The SNMP service on the storage system must require the use of a FIPS 140-2 approved cryptographic hash algorithm as part of its authentication and integrity methods.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-237822 | SRG-OS-000480-GPOS-00227 | HP3P-32-001305 | SV-237822r647875_rule | 2021-11-23 | 2 |
| Description |
|---|
| The SNMP service must use AES or a FIPS 140-2 approved successor algorithm for protecting the privacy of communications. |
| ℹ️ Check |
|---|
| Verify that SNMP encryption uses AES by entering the following command: cli% showsnmpuser Username AuthProtocol PrivProtocol 3parsnmpuser HMAC-SHA-96 CFB128-AES-128 If the PrivProtocol in the result is not AES, this is a finding. |
| ✔️ Fix |
|---|
| Configure the storage system to use AES encryption for SNMPv3 by entering the command: cli% setsnmpmgr -snmpuser 3parsnmpuser -pw <password> -version 3 <IP address of SNMP manager> |