Snmp Protocol; Security Considerations - Cisco SCE8000 Configuration Manual

Configuring and Managing the SNMP Interface

SNMP Protocol

SNMP (Simple Network Management Protocol) is a set of protocols for managing complex networks.
SNMP works by sending messages, called protocol data units (PDUs), to different parts of a network.
SNMP-compliant devices, called agents, store data about themselves in Management Information Bases
(MIBs) and return this data to the SNMP requesters.
SCE platform supports the original SNMP protocol (also known as SNMPv1), and a newer version called
Community-based SNMPv2 (also known as SNMPv2C).
•
•
SCE platform implementation of SNMP supports all MIB II variables, as described in RFC 1213, and
defines the SNMP traps using the guidelines described in RFC 1215.
The SNMPv1 and SNMPv2C specifications define the following basic operations that are supported by
SCE platform:
Table 5-2
Request Type
Set Request
Get Request
Get Next Request
Get Response
Trap
Get Bulk Request

Security Considerations

By default, the SNMP agent is disabled for both read and write operations. When enabled, SNMP is
supported over the management port only (in-band management is not supported).
In addition, the SCE platform supports the option to configure community of managers for read-write
accessibility or for read-only accessibility.
Cisco SCE8000 Software Configuration Guide, Rel 3.1.6S
5-26
SNMPv1 — is the first version of the Simple Network Management Protocol, as defined in RFCs
1155 and 1157, and is a full Internet standard. SNMPv1 uses a community-based form of security.
SNMPv2c — is the revised protocol, which includes improvements to SNMPv1 in the areas of
protocol packet types, transport mappings, and MIB structure elements but using the existing
SNMPv1 administration structure. It is defined in RFC 1901, RFC 1905, and RFC 1906.
Request Types
Description
Writes new data to one or more of the
objects managed by an agent.
Requests the value of one or more of
the objects managed by an agent.
Requests the Object Identifier(s) and
value(s) of the next object(s) managed
by an agent.
Contains the data returned by an agent.
Sends an unsolicited notification from
an agent to a manager, indicating that
an event or error has occurred on the
agent system
Retrieves large amounts of object
information in a single Request /
response transaction. GetBulk behaves
as if many iterations of GetNext
request/responses were issued, except
that they are all performed in a single
request/response.
Chapter 5 Configuring the Management Interface and Security
Remarks
Set operations immediately affect
the SCE platform running-config
but do not affect the startup config
SCE platform may be configured
to send either SNMPv1 or
SNMPv2 style traps.
This is newly defined SNMPv2c
message.
OL-16479-01