Chapter 8 Configuring SNMP
SNMP Overview
8-2
Cisco 4700 Series Application Control Engine Appliance Administration Guide
OL-11157-01
SNMP Overview
SNMP is an application-layer protocol that facilitates the exchange of
management information between an NMS, SNMP agents, and managed devices
such as the ACE. You can configure the ACE to send traps (event notifications) to
an NMS, or you can use the NMS to browse the MIBs that reside on the ACE.
The ACE contains an SNMP agent that provides support for network monitoring.
The ACE supports SNMP Version 1 (SNMPv1), SNMP Version 2c (SNMPv2c),
and SNMP Version 3 (SNMPv3).
SNMPv1 and SNMPv2c use a community string match for user authentication.
Community strings provide a weaker form of access control. SNMPv3 provides
improved access control by using strong authentication and should be used over
SNMPv1 and SNMPv2c wherever possible.
SNMPv3 is an interoperable standards-based protocol for network management.
SNMPv3 provides secure access to devices by using a combination of
authenticating and encrypting frames over the network. The security features
provided in SNMPv3 are as follows:
•
Message integrity—Ensures that a packet has not been tampered with
in-transit.
•
Authentication—Determines that the message is from a valid source.
•
Encryption—Scrambles the packet contents to prevent it from being seen by
unauthorized sources.
This section contains the following topics:
•
Managers and Agents
•
SNMP Manager and Agent Communication
•
SNMP Traps and Informs
•
SNMPv3 CLI User Management and AAA Integration
•
Supported MIBs and Notifications
•
SNMP Limitations