Table of Contents
Advertisement
4.3 Simple Network Management Protocol
Simple Network Management Protocol (SNMP) is a communication protocol designed specifically for managing devices on a
network. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to
configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or
detect potential problems.
Managed devices supporting SNMP contain software, which runs locally on the device and is referred to as an agent. A defined
set of variables, known as managed objects, is maintained by the SNMP agent and used to manage the device. These objects
are defined in a Management Information Base (MIB) that provides a standard presentation of the information controlled by
the agent. SNMP defines both the format of the MIB specifications and the protocol used to access this information over the
network.
The Managed Switch includes an onboard agent that supports SNMP versions 1, 2c, and 3. This agent continuously monitors
the status of the Managed Switch hardware, as well as the traffic passing through its ports. A network management station can
access this information using software such as HP OpenView. Access to the onboard agent from clients using SNMP v1 and v2c
is controlled by community strings. To communicate with the switch, the management station must first submit a valid
community string for authentication.
Access to the switch using from clients using SNMPv3 provides additional security features that cover message integrity,
authentication, and encryption; as well as controlling user access to specific areas of the MIB tree.
The SNMPv3 security structure consists of security models, with each model having it's own security levels. There are three
security models defined, SNMPv1, SNMPv2c, and SNMPv3. Users are assigned to "groups" that are defined by a security
model and specified security levels. Each group also has a defined security access to set of MIB objects for reading and writing,
which are known as "views." The switch has a default view (all MIB objects) and default groups defined for security models v1
and v2c. The following table shows the security models and levels available and the system default settings.
Model
Level
v1
noAuthNoPriv
v1
noAuthNoPriv
v1
noAuthNoPriv
v2c
noAuthNoPriv
v2c
noAuthNoPriv
v2c
noAuthNoPriv
v3
noAuthNoPriv
v3
AuthNoPriv
Group
Read View
public (read only)
defaultview
private(read/write)
defaultview
user defined
user defined
public (read only)
defaultview
private (read/write)
defaultview
user defined
user defined
user defined
user defined
user defined
user defined
User's Manual of SGSD-1022 / SGSD-1022P
Write View
Notify View
none
none
defaultview
none
user defined
user defined
none
none
defaultview
none
user defined
user defined
user defined
user defined
user defined
user defined
96
SGSW-2840 / SGSW-2840P
Security
Community string only
Community string only
Community string only
Community string only
Community string only
Community string only
A user name match only
Provides user
authentication via MD5
or SHA algorithms
Hide quick links:
Advertisement
Table of Contents
