SNMP Security
Community Strings
The manager can request data from the agent, or can set variable values
in the agent. Agents can reply to the manager's requests, and can also
report events.
SNMP collects information two ways:
SNMP management stations poll the devices on the network.
■
Devices send alerts to SNMP management stations.
■
SNMP has successive iterations as its operations have become more
secure. These iteration, in order of greater security, are SNMPv1, SNMPv2,
and SNMPv3. The system supports these three modes.
The system supports these two security models:
Community Strings — Pre-SNMPv3 standard compatibility
■
User-based Security Model (USM) — SNMPv3
■
The View-based Access Control Model (VACM) applies to both security
models.
3Com recommends that you use SNMPv3 because of its enhanced
security features.
Community Strings
■
User-based Security Model (USM)
■
View-based Access Control Model (SNMPv1, SNMPv2c and SNMPv3)
■
Traps, Notifications, and Informs
■
Community strings is the method by which SNMPv1 manages its own
security.
An SNMP community is the group to which devices and management
stations running SNMP belong, and that determines where to send
information. SNMP identifies a community by means of a community
name.
It is possible for an SNMP device or agent to belong to more than one
SNMP community. The SNMP agent does not respond to requests from
management stations that do not belong to one of its communities.
SNMP Security
375