47-2
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 47 Configuring SNMP
SNMP Terminology
Table 47-1 SNMP Terminology
Term Definition
authentication The process of ensuring message integrity and protection against
message replays, including both data integrity and data origin
authentication.
authoritative SNMP engine One of the SNMP copies involved in network communication is
designated the allowed SNMP engine to protect against message
replay, delay, and redirection. The security keys that are used for
authenticating and encrypting the SNMPv3 packets are generated
as a function of the authoritative SNMP engine’s ID and user
passwords. When an SNMP message expects a response (for
example, get exact, get next, set request), the receiver of these
messages is authoritative. When an SNMP message does not
expect a response, the sender is authoritative.
community string A text string that is used to authenticate messages between a
management station and an SNMPv1 or SNMPv2c engine.
data integrity A condition or state of data in which a message packet has not
been altered or destroyed in an unauthorized manner.
data origin authentication The ability to verify the identity of a user on whose behalf that the
message is supposedly sent. This ability protects the users against
both message capture and replay by a different SNMP engine and
against the packets that are received or sent to a particular user
that uses an incorrect password or security level.
encryption A method of hiding data from an unauthorized user by scrambling
the contents of an SNMP packet.
group A set of users belonging to a particular security model. A group
defines the access rights for all the users belonging to it. Access
rights define the SNMP objects that can be read, written to, or
created. In addition, the group defines the notifications that a user
is allowed to receive.
notification host An SNMP entity to which notifications (traps and informs) are to
be sent.
notify view A view name (not to exceed 64 characters) for each group; the
view name defines the list of notifications that can be sent to each
user in the group.
privacy An encrypted state of the contents of an SNMP packet; in this
state, the contents are prevented from being disclosed on a
network. Encryption is performed with an algorithm called
CBC-DES (DES-56).
read view A view name (not to exceed 64 characters) for each group; the
view name defines the list of object identifiers (OIDs) that can be
read by users belonging to the group.
To Next Page
Loading...
Need help?
General