SNMP Support
Issue 2 July 2005
77
SNMPv3
SNMPv3 enables the following features over SNMPv1 or v2c:
●
User authentication with a username and password. Authentication is performed using
md5 or sha-1.
●
Communication encryption between the Network Management Station (NMS) and the
SNMP agent at the application level
●
Access control definition for specific MIB items available on the SNMP agent
●
Notification of specified network events directed toward specified users
●
Definition of roles using access control, each with unique access permissions and
authentication/encryption requirements
The basic components in SNMPv3 access control are users, groups, and views.
In addition. SNMPv3 uses an SNMP engine ID to identify an SNMP entity. An SNMP engine ID
is assigned to each IP address of each device in the network. Each SNMP engine ID should be
unique in the network.
Users
SNMPv3 uses the User-based Security Model (USM) for security, and the View-based Access
Control Model (VACM) for access control. USM uses the HMAC-MD5-96 and HMAC-SHA-96
protocols for user authentication, and the CBC-DES56 protocol for encryption.
A maximum of 21 users, including local users and remote users getting notifications can be
defined on a stack. If the SNMP engine ID changes, all users other than the default user for the
stack are invalid and must be redefined. The SNMP engine ID can be changed via the CLI. In
addition, a change in the IP address of the stack automatically changes the SNMP engine ID.
SNMPv3 supports three security levels:
●
NoAuthNoPriv - This is the lowest level of SNMPv3 security. No authentication is done and
no encryption is performed. This method is maintains the same security level as SNMPv1,
but provides a method for limiting the access rights of a user.
●
AuthNoPriv - User authentication is performed based on MD5 or SHA algorithms. The
message is sent with an HMAC that is calculated with the user key. The data part is sent
unencrypted.
●
AuthPriv - User authentication is performed based on MD5 or SHA algorithms. 'The
message is sent with HMAC for authentication, and encrypted using DES.
To create an SNMPv3 user account, you must provide the following information:
●
UserName - string representing the name of the user.
●
Maximum length: 32 characters.
Содержание C360 Manager
Страница 12: ...Contents 12 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5...
Страница 17: ...Issue 2 July 2005 17 Section 1 Avaya C360 Overview...
Страница 18: ...18 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5...
Страница 29: ...Issue 2 July 2005 29 Section 2 Installing the C360...
Страница 30: ...30 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5...
Страница 52: ...Installation 52 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5...
Страница 91: ...Issue 2 July 2005 91 Section 3 Avaya C360 Configuration...
Страница 92: ...92 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5...
Страница 210: ...C360 Device Manager 210 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5...
Страница 211: ...Issue 2 July 2005 211 Section 4 Troubleshooting and Maintaining the Avaya C360...
Страница 212: ...212 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5...
Страница 222: ...Maintenance 222 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5...
Страница 230: ...Mixed Stacks 230 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5...
Страница 248: ...248 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches version 4 5 Index...