Information About SNMP
Table 7-2
SNMP MIB Support (continued)
MIB Support
SNMP-USER-BASED-SM-
MIB
SNMP-VIEW-BASED-
ACM-MIB
Other MIBs
CISCO-AAA-SERVER-
EXT-MIB
Cisco 4700 Series Application Control Engine Appliance Administration Guide
7-8
Capability MIB
CISCO-SNMP-
USM-CAPABILITY
CISCO-SNMP-
VACM-CAPABILITY
CISCO-AAA-
SERVER-EXT-
CAPABILITY
Description
Provides management information definitions for the User-based
Security Model (USM) for SMNPv3. The SNMPv3 architecture
introduces the User-based Security Model (USM) for message
security.
The USM module decrypts incoming messages. The module then
verifies the authentication data and creates the PDUs. For
outgoing messages, the USM module encrypts PDUs and
generates the authentication data. The module then passes the
PDUs to the message processor, which then invokes the
dispatcher.
The USM module's implementation of the
SNMP-USER-BASED-SM-MIB enables the SNMP manager to
issue commands to manage usersand security keys. The MIB also
enables the agent to ensure that a requesting user exists and has the
proper authentication information. When authentication is done,
the request is carried out by the agent.
The SNMP-USER-BASED-SM-MIB is described in RFC 3414.
User configuration is applicable only for SNMPv3;
Note
SNMPv1 and SNMPv2c use a community string match for
user authentication.
Provides the View-based Access Control Model (VACM) for
SNMPv3. The SNMPv3 architecture introduces VACM for access
control.
The SNMP-VIEW-BASED-ACM-MIB specifies objects that are
needed to control access to all MIB data that is accessible through
the SNMP agent. Upon initialization, the VACM registers as the
access control module with the agent infrastructure. The VACM
implements access control checks according to several parameters
that are derived from the SNMP message.
The SNMP-VIEW-BASED-ACM-MIB is described in RFC 3415.
Acts as an extension to CISCO-AAA-SERVER-MIB. It enhances
the casConfigTable of the CISCO-AAA-SERVER-MIB to include
other types of server addresses. The
CISCO-AAA-SERVER-EXT-MIB manages the following
configuration functions:
Generic configurations as applied on the authentication and
•
accounting module.
Configuration settings (settings for all the AAA servers
•
instrumented in one instance of this MIB).
AAA server group configuration.
•
Application-to-AAA function-to-server group mapping
•
configuration.
Chapter 7
Configuring SNMP
OL-20823-01