EasyManua.ls Logo

Nokia 7705 - 4.1.5 User-Based Security Model Community Strings; 4.1.6 Views

Nokia 7705
404 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
SNMP
192
System Management Guide
3HE 11018 AAAC TQZZA Edition: 01
To implement SNMPv1 and SNMPv2c configurations, several access groups are
predefined. These access groups are standard read-only, read-write, and
read-write-all access groups and views that can simply be assigned community
strings. In order to implement SNMP with security features, security models, security
levels, and USM communities must be explicitly configured. Optionally, additional
views that specify more specific OIDs (MIB objects in the subtree) can be configured.
Access to the management information in an SNMPv1/SNMPv2c agent is controlled
by the inclusion of a community name string in the SNMP request. The community
defines the subset of the agent’s managed objects that can be accessed by the
requester. It also defines what type of access is allowed: read-only or read-write.
The use of community strings provide minimal security and context checking for both
agents and managers that receive requests and initiate trap operations. A
community string is a text string that acts like a password to permit access to the
agent on the 7705 SAR router.
The 7705 SAR implementation of SNMP has defined three levels of community-
named access:
read-only permission — grants only read access to objects in the MIB, except
security objects
read-write permission — grants read and write access to all objects in the MIB,
except security objects
read-write-all permission — grants read and write access to all objects in the
MIB, including security objects
4.1.5 User-Based Security Model Community Strings
User-based security model (USM) community strings associate a community string
with an SNMPv3 access group and its view. The access granted with a community
string is restricted to the scope of the configured group.
4.1.6 Views
Views control the access to a managed object. The total MIB of a 7705 SAR router
can be viewed as a hierarchical tree. When a view is created, either the entire tree
or a portion of the tree can be specified and made available to a user to manage the
objects contained in the subtree. Object identifiers (OIDs) uniquely identify managed
objects. A view defines the type of operations allowed, such as read, write, or notify.

Table of Contents

Other manuals for Nokia 7705

Preview: Guide
Guide594 pages
Preview: Configuration Guide
Configuration Guide538 pages
Preview: Quality Of Service Guide
Quality Of Service Guide534 pages

Related product manuals