Specifications
SNMP Overview Reference Manual (MGCP/NCS Version)
Mediatrix 4100
27
SNMPv3 Messages
To correct the security deficiencies of SNMPv1/v2, SNMPv3 was defined with an overall SNMP architecture
and a set of security capabilities. SNMPv3 includes three important services: authentication, privacy, and
access control (Figure 10
). To deliver these services in a flexible and efficient manner, SNMPv3 introduces
the concept of a principal, which is the entity on whose behalf services are provided or processing takes place.
Figure 10: SNMPv3 Services
SNMP Behaviour
When using SNMP, the following rules apply:
Media5 recommends to copy the SNMPv3 user attributes only twice.
The administrator may edit the SNMPv3 user attributes:
• Authentication algorithm (none, MD5, or SHA)
• Authentication password
• Encryption algorithm (NULL or DES)
• Encryption password
• All SNMPv3 passwords (encryption and authentication) must be at least 8 characters
long. You should use the Unit Manager Network product to perform SNMPv3 setup.
Whatever the MIB browser you use, the unit follows the SNMPv3 standard RFCs.
SNMP can be used in a non-secure or secure management mode.
Manager
Manager
Agent
Agent
Agent
Agent
Transmission from
manager to agent may be
authenticated to guarantee
identity of sender and
timeliness of message
SNMPv3 messages may
be encrypted to ensure
privacy
Agent may enforce access-
control policy to restrict each
principal to certain actions on
certain portions of its data
DES Encryption
Manager
Warning: The SNMPv3 method for changing the password or encryption key contains a flaw which may
result in setting the incorrect password. This problem can happen if you use an incorrect “oldpassword”
when changing your password. Always exercise great caution when changing your password or encryption
key. Note that you can use the factory reset to clear the SNMPv3 password. See “
Factory Reset” on page 20
for more details. See also the Unit Manager Network Administration Manual.