FS728TP Smart Switch Software User Manual
Configuring the Device Using Your Browser 5-96
v2.0, November 2006
Configuring SNMP Security
Simple Network Management Protocol (SNMP) provides a method for managing network
devices. The device supports the following SNMP versions:
• SNMP v1 and v2c
•SNMP version 3
The SNMP agents maintain a list of variables that are used to manage the device. The variables are
defined in the Management Information Base (MIB). The SNMP agent defines the MIB
specification format, as well as the format used to access the information over the network. Access
strings control access rights to the SNMP agents.
SNMP v3 applies access control and a new traps mechanism. In addition, User Security Model
(USM) parameters are defined for SNMPv3, including:
• Authentication – Provides data integrity and data origin authentication.
• Privacy – Protects against the disclosure of message content. Cipher Block-Chaining (CBC) is
used for encryption. Either authentication is enabled on an SNMP message, or both
authentication and privacy are enabled on an SNMP message. However, privacy cannot be
enabled without authentication.
• Timeliness – Protects against message delay or message redundancy. The SNMP agent
compares the incoming message to the message time information.
• Key Management – Defines key generation, key updates, and key use.
The device supports SNMP notification filters based on Object IDs (OIDs). OIDs are used by the
system to manage device features. SNMP v3 supports the following features:
• Security
• Feature Access Control
• Traps. The device generates copy traps.
This section contains the following topics:
• Defining the Engine ID
• Defining SNMP Users
• Defining SNMP Groups
• Configuring SNMP Views
• Defining SNMP Communities
• Configuring Trap Station Management
• Defining Global Trap Settings