EasyManuals Logo
Home>Cisco>Network Router>ASR 9000 Series

Cisco ASR 9000 Series User Manual

Cisco ASR 9000 Series
422 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #380 background imageLoading...
Page #380 background image
• Message stream modification—The threat that messages may be maliciously reordered, delayed, or
replayed (to an extent that is greater than can occur through the natural operation of a subnetwork service)
to cause SNMP to perform unauthorized management operations.
• Disclosure—The threat that exchanges between SNMP engines could be eavesdropped. Protecting
against this threat may be required as a matter of local policy.
In addition, SNMPv3 provides access control over protocol operations on SNMP managed objects.
SNMPv3 Costs
SNMPv3 authentication and encryption contribute to a slight increase in the response time when SNMP
operations on MIB objects are performed. This cost is far outweighed by the security advantages provided
by SNMPv3.
Table 39: Order of Response Times from Least to Greatest, on page 362 shows the order of response time
(from least to greatest) for the various security model and security level combinations.
Table 39: Order of Response Times from Least to Greatest
Security LevelSecurity Model
noAuthNoPrivSNMPv2c
noAuthNoPrivSNMPv3
authNoPrivSNMPv3
authPrivSNMPv3
User-Based Security Model
SNMPv3 User-Based Security Model (USM) refers to SNMP message-level security and offers the following
services:
• Message integrity—Ensures that messages have not been altered or destroyed in an unauthorized manner
and that data sequences have not been altered to an extent greater than can occur nonmaliciously.
• Message origin authentication—Ensures that the claimed identity of the user on whose behalf received
data was originated is confirmed.
• Message confidentiality—Ensures that information is not made available or disclosed to unauthorized
individuals, entities, or processes.
SNMPv3 authorizes management operations only by configured users and encrypts SNMP messages.
USM uses two authentication protocols:
•
HMAC-MD5-96 authentication protocol
•
HMAC-SHA-96 authentication protocol
Cisco ASR 9000 Series Aggregation Services Router System Management Configuration Guide, Release 5.1.x
362
Implementing SNMP
SNMPv3 Costs

Table of Contents

Other manuals for Cisco ASR 9000 Series

Preview: Configuration Guidelines
Configuration Guidelines694 pages
Preview: Command Reference Guide
Command Reference Guide1138 pages
Preview: Configuration Guide
Configuration Guide604 pages
Preview: Routing Configuration Guide
Routing Configuration Guide702 pages
Preview: Reference Guide
Reference Guide696 pages
Preview: Command Reference
Command Reference590 pages
Preview: Installation Guide
Installation Guide284 pages
Preview: Service Configuration Guide
Service Configuration Guide204 pages
Preview: System Configuration Guide
System Configuration Guide168 pages
Preview: Configuration Manual
Configuration Manual50 pages
Preview: Manual
Manual64 pages
Preview: Software Manual
Software Manual166 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASR 9000 Series and is the answer not in the manual?

Cisco ASR 9000 Series Specifications

General IconGeneral
BrandCisco
ModelASR 9000 Series
CategoryNetwork Router
LanguageEnglish

Related product manuals