Using Simple Network Management Protocol; Configuring Snmp System And Trap Settings - AMX NXA-ENET8-2POE Operation/Reference Manual

Using Simple Network Management Protocol

Simple Network Management Protocol (SNMP) is a communication protocol designed specifically for
managing devices on a network. Equipment commonly managed with SNMP includes switches, routers and
host computers. SNMP is typically used to configure these devices for proper operation in a network
environment, as well as to monitor them to evaluate performance or detect potential problems.
Managed devices supporting SNMP contain software, which runs locally on the device and is referred to as an
agent. A defined set of variables, known as managed objects, is maintained by the SNMP agent and used to
manage the device. These objects are defined in a Management Information Base (MIB) that provides a
standard presentation of the information controlled by the agent. SNMP defines both the format of the MIB
specifications and the protocol used to access this information over the network.
The switch includes an onboard agent that supports SNMP versions 1, 2c, and 3. This agent continuously
monitors the status of the switch hardware, as well as the traffic passing through its ports. A network
management station can access this information using software such as HP OpenView.
Access to the onboard agent from clients using SNMP v1 and v2c is controlled by community strings. To
communicate with the switch, the management station must first submit a valid community string for
authentication.
Access to the switch using from clients using SNMPv3 provides additional security features that cover
message integrity, authentication, and encryption; as well as controlling user access to specific areas of the
MIB tree.
The SNMPv3 security structure consists of security models, with each model having it's own security levels.
There are three security models defined, SNMPv1, SNMPv2c, and SNMPv3. Users are assigned to "groups"
that are defined by a security model and specified security levels. Each group also has a defined security access
to set of MIB objects for reading and writing, which are known as "views." The switch has a default view (all
MIB objects) and default groups defined for security models v1 and v2c.
The following table shows the security models and levels available and the system default settings.
SNMP Security Models and Levels
Model Level
v1 noAuth NoPriv public
v1 noAuth NoPriv private
v1 noAuth NoPriv user defined
v2c noAuth NoPriv public
v2c noAuth NoPriv private
v2c noAuth NoPriv user defined
v3 noAuth NoPriv user defined
v3 Auth NoPriv
v3 Auth Priv
The predefined default groups and view can be deleted from the system. You can
then define customized groups and views for the SNMP clients that require access.

Configuring SNMP System and Trap Settings

Use the SNMP System Configuration page to configure basic settings and traps for SNMP. To manage the
switch through SNMP, you must first enable the protocol and configure the basic access parameters. To issue
trap messages, the trap function must also be enabled and the destination host specified.
NXA-ENET8-2POE Gigabit Ethernet Layer 2 PoE Switch
Community String Group
default_ro_group default_view
default_rw_group
user defined
default_ro_group default_view
default_rw_group default_view
user defined
default_view
user defined user defined
user defined user defined
Configuring the NXA-ENET8-2POE
Read View Write View View Security
none Community string only
default_view default_view Community string only
user defined user defined Community string only
none Community string only
default_view Community string only
user defined user defined Community string only
default_view default_view A user name match only
user defined user defined Provides user
authentication via MD5 or
SHA algorithms
user defined user defined Provides user
authentication via MD5 or
SHA algorithms and data
privacy using DES 56-bit
encryption
55