57
Expert Power Control 8291
© 2020 GUDE Systems GmbH
Specifications
·
If encryption or authentication is used, then SNMP v1 and v2c should be turned off.
Otherwise the device could be accessed with it.
·
If only authentication is used, then the new "HMAC-SHA-2" methods are superior to
the MD5 or SHA-1 hashing algorithms. Since only SHA-256 is accelerated in hard-
ware, and SHA-384 and SHA-512 are calculated purely in software, one should nor-
mally select SHA-256. From a cryptographic point of view, the security of SHA-256 is
sufficient for today's usage.
·
For SHA-1, there are a little less attack scenarios than MD5. If in doubt, SHA-1 is
preferable.
·
Encryption "DES" is considered very unsafe, use only in an emergency for reasons of
compatibility!
·
For cryptologists it's a debatable point whether "HMAC-MD5-96" and "HMAC-SHA-96"
can muster enough entropy for key lengths of "AES-192" or "AES-256".
·
From the foregoing considerations, we would recommended at present "HMAC-SHA-
96" with "AES-128" as authentication and encryption method.
Change in Trap Design
In older MIB tables, a separate trap was defined for each combination of an event
and a port number. This results in longer lists of trap definitions for the devices. For ex-
ample, from
epc8221SwitchEvtPort1
to
epc8221SwitchEvtPort12.
Since new firmware
versions can generate many more different events, this behavior quickly produces several
hundred trap definitions. To limit this overabundance of trap definitions, the trap design
has been changed to create only one specific trap for each event type. The port or
sensor number is now available in the trap as an index OID within the variable bindings.
In order to recognize this change directly, the "Notification" area in the MIB table has
been moved from sysObjectID.0 to sysObjectID.3. This way, unidentified events are gen-
erated until the new MIB table is imported. For compatibility reasons, SNMP v1 traps are
created in the same way as before.
NET-SNMP
NET-SNMP provides a very widespread collection of SNMP command-line tools (snmp-
get, snmpset, snmpwalk etc.) NET-SNMP is among others available for Linux and Win-
dows. After installing NET-SNMP you should create the device-specific MIB of the device
in NET-SMP share directory, e.g. after
c:\usr\share\snmp\mibs
or
/usr/share/snmp/mibs
So later you can use the 'subtree names' instead of OIDs:
Name:
snmpwalk -v2c -mALL -c public 192.168.1.232 gudeads
OID:
snmpwalk -v2c -mALL -c public 192.168.1.232 1.3.6.1.4.1.28507
NET-SNMP Examples
Query Power Port 1 switching state:
snmpget -v2c -mALL -c public 192.168.1.232 epc822XPortState.1
Summary of Contents for Expert Power Control 8291
Page 2: ...2 Expert Power Control 8291 2020 GUDESystems GmbH ...
Page 5: ...Device Description ...
Page 16: ...Operating ...
Page 26: ...Configuration ...
Page 52: ...Specifications ...
Page 85: ...Support ...