73-3
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 73 Configuring SNMP
Information about SNMP
Download Cisco OIDs from the following location:
ftp://ftp.cisco.com/pub/mibs/oid/oid.tar.gz
Note In software versions 7.2(1), 8.0(2), and later, the interface information accessed via SNMP refreshes
about every five seconds. As a result, we recommend that you wait for at least five seconds between
consecutive polls.
SNMP Version 3
This section describes SNMP Version 3 and includes the following topics:
• SNMP Version 3 Overview, page 73-3
• Security Models, page 73-3
• SNMP Groups, page 73-4
• SNMP Users, page 73-4
• SNMP Hosts, page 73-4
• Implementation Differences Between Adaptive Security Appliances and the Cisco IOS, page 73-4
SNMP Version 3 Overview
SNMP Version 3 provides security enhancements that are not available in SNMP Version 1 or SNMP
Version 2c. SNMP Versions 1 and 2c transmit data between the SNMP server and SNMP agent in clear
text. SNMP Version 3 adds authentication and privacy options to secure protocol operations. In addition,
this version controls access to the SNMP agent and MIB objects through the User-based Security Model
(USM) and View-based Access Control Model (VACM). The ASA 5500 series adaptive security
appliances also support the creation of SNMP groups and users, as well as hosts, which is required to
enable transport authentication and encryption for secure SNMP communications.
Security Models
For configuration purposes, the authentication and privacy options are grouped together into security
models. Security models apply to users and groups, which are divided into the following three types:
• NoAuthPriv—No Authentication and No Privacy, which means that no security is applied to
messages.
• AuthNoPriv—Authentication but No Privacy, which means that messages are authenticated.
• AuthPriv—Authentication and Privacy, which means that messages are authenticated and encrypted.
To Next Page
Loading...
Need help?
General
