Specifications

ManualsBrandsEnterasys ManualsComputer equipmentC2K122-24

191

192

193

194

195

196

197

198

199

200

SNMP Configuration Summary

5-2 SNMP Configuration

•SNMPnetworkmanagementapplications,suchasEnterasysNetworks’NetSightAtlas,which

communicatewithagentstogetstatisticsandalertsfromthemanageddevices.

SNMPv3

SNMPv3isaninteroperablestandards‐basedprotocolthatprovidessecureaccesstodevicesby

authenticatingandencryptingframesoverthenetwork.Theadvancedsecurityfeaturesprovided

inSNMPv3areasfollows:

– Messageintegrity—Collectsdatasecurelywithoutbeingtamperedwithorcorrupted.

– Authentication—Determinesthe messageisfroma

validsource. 

–Encryption—Scramblesthecontentsofaframetopreventitfrombeingseenbyan

unauthorizedsource.

UnlikeSNMPv1andSNMPv2c,inSNMPv3,theconceptofSNMPagentsandSNMPmanagersno

longerapply.TheseconceptshavebeencombinedintoanSNMPentity.AnSNMPentityconsists

ofanSNMPengineandSNMPapplications.AnSNMPengineconsistsofthefollowingfour

components:

•Dispatcher—Thiscomponentsendsandreceivesmessages.

•Messageprocessingsubsystem—ThiscomponentacceptsoutgoingPDUsfromthe

dispatcherandpreparesthemfortransmissionbywrappingtheminamessageheaderand

returningthem

tothedispatcher.Themessageprocessingsubsystemalsoacceptsincoming

messagesfromthedispatcher,processeseachmessageheader,andreturnstheenclosedPDU

tothedispatcher.

•Securitysubsystem—Thiscomponentauthenticatesandencryptsmessages.

• Accesscontrolsubsystem—Thiscomponentdetermineswhichusersandwhichoperations

areallowedaccessto

managedobjects.

About SNMP Security Models and Levels

AnSNMPsecuritymodelisanauthentica tionstrategythatissetupforauserandthegroupin

whichtheuserresides.Asecuritylevelisthepermittedlevelofsecuritywithinasecuritymodel.

ThethreelevelsofSNMPsecurityare:Noauthenticationrequired(NoAuthNoPriv);

authenticationrequired(AuthNoPriv);and

privacy(authPriv).Acombinationofasecuritymodel

andasecurityleveldetermineswhichsecuritymechanismisemployedwhenhandlinganSNMP

frame.Table 5‐1identifiesthelevelsofSNMPsecurityavailableonSecureStackC3devicesand

authenticationrequiredwithineachmodel.

Table 5-1 SNMP Security Levels

Model Security Level Authentication Encryption How It Works

v1 NoAuthNoPriv Community string None Uses a community string match for

authentication.

v2c NoAuthNoPriv Community string None Uses a community string match for

authentication.