Hello Everybody.

I would like to start using Dude to monitor companies that i care of but i have some questions and doubts about security:

1. Windows severs are using only snmp v2 (only 2012 can use snmp v3). I can set the community name, the allowed ip-s to comunicate with the servers, but is the snmp communication: server -> dude encrypted or is everything sent in clear text ?

2. Similar situation: i would like to set a central Dude server and remote Dude servers that would be configured as agents for the central server. The information to the central Dude server would be send throught the Internet. In configuring the agent i can see an option to encrypt connection. Do you think it would be safe to use such configuration ?

The last thing i would like to know is if i can in the central Dude server add network maps from remote Dude servers so that they are visible from the network map menu of the central Dude server ? I've managed to add a remote dude server device using agent to my central map and i can view it's maps by selecting it and: settings -> Dude but the problem is that if i caonnect with the central dude using https i can't see the remote maps.

Sory for my English and thank you in advance for any help
Marcin

Hello Everybody.

I would like to start using Dude to monitor companies that i care of but i have some questions and doubts about security:

1. Windows severs are using only snmp v2 (only 2012 can use snmp v3). I can set the community name, the allowed ip-s to comunicate with the servers, but is the snmp communication: server -> dude encrypted or is everything sent in clear text ?

2. Similar situation: i would like to set a central Dude server and remote Dude servers that would be configured as agents for the central server. The information to the central Dude server would be send throught the Internet. In configuring the agent i can see an option to encrypt connection. Do you think it would be safe to use such configuration ?

The last thing i would like to know is if i can in the central Dude server add network maps from remote Dude servers so that they are visible from the network map menu of the central Dude server ? I've managed to add a remote dude server device using agent to my central map and i can view it's maps by selecting it and: settings -> Dude but the problem is that if i caonnect with the central dude using https i can't see the remote maps.

Sory for my English and thank you in advance for any help
Marcin

1 and 2. snmp v2 is not encrypted. And traffic encryption is not The Dude's function. It should be done by some VPN server\clients. You shuold deploy VPN in your network if you care about security.

The Dude will not pull the maps from a Dude agent onto the central Dude server, though this something that I would have had a great need for in a previous job. I think that this sort of feature would be great in an environment where you are monitoring multiple client's networks but you also want to give each client access to the Dude map of their own network. Another thing to add to the ever-growing list of Dude feature requests!!

As for the security issue: Yes - SNMP v1 and v2 does not encrypt anything so if you are doing SNMP management across the internet you really need to set up a VPN tunnel between the different networks. I'd suggest using a device or application that is specifically designed for this rather than trying to "bolt it on" to something else. Another option is to use SNMPv3 - but this protocol obviously needs to be supported by all the devices you want to monitor and, as you say, it is not in your environment.