Manualshelf

SNMP Reference Guide

ManualsBrandsDell ManualsComputersOpenManage Server Administrator Version 5.4
31323334353637383940
Introduction 35
SNMP Security
SNMP version 1 has a very limited security mechanism. SNMP agents
support the use of a community string, which is configured at each SNMP
agent and is passed as a part of all SNMP request messages. There is no
verification that the requester is actually a member of the
specified community.
Because most system and network management data is not confidential, this
limited security is acceptable for Get types of requests. On the other hand,
this security is not acceptable for Set types of operations where an SNMP
request could power off a system, reconfigure a redundant array of
independent disks (RAID) card, and so on. Some vendors have chosen not to
support SNMP Set operations for this reason. Server Administrator is able to
support SNMP Set operations because its SNMP agents implement a
hash/digest mechanism to prevent unauthorized SNMP Set operations.
One limitation of this practice is that only server administrator-developed
SNMP management applications have the capability to support the
hash/digest mechanism.
NOTE: The default SNMP agent configuration usually includes a SNMP community
name such as public. For security reasons, change the SNMP community names
from their default values. For information about changing SNMP community names,
see the Dell OpenManage Server Administrator User’s Guide. This guide is available
on the Dell Support website at support.dell.com and on the Dell Systems
Management Tools and Documentation DVD. For additional guidelines, see the
Securing an SNMP Environment article, dated May 2003, in the Dell Power
Solutions magazine. This magazine is also available at
www.dell.com/powersolutions.
NOTE: In Dell OpenManage Server Administrator version 5.3, SNMP Set
operations are disabled by default. Server Administrator provides support to enable
or disable SNMP Set operations. For more information on enabling or disabling
SNMP Set operations in Server Administrator, see the Dell OpenManage Server
Administrator User’s Guide or the Dell OpenManage Server Administrator
Command Line Interface User's Guide.
Management Actions
Management actions can be performed using the SNMP Set command.
These actions can consist of configuring a phone number for the system’s
owner, rebooting a system, or changing the asset tag of the system. See the
previous section, "SNMP Security," for limitations on Set operations.