xStack
®
DGS-3620 Series Layer 3 Managed Stackable Gigabit Switch Hardware Installation Guide
38
In SNMP v1 and v2, user authentication is accomplished using 'community strings', which function like passwords.
The remote user SNMP application and the Switch SNMP must use the same community string. SNMP packets from
any station that has not been authenticated are ignored (dropped).
The default community strings for the Switch used for SNMP v1 and v2 management access are:
public - Allows authorized management stations to retrieve MIB objects.
private - Allows authorized management stations to retrieve and modify MIB objects.
SNMP v3 uses a more sophisticated authentication process that is separated into two parts. The first part is to
maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes
what each user on that list can do as an SNMP manager.
The Switch allows groups of users to be listed and configured with a shared set of privileges. The SNMP version may
also be set for a listed group of SNMP managers. Thus, a group of SNMP managers can be created to view read-only
information or receive traps using SNMP v1 while assigning a higher level of security to another group, granting
read/write privileges using SNMP v3.
Using SNMP v3 individual users or groups of SNMP managers can be allowed to perform or be restricted from
performing specific SNMP management functions. The functions allowed or restricted are defined using the Object
Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMP v3 in that SNMP
messages may be encrypted. To read more about how to configure SNMP v3 settings for the Switch read the section
entitled Management.
Traps
Traps are messages that alert network personnel of events that occur on the Switch. The events can be as serious as
a reboot (someone accidentally turned OFF the Switch), or less serious like a port status change. The Switch
generates traps and sends them to the trap recipient (or network manager). Typical traps include trap messages for
Authentication Failure, Topology Change and Broadcast\Multicast Storm.
Management Information Base (MIB)
The Switch in the Management Information Base (MIB) stores management and counter information. The Switch uses
the standard MIB-II Management Information Base module. Consequently, values for MIB objects can be retrieved
from any SNMP-based network management software. In addition to the standard MIB-II, the Switch also supports its
own proprietary enterprise MIB as an extended Management Information Base. The proprietary MIB may also be
retrieved by specifying the MIB Object Identifier. MIB values can be either read-only or read-write.