ZyXEL Communications ES3500-24 User Manual page 293

Table 127 Management > Access Control > SNMP > User (continued)
LABEL
Security Level
Authentication
Password
Privacy
Password
Group
Add
Cancel
Clear
Index
Username
Security
Level
Authenticati
on
Privacy
Group
ES3500-24 User's Guide
DESCRIPTION
Select whether you want to implement authentication and/or encryption for SNMP
communication from this user. Choose:
• noauth -to use the username as the password string to send to the SNMP
manager. This is equivalent to the Get, Set and Trap Community in SNMP v2c.
This is the lowest security level.
• auth - to implement an authentication algorithm for SNMP messages sent by
this user.
• priv - to implement authentication and encryption for SNMP messages sent by
this user. This is the highest security level.
Note: The settings on the SNMP manager must be set at the same security level or
higher than the security level settings on the Switch.
Select an authentication algorithm. MD5 (Message Digest 5) and SHA (Secure
Hash Algorithm) are hash algorithms used to authenticate SNMP data. SHA
authentication is generally considered stronger than MD5, but is slower.
Enter the password of up to 32 ASCII characters for SNMP user authentication.
Specify the encryption method for SNMP communication from this user. You can
choose one of the following:
• DES - Data Encryption Standard is a widely used (but breakable) method of
data encryption. It applies a 56-bit key to each 64-bit block of data.
• AES - Advanced Encryption Standard is another method for data encryption
that also uses a secret key. AES applies a 128-bit key to 128-bit blocks of data.
Enter the password of up to 32 ASCII characters for encrypting SNMP packets.
SNMP v3 adopts the concept of View-based Access Control Model (VACM) group.
SNMP managers in one group are assigned common access rights to MIBs. Specify
in which SNMP group this user is.
admin - Members of this group can perform all types of system configuration,
including the management of administrator accounts.
readwrite - Members of this group have read and write rights, meaning that the
user can create and edit the MIBs on the Switch, except the user account and AAA
configuration.
readonly - Members of this group have read rights only, meaning the user can
collect information from the Switch.
Click Add to insert the entry in the summary table below and save your changes
to the Switch's run-time memory. The Switch loses these changes if it is turned off
or loses power, so use the Save link on the top navigation panel to save your
changes to the non-volatile memory when you are done configuring.
Click Cancel to reset the fields to your previous configuration.
Click Clear to reset the fields to the factory defaults.
This is a read-only number identifying a login account on the Switch. Click on an
index number to view more details and edit an existing account.
This field displays the username of a login account on the Switch.
This field displays whether you want to implement authentication and/or
encryption for SNMP communication with this user.
This field displays the authentication algorithm used for SNMP communication with
this user.
This field displays the encryption method used for SNMP communication with this
user.
This field displays the SNMP group to which this user belongs.
Chapter 38 Access Control
293