Configuring SNMP
Creating SNMP Groups
Cisco Small Business 300 Series Managed Switch Administration Guide 284
19
Creating SNMP Groups
In SNMPv1 and SNMPv2, a community string is sent along with the SNMP frames.
The community string acts as a password to gain access to a SNMP agent.
However, neither the frames nor the community string are encrypted. So SNMPv1
and SNMPv2 are not secure. In SNMPv3, there are two security mechanisms, and
both can be configured.
• Authentication—The switch checks that the SNMP user is an authorized
system administrator. This is done for each and every frame.
• Privacy—SNMP frames can carry encrypted data.
Thus, in SNMPv3, there are three levels of security:
• No security
• Authentication
• Authentication and privacy (Note that two groups with the same name, one
with authentication and one with privacy, must be added.)
In addition, SNMPv3 provides for a way to control what even authorized and
authenticated users can see and perform, by associating each user with a group.
A group is a label for a logical entity (combination of attributes). A group is
operational only when it is associated with an SNMP user or an SNMP community.
A group also has an attribute that tells if members should have read, write, and/or
notify privileges for the view.
To create an SNMP group:
STEP 1 Click SNMP > Groups. The
Groups Page
opens.
This page displays the existing SNMP groups.
STEP 2 Click Add. The
Add Group Page
opens.
STEP 3 Enter the parameters.
• Group Name—Enter a new group name for which privileges are being
defined. The field range is up to 30 ASCII characters.
• Security Model—Select the SNMP version attached to the group.
To Next Page
Loading...
Need help?
General
