Technical data

Enabling, Disabling, and Reloading SNMP



Security levels for user authentication using entity shared secret keys

 Message time stamps

 Data secrecy using encryption

 Control of user access to MIB information based on the need to know

Security Levels

SNMPv3 provides both security levels and security models. A security level is the permitted

level of security within a security model. A combination of a security level and a security

model determine which security mechanism is employed when handling an SNMP packet.

(See Combinations of Security Levels and Security Models in this document.) SNMPv3

messages can be sent at any of the following three security levels:

 No Authentication and No Encryption This is also called noAuth/noPriv. Priv

refers to privacy. With this security, only a valid user name is required to access

data or to send a trap.

 Authentication and No Encryption This is also called Auth/noPriv. With this

security, you must be authenticated as a valid user for a message to be accepted.

Authentication is accomplished by sharing a secret key and using that key to

produce a message-hashed authentication code sent with each message.

 Authentication and Encryption This is also called Auth/Priv. With this security,

you are authenticated and the data payload is encrypted using a second shared

secret key.

Security Models

SNMPv3 provides for both security levels and security models. A security model is an

authentication strategy that is set up the group in which a user resides. Three security

models are now available:

 SNMPv1

 SNMPv2c

 SNMPv3

A combination of a security model and a security level will determine which security mech-

anism is employed when handling an SNMP packet. See Combinations of Security Levels

and Security Models in this document.

Combinations of Security Levels and Security Models

The table below identifies the combinations of security models and levels and describes

how security is handled with each combination.