Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

291

292

293

294

295

296

297

298

299

300

SNMP Support on Enterasys Devices

March 28, 2011 Page 5 of 27

control,SNMPv3alsoprovidesahigherdegreeofreliabilityfornotifyingmanagement

stationswhencriticaleventsoccur.

SNMPv3isfullydescribedinRFC2571,RFC 2572,RFC2573,RFC2574,and RFC2575.

SNMPv1 andv2c Network Management Components

TheEnterasysimplementationofSNMPv1andv2cnetworkmanagementcomponentsfallintothe

followingthreecategories:

•Manageddevices(suchasaswitch).

•SNMPagentsandMIBs,includingSN MPtraps,communitystrings,andRemoteMonitoring

(RMON)MIBs,whichrunonmanageddevices.

•SNMPnetworkmanagementapplications,suchastheEnterasysNetSightapplication,

which

communicatewithagentstogetstatisticsandalertsfromthemanageddevices.

SNMPv3 User-Based Security Model (USM) Enhancements

SNMPv3addstov1andv2ccomponentsbyprovidingsecureaccesstodevicesbyauthenticating

andencryptingframesoverthenetwork.TheEnterasyssupportedadvancedsecurityfeatures

providedinSNMPv3’sUser‐BasedSecurityModelareasfollows:

•Messageintegrity—Collectsdatasecurelywithoutbeingtamperedwithorcorrupted.

• Authentication—

Determinesthemessageisfromavalidsource.

•Encryption—Scramblesthecontentsofaframetopreventitfrombeingseenbyan

unauthorizedsource.

UnlikeSNMPv1andSNMPv2c,inSNMPv3,theconceptofSNMPagentsandSNMPmanagersno

longerapply.Theseconceptshavebeencombinedintoan

SNMPentity.AnSNMPentityconsists

ofanSNMPengineandSNMPapplications.AnSNMPengineconsistsofthefollowingfour

components:

–Dispatcher—Sendsandreceivesmessages.

– Messageprocessingsubsystem—AcceptsoutgoingPDUsfromthedispatcherand

preparesthemfortransmissionbywrappingtheminamessageheaderand

returning

themtothedispatcher.Alsoacceptsincomingmessagesfromthedispatcher,processes

eachmessageheader,andreturnstheenclosedPDUtothedispatcher.

–Securitysubsystem—Authenticatesandencryp tsmessages.

– Accesscontrolsubsystem—Thiscomponentdetermineswhichusersandwhich

operationsareallowedaccesstomanagedobjects.

Terms and Definitions

Table 2listscommonSNMPtermsanddefinestheiruseonEnterasysdevices.

Table 2 SNMP Terms and Definitions

Term Definition

community A name string used to authenticate SNMPv1 and v2c users.

context A subset of MIB information to which associated users have access rights.