[lelanthran]

> Not even such a bad standard once you get used to it.

It ticks all the boxes except for security.

I'm not sure how to get past that one without pushing a private key or a shared secret onto each managed device (maybe with SNMP SET?).

[iso1631]

If you're polling a device you can put wrieguard on, not a problem. If you're not, wireguard to a device on the same LAN and ACL off SNMP traffic at the router.