Snmp Header Network Address; Snmpv3 Support; Other Security Equipment - Avaya 8800 Planning And Engineering, Network Design

Network security
SSHv1/v2
SSH is used to conduct secure communications over a network between a server and a client. The
switch supports only the server mode (supply an external client to establish communication). The
server mode supports SSHv1 and SSHv2.
The SSH protocol offers:
• Authentication
SSH determines identities. During the logon process, the SSH client asks for a digital proof of
the identity of the user.
• Encryption
SSH uses encryption algorithms to scramble data. This data is rendered unintelligible except to
the intended receiver.
• Integrity
SSH guarantees that data is transmitted from the sender to the receiver without any alteration.
If any third party captures and modifies the traffic, SSH detects this alteration.
The Avaya Ethernet Routing Switch 8800/8600 supports:
• SSH version 1, with password and Rivest, Shamir, Adleman (RSA) authentication
• SSH version 2 with password and Digital Signature Algorithm (DSA) authentication
• Triple Digital Encryption Standard (3DES)

SNMP header network address

You can direct an IP header to have the same source address as the management virtual IP
address for self-generated UDP packets. If a management virtual IP address is configured and the
udpsrc-by-vip flag is set, the network address in the SNMP header is always the management
virtual IP address. This is true for all traps routed out on the I/O ports or on the out-of-band
management Ethernet port.

SNMPv3 support

SNMP version 1 and version 2 are not secure because communities are not encrypted.
Avaya recommends that you use SNMP version 3. SNMPv3 provides stronger authentication
services and the encryption of data traffic for network management.

Other security equipment

Avaya offers other devices that increase the security of your network.
June 2016 Planning and Engineering — Network Design
Comments on this document? infodev@avaya.com
286