Advanced steps – Devices

Use Simple Network Management Protocol to monitor events

Milestone recommends that you use Simple Network Management Protocol (SNMP) to monitor events on the devices on the network. You can use SNMP as a supplement for syslog. SNMP works in real-time with many types of events that can trigger alerts, for example if a device is restarted.

For this to work, the devices must support logging via SNMP.

There are multiple versions of SNMP protocols available. Versions 2c and 3 are the most current. Implementation involves a suite of standards. A good overview can be found on the SNMP reference site (https://www.snmp.com/protocol/snmp_rfcs.shtml).

Learn more

The following control(s) provide additional guidance:

• NIST SP 800-53 SI-4 Event Monitoring