70
71
Section 11. Conguring SNMP Management
Simple Network Management Protocol (SNMP) provides a method for managing network devices. The device supports the
following SNMP versions:
SNMP version 1
SNMP version 2c
SNMP version 3
11.1 SNMP v1 and v2c
The SNMP agents maintain a list of variables, which are used to manage the device. The variables are defined in the
Management Information Base (MIB). The SNMP agent denes the MIB specication format, as well as the format used to
access the information over the network. Access rights to the SNMP agents are controlled by access strings.
11.2 SNMP v3
SNMP v3 applies access control and a new traps mechanism. In addition, User Security Model (USM) parameters are
dened for SNMPv3, including:
Authentication — Provides data integrity and data origin authentication.
Privacy — Protects against the disclosure of message content. Cipher Block-Chaining (CBC) is used for encryption.
Either authentication is enabled on a SNMP message, or both authentication and privacy are enabled on a SNMP
message. However, privacy cannot be enabled without authentication.
Timeliness — Protects against message delay or message redundancy. The SNMP agent compares incoming
message to the message time information.
Key Management — Denes key generation, key updates, and key use.
The device supports SNMP notication lters based on Object IDs (OIDs). OIDs are used by the system to manage device
features.
SNMP v3 supports the following features:
Security
Feature Access Control
Traps
The device generates the following traps:
Copy trap
This section contains the following topics:
Dening SNMP Security
Conguring SNMP Notication Settings
11.3 Dening SNMP Security
This section describes conguring of SNMP security parameters, and contains the following topics:
Dening SNMP Global Parameters
Dening SNMP Views
Dening SNMP Group Proles