Technical data

Securing the Router

117342-B Rev. 00

7-5

Secure mode does not protect against the following security violations, which are

beyond the scope of this proprietary interim security system:

• Modification of information, in which an intruder intercepts a packet,

modifies its contents, and reinserts it into the message stream before the

agent’s counter increments

• Disclosure, in which an intruder observes which variables are being set

Enabling the security mechanism only minimally affects router performance. The

security mechanism has no effect on the ability of Site Manager, or of any SNMP

network manager, to monitor the router by performing GET, GET-NEXT, or trap

functions.

Specifying Secure Mode

To set the router to secure mode:

Set up private, read-write SNMP communities for your router using Site

Manager.

You cannot use public communities with secure mode. See

“

Restricting Read/Write Access with SNMP Communities” on page 7-3

for instructions on changing SNMP communities.

Using the Technician Interface on the router, enter the following

command:

wfsnmpmode 3

indicates that the router should operate using the proprietary security

mechanism.

Specify a password key for the encryption algorithm to use when it

encrypts the security counters by entering the following command:

wfsnmpkey

<key>

is the string of ASCII characters that you select to make up the

encryption code for this router. The key can have up to six characters. The

encryption algorithm uses the attributes of the key (size, range, and value) in

the encryption process.

To turn off secure mode and revert to the default SNMP community security mode

(called trivial mode), enter the following Technician Interface command:

wfsnmpmode 1