configuration

Firewall
Transition Networks management agent contains an internal IP firewall. This built-in filter examines each incoming packet to determine whether to forward it to the management or to discard it. The decision is based on user-defined rules. These rules are entered in the Command Line Interface. Once the rule is entered the firewall matches packets based on source IP address, destination protocol, destination port, or some combination of the three. Each rule also contains a "drop" or "pass" action, making it possible to configure the filter with either a "default accept" or a "default deny" philosophy.

FILTERMAC
Filtermac can be used in conjunction with its firewall feature. The FILTERMAC allows the user to specify up to four trusted Ethernet Hardware addresses (i.e. MAC addresses) that are permitted to send IP packets to the Agent. Once this feature is used no other MAC addresses are permitted access to the management information.

SNMP Lock
SNMP messages originating from outside of the local subnet are ignored unless the Management Module has a Telnet session connected to the same IP address. This feature is designed to make it much more difficult for outside intruders to make changes to management settings via a method known as "IP Spoofing." In an IP Spoofing attack, the intruder configures an attacking computer to assume the identity of a trusted computer (NMS) in order to bypass firewall security measures. This deters intrusions by making the IP spoofing of SNMP datagrams much more difficult.

Lock/Unlock CLI
LOCK / UNLOCK - The LOCK command allows the CLI to be locked so that no commands can be entered. (Unsolicited log messages are still displayed, and SNMPLOCK functionality is still active when the console is locked.) Once the console is locked, it remains locked to all users regardless of the access method until UNLOCK command is used.

Traps
The Agent sends Coldstart traps when it is rebooted and enterprise specific Error/Error Clear traps when Ethernet link goes down or up. Unexpected receipt of these traps could indicate that an attack is in progress.