Using The User-Based Security Model; Configuring Your Nms; Configuring Snmp Version 3 On The Bigiron Rx - Dell PowerConnect B-RX Configuration Manual
Bigiron rx series configuration guide v02.8.00
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1436 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
Using the user-based security model
SNMP version 3 (RFC 2570 through 2575) introduces a User-Based Security model (RFC 2574) for
authentication and privacy services.
SNMP version 1 and version 2 use community strings to authenticate SNMP access to
management modules. This method can still be used for authentication. In SNMP version 3, the
User-Based Security model of SNMP can be used to secure against the following threats:
•
•
•
•
Furthermore, SNMP version 3 supports View-Based Access Control Mechanism (RFC 2575) to
control access at the PDU level. It defines mechanisms for determining whether or not access to a
managed object in a local MIB by a remote principal should be allowed. (Refer to
views"
NOTE
SNMP version 3 Notification is not supported at this time. The system will generate traps in SNMP
version 1 format.
NOTE
SNMP may timeout when trying to get module temperature values. You must increase the timeout
value to 10 seconds to prevent a timeout.
Configuring your NMS
To be able to use the SNMP version 3 features.
1. Make sure that your Network Manager System (NMS) supports SNMP version 3.
2. Configure your NMS agent with the necessary users.
3. Configure the SNMP version 3 features in the BigIron RX.
Configuring SNMP version 3 on the BigIron RX
To configure SNMP version 3 on the BigIron RX, do the following.
1. Enter an engine ID for the management module using the snmp-server engineid command if
2. Create views that will be assigned to SNMP user groups using the snmp-server view command.
3. Create ACL groups that will be assigned to SNMP user groups using the access-list command.
4. Create user groups using the snmp-server group command. Refer to
BigIron RX Series Configuration Guide
53-1002253-01
Modification of information
Masquerading the identity of an authorized entity
Message stream modification
Disclosure of information
on page 1020.)
you will not use the default engine ID. Refer to
Refer to
"Defining SNMP views"
Refer to
Chapter 21, "Access Control List"
on page 1016.
Using the user-based security model
"Defining the engine ID"
on page 1020 for details.
for details.
36
"Defining SNMP
on page 1016.
"Defining an SNMP group"
1015
Advertisement
Table of Contents
