Snmpv3 Overview; Snmpv3 Authentication Protocols - Allied Telesis AT-GS950/8 User Manual
Allied telesis - websmart 8-port gigabit switch web users guide
Hide thumbs
Also See for AT-GS950/8:
- User manual (76 pages) ,
- Installation manual (54 pages) ,
- Manual (44 pages)
Table of Contents
Advertisement
Chapter 21: Simple Network Management Protocol SNMPv3
SNMPv3 Overview
SNMPv3
Authentication
Protocols
274
The SNMPv3 protocol builds on the existing SNMPv1 and SNMPv2c
protocol implementation which is described in Chapter 20 on page 263. In
SNMPv3, User-based Security Model (USM) authentication is
implemented along with encryption, allowing you to configure a secure
SNMP environment.
The SNMPv3 protocol uses different terminology than the SNMPv1 and
SNMPv2c. In the SNMPv1 and SNMPv2c protocols, the terms agent and
manager are used. An agent is the software within an SNMP user while a
manager is an SNMP host. In the SNMPv3 protocol, agents and
managers are called entities. In any SNMPv3 communication, there is an
authoritative entity and a non-authoritative entity. The authoritative entity
checks the authenticity of the non-authoritative entity. And, the non-
authoritative entity checks the authenticity of the authoritative entity.
With the SNMPv3 protocol, you create users, determine the protocol used
for message authentication as well as determine if data transmitted
between two SNMP entities is encrypted. In addition, you can restrict user
privileges by defining which portions of the Management Information
Bases (MIB) that a user can view. In this way, you restrict which MIBs a
user can display and modify. In addition, you can restrict the types of
messages, or traps, the user can send. (A trap is a type of SNMP
message.) After you have created a user, you define SNMPv3 message
notification. This consists of determining where messages are sent and
what types of messages can be sent. This configuration is similar to the
SNMPv1 and SNMPv2c configuration because you configure IP
addresses of trap receivers, or hosts. In addition, with the SNMPv3
implementation you decide what types of messages are sent.
This section further describes the features of the SNMPv3 protocol. The
following subsections are included:
"SNMPv3 Authentication Protocols" on page 274
"SNMPv3 Privacy Protocol" on page 275
"SNMPv3 MIB Views" on page 275
"SNMPv3 Configuration Process" on page 276
The SNMPv3 protocol supports two authentication protocols - HMAC-
MD5-96 (MD5) and HMAC-SHA-96 (SHA). Both MD5 and SHA use an
algorithm to generate a message digest. Each authentication protocol
authenticates a user by checking the message digest. In addition, both
protocols use keys to perform authentication. The keys for both protocols
are generated locally using the Engine ID and the user password. You
modify a key only by modifying the user password.
Hide quick links:
Advertisement
Table of Contents
