Cisco WS-C6506 Software Manual page 1140

SNMP Terminology
Table 47-1
Term
authentication
authoritative SNMP engine
community string
data integrity
data origin authentication
encryption
group
notification host
notify view
privacy
read view
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
47-2
SNMP Terminology
Definition
The process of ensuring message integrity and protection against
message replays, including both data integrity and data origin
authentication.
One of the SNMP copies involved in network communication is
designated the allowed SNMP engine to protect against message
replay, delay, and redirection. The security keys that are used for
authenticating and encrypting the SNMPv3 packets are generated
as a function of the authoritative SNMP engine's ID and user
passwords. When an SNMP message expects a response (for
example, get exact, get next, set request), the receiver of these
messages is authoritative. When an SNMP message does not
expect a response, the sender is authoritative.
A text string that is used to authenticate messages between a
management station and an SNMPv1 or SNMPv2c engine.
A condition or state of data in which a message packet has not
been altered or destroyed in an unauthorized manner.
The ability to verify the identity of a user on whose behalf that the
message is supposedly sent. This ability protects the users against
both message capture and replay by a different SNMP engine and
against the packets that are received or sent to a particular user
that uses an incorrect password or security level.
A method of hiding data from an unauthorized user by scrambling
the contents of an SNMP packet.
A set of users belonging to a particular security model. A group
defines the access rights for all the users belonging to it. Access
rights define the SNMP objects that can be read, written to, or
created. In addition, the group defines the notifications that a user
is allowed to receive.
An SNMP entity to which notifications (traps and informs) are to
be sent.
A view name (not to exceed 64 characters) for each group; the
view name defines the list of notifications that can be sent to each
user in the group.
An encrypted state of the contents of an SNMP packet; in this
state, the contents are prevented from being disclosed on a
network. Encryption is performed with an algorithm called
CBC-DES (DES-56).
A view name (not to exceed 64 characters) for each group; the
view name defines the list of object identifiers (OIDs) that can be
read by users belonging to the group.
Chapter 47 Configuring SNMP
OL-8978-04