S o n o m a U s e r M a n u a l
49
"Smarter Timing Solutions"
Chapter
Six
Simple Network Management Protocol (SNMP)
Your Sonoma includes the NET-SNMP version 5.5.1 implementation of an SNMP agent,
snmpd
, and
a SNMP notification/trap generation utility,
snmptrap
. It supports all versions of the protocol in
use today: SNMPv1 (the original Internet standard), SNMPv2c (never reached standard status, often
called “community SNMP”) and SNMPv3 (the latest Internet standard).
The NET-SNMP project has its roots in the Carnegie-Mellon University SNMP implementation. For
more detailed information about the NET-SNMP project and to obtain management software and
detailed configuration information, you can visit this website:
An excellent book which describes operation and configuration of various SNMP managers and
agents, including the NET-SNMP implementations, is available from O’Reilley & Associates:
Essential SNMP
, Mauro & Schmidt, O’Reilley & Associates, 2001
If you are planning to operate with SNMPv3, it is highly recommended that you make use of both of
these resources to familiarize yourself with the agent configuration concepts.
SNMPv3 Security
Prior to SNMPv3, SNMP had definite security inadequacies due to using two community names in
a manner analogous to passwords that were transmitted over the network as clear text. In addition,
since no mechanism existed for authenticating or encrypting session data, any number of man-in-
the-middle data corruption/replacement exploits were possible in addition to plain old snooping to
learn the community names. SNMPv3 implements the User-based Security Model (USM) defined in
RFC-2274 which employs modern cryptographic technologies to both authenticate multiple users and
to encrypt their session data for privacy, much in the same way that SSH does for remote login shell
users.
In addition, it implements the View-based Access Control Model (VACM) defined in RFC-2275.
This RFC defines mechanisms for limiting the access of multiple users having various security levels
(no authentication, authentication or authentication plus privacy) to specific “views” of the Structure
of Management Information (SMI) object tree.
Содержание Sonoma N12
Страница 2: ......
Страница 16: ...S o n o m a U s e r M a n u a l This page intentionally left blank...
Страница 20: ...S o n o m a U s e r M a n u a l 4 C H A P T E R O N E This page intentionally left blank...
Страница 32: ...S o n o m a U s e r M a n u a l 16 C H A P T E R T W O This page intentionally left blank...
Страница 48: ...S o n o m a U s e r M a n u a l 32 C H A P T E R T H R E E This page intentionally left blank...
Страница 70: ...S o n o m a U s e r M a n u a l 54 C H A P T E R S I X This page intentionally left blank...
Страница 82: ...S o n o m a U s e r M a n u a l 66 C H A P T E R S E V E N This page intentionally left blank...
Страница 122: ...S o n o m a U s e r M a n u a l 106 A P P E N D I X A This page intentionally left blank...
Страница 156: ...S o n o m a U s e r M a n u a l 140 A P P E N D I X E...
Страница 158: ...S o n o m a U s e r M a n u a l 142 A P P E N D I X F This page intentionally left blank...
Страница 168: ...S o n o m a U s e r M a n u a l 152 A P P E N D I X H...
Страница 169: ...153 S o n o m a U s e r M a n u a l S P E C I F I C AT I O N S...
Страница 170: ...S o n o m a U s e r M a n u a l 154 A P P E N D I X H This page intentionally left blank...
Страница 172: ...S o n o m a U s e r M a n u a l 156 S P E C I A L M O D I F I C AT I O N S This page intentionally left blank...
Страница 173: ......