HP Web Jetadmin - Understanding SNMPv3 and HP Web Jetadmin
3
• User Name—The account identity allowed access via SNMPv3. Example: “admin1”.
• Authentication Passphrase—The first secure string that is stored securely to the device and that
must be validated at each SNMPv3 communication from this point forward. The item is used to
allow the device to authenticate the sending entity (HP Web Jetadmin) and the communication
being sent. Example: “oncewasasmallcat”.
• Privacy Passphrase—The second secure string that is stored securely to the device and that must
be validated at each SNMPv3 communication from this point forward. This item is used to encrypt
the communication being sent to and from the device. Example: “oncewasasmalldog”.
When SNMPv3 is enabled on the device, write-mode access via SNMPv1/2 is disabled and
configuration of device parameters is only possible through SNMPv3. SNMPv3 settings are used to
either completely disable SNMPv1/2 communication or to disable write-mode, leaving SNMPv1/2
readable by any managing agent—such as another installation of HP Web Jetadmin. The setting
shown in Figures 1 and 2, SNMPv1 read-only, can be used to allow read-access. Some cases may
require that SNMPv1 be completely disabled in order to protect all device data. This is possible by
choosing SNMPv1 disabled.
HP Web Jetadmin can be used to configure SNMPv3 on many devices at once. When the SNMP
Version Access Control configuration item is displayed with multiple devices selected (from a device
list), HP Web Jetadmin displays blank values until the administrator adds values (credentials) into
these fields. Figure 2 shows the SNMP Version Access Control configuration as displayed by HP Web
Jetadmin Create Device Configuration Template wizard. In this case, a template is configured for
storing SNMPv3 settings that can be applied to devices at a later time. Notice that there are three
choices in this configuration item when it is displayed as a template or when multiple devices have
been selected from a device list:
• Enable SNMPv3
• Modify SNMPv3
• Disable SNMPv3
Templates can be applied directly to one or more
devices, to a device group, and through a Group
Policy. With a Group Policy, the template settings
take effect when a device is added as a member of
a device group or removed from a device group
membership. A common practice with Group
Policies is to set up an automatic group that applies
these templates when HP Web Jetadmin
automatically populates devices into groups based
on group filter criteria.
HP WEB JETADMIN AND
CREDENTIALS
In addition to the differences between SNMPv3 and
SNMPv1/2, it is important for administrators to
consider how HP Web Jetadmin interacts with
devices that have credentials and security features
set via the Credentials Store. Important points
include:
• If a device is discovered using SNMPv3 or
configured with SNMPv3 by HP Web
Figure 2—SNMPv3 in HP Web Jetadmin’s configuration
template