Table of Contents
Advertisement
The server encodes SNMP responses using the same SNMP version received in the
corresponding request and encodes traps using the SNMP version configured for the
trap recipient.
SNMPv2c supports the capabilities defined for SNMPv1 and provides greater power
and flexibility through the addition of several features, including:
SNMPv3 is an extensible SNMP framework that supplements the SNMPv2c framework
by supporting:
Security Features
As users transfer more sensitive information, such as billing details, through the
Internet, security becomes more critical for SNMP and other protocols. SNMPv3
provides the user-based security model (USM) to address authentication and data
encryption.
Authentication provides the following benefits:
SNMPv3 authenticates users through the HMAC-MD5-96 or HMAC-SHA-96 protocols;
CBC-DES is the encryption or privacy protocol. The SNMP agent recognizes up to 32
usernames that can have one of the following security levels:
In contrast, SNMPv1and SNMPv2c provide only password protection, through the
community name and IP address. When an SNMP server receives a request, the
server extracts the client's IP address and the community name. The SNMP
community table is searched for a matching community. If a match is found, its
SNMPv2c (Community-based SNMPv2, defined in RFC 1901 and RFC 3416)
SNMPv3 (compliant with RFCs 3410–3418, STD 62)
More detailed error codes
GetBulk operation for efficient retrieval of large amounts of data
64-bit counters
Security for messages
Explicit access control
Only authorized parties can communicate with each other. Consequently, a
management station can interact with a device only if the administrator
configured the device to allow the interaction.
Messages are received promptly; users cannot save messages and replay them
to alter content. This feature prevents users from sabotaging SNMP configurations
and operations. For example, users can change configurations of network devices
only if authorized to do so.
No authentication and no privacy (none)
Authentication only (auth only)
Authentication and privacy (priv)
Chapter 4: Configuring SNMP
151
Overview
Advertisement
Table of Contents
Troubleshooting
