Manualshelf

User manual

ManualsBrandsRockwell Automation ManualsComputer equipmentSTRATIX 8000 1783-MX08T
41424344454647484950
Publication 1783-UM003D-EN-E - December 2009 47
Chapter 2
Both SNMPv1 and v2C use a community-based form of security. SNMP
managers can access the agent MIB through passwords referred to as
community strings. SNMPv1 and v2C are generally used for network
monitoring without network control.
SNMPv3 provides network monitoring and control. It provides secure access
to devices by a combination of authenticating and encrypting packets over the
network. The security model used by SNMPv3 is an authentication strategy
that is set up for a user and the user’s group. A security level is the permitted
level of security within a security model. A combination of a security model
and a security level determines which security mechanism is used for an SNMP
packet.
Following are some guidelines about SNMPv3 objects.
Each user belongs to a group.
A group defines the access policy for a set of users.
An access policy defines which SNMP objects can be accessed for
reading, writing, and creating.
A group determines the list of notifications that its users can receive.
A group also defines the security model and the security level for its
users.
An SNMP view is a list of MIBs that a group can access.
Data can be securely collected from SNMP devices without fear of the
data being tampered with or corrupted.
Confidential information, for example, SNMP Set command packets
that change a router configuration, can be encrypted to prevent the
contents from being exposed on the network.
IMPORTANT
SNMPv.3 is available only in the cryptographic version of the
switch firmware, available separately.