Open as PDF
16–2 MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL
OVERVIEW CHAPTER 16: SNMP
authoritative. When an SNMP message does not expect a response, the sender is
• Community string - A text string used to authenticate messages between a MGMNT
station and an SNMP v1/v2c engine.
• Data integrity - A condition or state of data in which a message packet has not been
altered or destroyed in an unauthorized manner.
• Data origin authentication - The ability to verify the identity of a user on whose
behalf the message is supposedly sent. This ability protects users against both
message capture and replay by a different SNMP engine, and against packets
received or sent to a particular user that use an incorrect password or security level.
• Encryption - A method of hiding data from an unauthorized user by scrambling the
contents of an SNMP packet.
• Group - A set of users belonging to a particular security model. A group defines the
access rights for all the users belonging to it. Access rights define what SNMP objects
can be read, written to, or created. In addition, the group defines what notifications a
user is allowed to receive.
• Notification host - An SNMP entity to which notifications (traps and informs) are to be
• Notify view - A view name (not to exceed 64 characters) for each group that defines
the list of notifications that can be sent to each user in the group.
• Privacy - An encrypted state of the contents of an SNMP packet where they are
prevented from being disclosed on a network. Encryption is performed with an
algorithm called CBC-DES (DES-56).
• Read view - A view name (not to exceed 64 characters) for each group that defines
the list of object identifiers (OIDs) that are accessible for reading by users belonging to
• Security level - A type of security algorithm performed on each SNMP packet. The
three levels are: noauth, auth, and priv. noauth authenticates a packet by a string
match of the user name. auth authenticates a packet by using either the HMAC MD5
algorithms. priv authenticates a packet by using either the HMAC MD5 algorithms and
encrypts the packet using the CBC-DES (DES-56) algorithm.
• Security model - The security strategy used by the SNMP agent. Currently, ML1600
supports three security models: SNMPv1, SNMPv2c, and SNMPv3.
• Simple Network MGMNT Protocol (SNMP) - A network MGMNT protocol that provides
a means to monitor and control network devices, and to manage configurations,
statistics collection, performance, and security.
• Simple Network MGMNT Protocol Version 2c (SNMPv2c) - The second version of
SNMP, it supports centralized and distributed network MGMNT strategies, and includes
improvements in the Structure of MGMNT Information (SMI), protocol operations,
MGMNT architecture, and security.
• SNMP engine - A copy of SNMP that can either reside on the local or remote device.
• SNMP group - A collection of SNMP users that belong to a common SNMP list that
defines an access policy, in which object identification numbers (OIDs) are both read-
accessible and write-accessible. Users belonging to a particular SNMP group inherit all
of these attributes defined by the group.