3Com 10014299 Network Router User Manual


 
74 CHAPTER 5: CONFIGURING NETWORK MANAGEMENT
addition to the functions defined in SNMPv2c and SNMPv1. In other words,
SNMPv3 develops SNMPv2c by adding security and management functions.
SNMPv1 and SNMPv2c lack security functions, especially in the aspect of
authentication and privacy. SNMPv1 defines only a type of community
representing a group of managed devices. Each NMS controls access to the
devices via the community name list. However, agents do not verify whether the
community names used by the senders are authorized, and they even do not
check the IDs of administrators. Additionally, transmission of SNMP messages
without encryption, which exposes the community name, brings potential threats
to security. Even though some security mechanisms, like digest authentication,
timestamp authentication, encryption and authorization, have been considered at
the early stage of proposing SNMPv2c, only the “community name” similar to
SNMPv1 is used in the final criterion of RFC 1901 through 1908. SNMPv2c is only
a transitional version between SNMPv1 and SNMPv3. To avoid the lack of security
in SNMPv1 and SNMPv2c, IETF develops the SNMPv3 protocol, which is described
in RFC2271 through 2275 and RFC2570 through RFC2575 in details.
RFC2570 through RFC2575 supplements and subdivides SNMPv3 on the basis of
RFC2271 through RFC2275, giving a complete and exact description of the
processing of abnormal errors and the message processing procedure. The
SNMPv3 framework thus defined has become a feasible standard.
Security of SNMPv3 is mostly represented by data security and access control.
Data security features provided in SNMPv3
Message-level data security provided in SNMPv3 includes the following three
aspects:
Data integrity. It ensures that data will not be tampered with by means of
unauthorized modes and the data sequence will only be changed within the
permitted range.
Data origin authentication. It confirms which user the received data is from.
Security defined in SNMPv3 is user-based. Hence, it authenticates the users
that generate messages instead of the particular applications that are used
to generate the messages.
Data confidentiality. Whenever an NMS or agent receives a message, it will
verify when the message is generated. If the difference between the
generating time of message and the current system time exceeds the
specified time range, the message will be rejected. Thereby, it ensures that
the message has not been tampered with in-transit on the network and
prevents processing of received malicious messages.
Access control in SNMPv3
As a security measure, access control defined in SNMPv3 implements a security
check on the basis of protocol operations, thereby to controlling access to the
managed objects.
MIB accessible to a SNMP entity is defined by the particular context. For
security reasons, different groups and corresponding authorities probably need
to be defined on one entity. The authorities are specified by the MIB view. A
MIB view specifies a collection of managed object types in the context. The MIB
view takes the form of a “view sub-tree” to define objects because MIB adopts
the tree structure. If the flag of the object to be accessed belongs to the MIB