Symantec Advanced Threat Protection (ATP) can be monitored using Simple Network Management Protocol (SNMP). Each management platform or all-in-one appliance must be configured to connect to and authenticate with the monitoring system. Network scanner and management platform appliances send SNMP notifications individually. A network scanner does not depend on the management platform to send notifications.
ATP supports only SNMPv3 because of this standard's greater security. SNMPv1 and SNMPv2c are not supported.
Before you configure the connection in ATP Manager:
Create an account on the SNMP system for each all-in-one or management platform ATP device.
Each ATP device needs a user name and password to authenticate with the SNMP manager/trap receiver.
Configure the encryption type (DES or AES) and the secret key on your SNMP server.
In ATP Manager, navigate to Settings > Appliances, then click Edit Default Appliance. In the SNMP section, use the links to download the following ATP SNMP MIBs.
Download and import ATP-SNMP-MIB.txt into the SNMP manager.
Download and import ATP-TRAPS-MIB.txt and ATP-NOTIFICATIONS-MIB.txt into the SNMP Trap Receiver.
On your Network Management System, set the query timeout for polling to ATP to five seconds or more.
ATP does not support management by SNMP. You cannot use a Network Management System to make changes to an ATP appliance. Instead, you can use ATP Manager to make changes to one or more ATP appliances.