DGS-3130 Series Layer 3 Stackable Managed Switch Hardware Installation Guide
54
Connecting using SNMP
The Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) protocol designed
specifically for managing and monitoring network devices. SNMP enables network management stations to read and
modify the settings of gateways, routers, switches, and other network devices. Use SNMP to configure system
features for proper operation, monitor performance, and detect potential problems in the Switch, switch group, or
network.
Managed devices that support SNMP include software (referred to as an agent), which runs locally on the device. A
defined set of variables (managed objects) is maintained by the SNMP agent and used to manage the device. These
objects are defined in a Management Information Base (MIB), which provides a standard presentation of the
information controlled by the on-board SNMP agent. SNMP defines both the format of the MIB specifications and the
protocol used to access this information over the network.
The Switch supports SNMPv1, SMNPv2c, and SNMPv3. The administrator may specify which SNMP version to use to
monitor and control the Switch. The three SNMP versions vary in the level of security provided between the
management station and the network device.
In SNMPv1 and SNMPv2c, user authentication is accomplished using 'community strings', which function like
passwords. The remote user SNMP application and the Switch SNMP must use the same community string. SNMP
packets from any station that has not been authenticated are ignored (dropped).
The default community strings for the Switch used for SNMPv1 and SNMPv2c management access are:
• public - Allows authorized management stations to retrieve MIB objects.
• private - Allows authorized management stations to retrieve and modify MIB objects.
SNMPv3 uses a more sophisticated authentication process that is separated into two parts. The first part is to
maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes
what each user on that list can do as an SNMP manager.
The Switch allows groups of users to be listed and configured with a shared set of privileges. The SNMP version may
also be set for a listed group of SNMP managers. Thus, a group of SNMP managers can be created to view read-only
information or receive traps using SNMPv1 while assigning a higher level of security to another group, granting
read/write privileges using SNMPv3.
Using SNMPv3 individual users or groups of SNMP managers can be allowed to perform or be restricted from
performing specific SNMP management functions. The functions that have been allowed or restricted are defined
using the Object Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMPv3
in that SNMP messages may be encrypted.
Traps
Traps are messages that are sent by an SNMP-enabled device to the NMS, and can be used to alert network
personnel of events that occur on the Switch. The events can be as serious as a reboot (someone accidentally turned
off the Switch), or less serious like a port status change. The Switch generates traps and sends them to a pre-
configured IP address, usually an NMS. Typical traps include trap messages for Authentication Failure and Topology
Change.
Management Information Base (MIB)
A Management Information Base (MIB) stores management and counter information. The Switch uses the standard
MIB-II Management Information Base module. Consequently, values for MIB objects can be retrieved from any
SNMP-based network management software. In addition to the standard MIB-II, the Switch also supports its own
proprietary enterprise MIB as an extended Management Information Base. The proprietary MIB may also be retrieved
by specifying the MIB Object Identifier. MIB values can be either read-only or read-write.
To Next Page
Loading...
