Troubleshooting guide

ManualsBrandsCisco ManualsComputer equipmentWide Area Virtualization Engine 274

551

552

553

554

555

556

557

558

559

560

1-4

Cisco Wide Area Application Services Configuration Guide

OL-26579-01

Chapter 1 Configuring SNMP Monitoring

About SNMP

SNMPv3 provides security models as well as security levels. A security model is an authentication

process that is set up for a user and the group in which the user resides. A security level is the permitted

level of security within a security model. A combination of a security model and a security level

determines which security process is used when an SNMP packet is handled. Three security models are

available: SNMPv1, SNMPv2c, and SNMPv3.

Table 1-1 describes the combinations of security models and security levels.

The SNMPv3 agent can be used in the following modes:

• noAuthNoPriv mode (that is, no security mechanisms turned on for packets)

• AuthNoPriv mode (for packets that do not need to be encrypted using the privacy algorithm

[DES 56])

• AuthPriv mode (for packets that must be encrypted; privacy requires that authentication be

performed on the packet)

Using SNMPv3, users can securely collect management information from their SNMP agents without

worrying that the data has been tampered with. Also, confidential information, such as SNMP set packets

that change a Content Engine’s configuration, can be encrypted to prevent their contents from being

exposed on the wire. Also, the group-based administrative model allows different users to access the

same SNMP agent with varying access privileges.

Supported MIBs

This section describes the Cisco-specific MIBs that are supported by WAAS. MIBs are listed in

alphabetical order. The following Cisco-specific MIBs are supported:

• CISCO-APPNAV-MIB

• CISCO-CONTENT-ENGINE-MIB

• CISCO-ENTITY-ASSET-MIB

• CISCO-SMI

• CISCO-WAN-OPTIMIZATION-MIB

• ENTITY-MIB

Table 1-1 SNMP Security Models and Security Levels

Model Level Authentication Encryption Process

v1 noAuthNoPriv Community string No Uses a community string match for user authentication.

v2c noAuthNoPriv Community string No Uses a community string match for user authentication.

v3 noAuthNoPriv Username No Uses a username match for user authentication.

v3 AuthNoPriv Message Digest 5 (MD5)

or S e c u re H as h A l go r it h m

(SHA)

No Provides authentication based on the Hash-Based Message

Authentication Code (HMAC)-MD5 or HMAC-SHA

algorithms.

v3 AuthPriv MD5 or SHA Yes Provides authentication based on the HMAC-MD5 or

HMAC-SHA algorithms. Provides Data Encryption

Standard (DES) 56-bit encryption (packet authentication)

based on the cipher block chaining (CBC)-DES (DES-56)

standard.