Installation manual
3-39
SIGNAMAX LLC • www.signamax.eu
of the information controlled by the agent. SNMP defines both the format of the MIB
specifications and the protocol used to access this information over the network.
The switch includes an onboard agent that supports SNMP versions 1, 2c, and 3. This
agent continuously monitors the status of the switch hardware, as well as the traffic
passing through its ports. A network management station can access this information
using software such as HP OpenView. Access to the onboard agent from clients using
SNMP v1 and v2c is controlled by community strings. To communicate with the switch,
the management station must first submit a valid community string for authentication.
Access to the switch using from clients using SNMPv3 provides additional security
features that cover message integrity, authentication, and encryption; as well as
controlling user access to specific areas of the MIB tree.
The SNMPv3 security structure consists of security models, with each model having it’s
own security levels. There are three security models defined, SNMPv1, SNMPv2c, and
SNMPv3. Users are assigned to “groups” that are defined by a security model and
specified security levels. Each group also has a defined security access to set of MIB
objects for reading and writing, which are known as “views.”
The switch has a default view (all MIB objects) and default groups defined for security
models v1 and v2c. The following table shows the security models and levels available
and the system default settings.
Note:
The predefined default groups and view can be deleted from the system. You can
then
define customized groups and views for the SNMP clients that require access.
Table 3-4 SNMPv3 Security Models and Levels
Model Level Group Read View Write View Notify View Security
v1 noAuthNoPriv public
(read only)
defaultview none none Community string only
v1 noAuthNoPriv private
(read/write)
defaultview defaultview none Community string only
v1 noAuthNoPriv user defined user defined user defined user defined Community string only
v2c noAuthNoPriv public
(read only)
defaultview none none Community string only
v2c noAuthNoPriv private
(read/write)
defaultview defaultview none Community string only
v2c noAuthNoPriv user defined user defined user defined user defined Community string only
v3 noAuthNoPriv user defined user defined user defined user defined A user name match only
v3 AuthNoPriv user defined user defined user defined user defined Provides user
authentication via MD5 or
SHA algorithms
v3 AuthPriv user defined user defined user defined user defined Provides user
authentication via MD5 or
SHA algorithms and data
privacy using DES 56-bit
encryption