Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

241

242

243

244

245

246

247

248

249

250

SNMP Configuration Summary

5-2 SNMP Configuration

SNMPv1 and SNMPv2c

ThecomponentsofSNMPv1andSNMPv2cnetworkmanagementfallintothreecategories:

•Manageddevices(suchasaswitch)

•SNMPagentsandMIBs,includingSNMPtraps,communitystrings,andRemoteMonitoring

(RMON)MIBs,whichrunonmanageddevices

•SNMPnetworkmanagementapplications,suchasEnterasysNetSight,whichcommunicate

withagentstoget

statisticsandalertsfromthemanageddevices.

SNMPv3

SNMPv3isaninteroperablestandards‐basedprotocolthatprovidessecureaccesstodevicesby

authenticatingandencryptingframesoverthenetwork.Theadvancedsecurityfeaturesprovided

inSNMPv3areasfollows:

• Message integrity — Collects data securely without being tampered with or corrupted.

• Authentication — Determines the message is from a valid source.

• Encryption — Scrambles the contents of a frame to prevent it from being seen by an

unauthorized source.

UnlikeSNMPv1andSNMPv2c,inSNMPv3,theconceptofSNMPagentsandSNMPmanagersno

longerapply.TheseconceptshavebeencombinedintoanSNMPentity.AnSNMPentityconsists

ofanSNMPengineandSNMPapplications.AnSNMPengineconsistsofthefollowingfour

components:

•Dispatcher—Thiscomponentsends

andreceivesmessages. 

•Messageprocessingsubsystem—ThiscomponentacceptsoutgoingPDUsfromthe

dispatcherandpreparesthemfortransmissionbywrappingtheminamessageheaderand

returningthemtothedispatcher.Themessageprocessingsubsystemalsoacceptsincoming

messagesfromthedispatcher,processeseachmessageheader,andreturns

theenclosedPDU

tothedispatcher.

•Securitysubsystem—Thiscomponentauthenticatesandencryptsmessages.

• Accesscontrolsubsystem—Thiscomponentdetermineswhichusersandwhichoperations

areallowedaccesstomanagedobjects.

About SNMP Security Models and Levels

AnSNMPsecuritymodelisanauthenticationstrategythatissetupforauserandthegroupin

whichtheuserresides.Asecuritylevelisthepermittedlevelofsecuritywithinasecuritymodel.

ThethreelevelsofSNMPsecurityare:Noauthenticationrequired(NoAuthNoPriv);

authenticationrequired(AuthNoPriv);and

privacy(authPriv).Acombinationofasecuritymodel

andasecurityleveldetermineswhichsecuritymechanismisemployedwhenhandlinganSNMP

frame.Table 5‐1identifiesthelevelsofSNMPsecurityavailableonMatrixSeriesdevicesand

authenticationrequiredwithineachmodel.