Enterasys D-Series

To Next Page

To Previous Page

SNMP Configuration Summary

7-2 SNMP Configuration

•SNMPnetworkmanagementapplications,suchastheEnterasysNetSightapplication,which

communicatewithagentstogetstatisticsandalertsfromthemanageddevices.

SNMPv3

SNMPv3isaninteroperablestandards‐basedprotocolthatprovidessecureaccesstodevicesby

authenticatingandencryptingframesoverthenetwork.Theadvancedsecurityfeaturesprovided

inSNMPv3areasfollows:

– Messageintegrity—Collectsdatasecurelywithoutbeingtamperedwithorcorrupted.

– Authentication—Determinesthemessageisfroma

validsource.

–Encryption—Scramblesthecontentsofaframetopreventitfrombeingseenbyan

unauthorizedsource.

UnlikeSNMPv1andSNMPv2c,inSNMPv3,theconceptofSNMPagentsandSNMPmanagersno

longerapply. TheseconceptshavebeencombinedintoanSNMPentity.AnSNMPentityconsists

ofanSNMPengineandSNMPapplications.AnSNMPengineconsistsofthefollowingfour

components:

•Dispatcher—Thiscomponentsendsandreceivesmessages.

•Messageprocessingsubsystem—ThiscomponentacceptsoutgoingPDUsfromthe

dispatcherandpreparesthemfortransmissionbywrappingtheminamessageheaderand

returningthem

tothedispatcher.Themessageprocessingsubsystemalsoacceptsincoming

messagesfromthedispatcher,processeseachmessageheader,andreturnstheenclosedPDU

tothedispatcher.

•Securitysubsystem—Thiscomponentauthenticatesandencryptsmessages.

• Accesscontrolsubsystem—Thiscomponentdetermineswhichusersandwhichoperations

areallowedaccessto

managedobjects.

About SNMP Security Models and Levels

AnSNMPsecuritymodelisanauthenticationstrategythatissetupforauserandthegroupin

whichtheuserresides.Asecuritylevelisthepermittedlevelofsecuritywithinasecuritymodel.

ThethreelevelsofSNMPsecurityare:Noauthenticationrequired(NoAuthNoPriv);

authenticationrequired(AuthNoPriv);and

privacy(authPriv).Acombinationofasecuritymodel

andasecurityleveldetermineswhichsecuritymechanismisemployedwhenhandlinganSNMP

frame.Table 7‐12identifiesthelevelsofSNMPsecurityava ilableonD‐Seriesdevicesand

authenticationrequiredwithineachmodel.

Table 7-12 SNMP Security Levels

Model Security Level Authentication Encryption How It Works

v1 NoAuthNoPriv Community string None Uses a community string match for

authentication.

v2c NoAuthNoPriv Community string None Uses a community string match for

authentication.

Related product manuals