Table of Contents
Advertisement
SNMP Configuration Summary
SNMPv3
5.1.2
SNMPv3
SNMPv3 is an interoperable standards-based protocol that provides secure access to devices by
authenticating and encrypting frames over the network. The advanced security features provided in
SNMPv3 are as follows:
•
Message integrity — Collects data securely without being tampered with or corrupted.
•
Authentication — Determines the message is from a valid source.
•
Encryption — Scrambles the contents of a frame to prevent it from being seen by an
unauthorized source.
Unlike SNMPv1 and SNMPv2c, in SNMPv3, the concept of SNMP agents and SNMP managers
no longer apply. These concepts have been combined into an SNMP entity. An SNMP entity
consists of an SNMP engine and SNMP applications. An SNMP engine consists of the following
four components:
•
Dispatcher — This component sends and receives messages.
•
Message processing subsystem — This component accepts outgoing PDUs from the dispatcher
and prepares them for transmission by wrapping them in a message header and returning them
to the dispatcher. The message processing subsystem also accepts incoming messages from the
dispatcher, processes each message header, and returns the enclosed PDU to the dispatcher.
•
Security subsystem — This component authenticates and encrypts messages.
•
Access control subsystem — This component determines which users and which operations are
allowed access to managed objects.
5.1.3
About SNMP Security Models and Levels
An SNMP security model is an authentication strategy that is set up for a user and the group in
which the user resides. A security level is the permitted level of security within a security model.
The three levels of SNMP security are: No authentication required (NoAuthNoPriv); authentication
required (AuthNoPriv); and privacy (authPriv). A combination of a security model and a security
level determines which security mechanism is employed when handling an SNMP frame.
identifies the levels of SNMP security available on Matrix Series devices and authentication
required within each model.
5-2 Matrix NSA Series Configuration Guide
Does not apply to MATRIX E7.
Table 5-1
Advertisement
Chapters
Table of Contents
