Simple Network Management P.

• If not absolutely need, disable SNMP
Use SNMPv3 with authentication and encryption
If SNMPv1 or v2, make name & password hard to guess crack.
Filter SNMP (port 161 TCP/UDP and 162 TCP/UDP)
Where possible make MIBs read-only.