3.5.2
SNMPv3 Access Control
SNMPv3 messages reference a user which must be defined on the target device (the MPS). The
messages may contain authentication or authentication with encryption. An authenticated message
contains a password which establishes the identity of the user, but the contents of the message are
readable to other devices on the network. A message with authentication and encryption establishes
the identity of the user and the message itself is encrypted to protect the content of the message.
Using the SNMP Configuration Pane (see Figure G), you can configure whether the MPS will require
either authentication or encryption to allow access to elements of the MPS via SNMP. Separate access
control parameters can be set for the System MIB objects and the UPS MIB objects. The System MIB
objects reference network parameters, such as access errors, device up-time, and network identification
variables. The UPS MIB objects reference parameters related to the operation of the MPS.
3.5.3
SNMPv3 Users
The MPS allows the definition of up to three different users for the purposes of SNMPv3 access. For
each user, a separate password can be entered for authentication (access control) and encryption
(message privacy). For authentication purposes, a choice is offered between MD5 and SHA1 hashing of
the authentication password. Note that even if authentication and encryption passwords are defined
for a user, SNMPv3 will still allow a monitoring device to send an unauthenticated or unencrypted
message referencing that user name. The access control for the MPS reporting and control must be set
separately, see Section 3.5.2.
Figure H SNMPv3 User Setup Pane
