Table of Contents
Advertisement
SNMP Versions
Security Models and Levels for SNMPv1, v2, v3
The security level determines if an SNMP message needs to be protected from disclosure and if the message
needs to be authenticated. The various security levels that exist within a security model are as follows:
• noAuthNoPriv—Security level that does not provide authentication or encryption.
• authNoPriv—Security level that provides authentication but does not provide encryption.
• authPriv—Security level that provides both authentication and encryption.
Three security models are available: SNMPv1, SNMPv2c, and SNMPv3. The security model combined with
the security level determine the security mechanism applied when the SNMP message is processed.
Table 9: SNMP Security Models and Levels, on page 66
and levels mean.
Table 9: SNMP Security Models and Levels
Model
v1
v2c
v3
v3
v3
System Management Configuration Guide for the Cisco NCS 6000 Series Router, Release 5.0.x
66
Level
Authentication
noAuthNoPriv
Community string
noAuthNoPriv
Community string
noAuthNoPriv
Username
authNoPriv
HMAC-MD5 or
HMAC-SHA
authPriv
HMAC-MD5 or
HMAC-SHA
identifies what the combinations of security models
Encryption
No
No
No
No
DES
Implementing SNMP
What Happens
Uses a community
string match for
authentication.
Uses a community
string match for
authentication.
Uses a username
match for
authentication.
Provides
authentication based
on the
1
2
HMAC
-MD5
algorithm or the
3
HMAC-SHA
.
Provides
authentication based
on the HMAC-MD5
or HMAC-SHA
algorithms. Provides
4
DES
56-bit
encryption in
addition to
authentication based
5
on the CBC
DES
(DES-56) standard.
Advertisement
Table of Contents
