The SNMP agent maintains a list of variables that are used to manage the
switch. The variables are defined in the MIB. The MIB presents the variables
controlled by the agent. The SNMP agent defines the MIB specification
format, as well as the format used to access the information over the network.
Access rights to the SNMP agent are controlled by access strings.
SNMP v3 also applies access control and a new traps mechanism to SNMPv1
and SNMPv2 PDUs. In addition, the User Security Model (USM) is defined
for SNMPv3 and includes:
Authentication — Provides data integrity and data origin authentication.
Privacy — Protects against disclosure of message content. Cipher-Bock-
Chaining (CBC) is used for encryption. Either authentication is enabled
on an SNMP message, or both authentication and privacy are enabled on
an SNMP message. However privacy cannot be enabled without
Timeliness — Protects against message delay or message redundancy. The
SNMP agent compares incoming message to the message time
Key Management — Defines key generation, key updates, and key use.
Authentication or Privacy Keys are modified in the SNMPv3 User Security
What Are SNMP Traps?
SNMP is frequently used to monitor systems for fault conditions such as
temperature violations, link failures, and so on. Management applications can
monitor for these conditions by polling the appropriate OIDs with the get
command and analyzing the returned data. This method has its drawbacks. If
it is done frequently, significant amounts of network bandwidth can be
consumed. If it is done infrequently, the response to the fault condition may
not occur in a timely fashion. SNMP traps avoid these limitations of the
An SNMP trap is an asynchronous event indicating that something
significant has occurred. This is analogous to a pager receiving an important
message, except that he SNMP trap frequently contains all the information
needed to diagnose a fault.