1. Administration
ROS® v3.11User Guide
28
RMC30
1.12. SNMP Management
ROS® supports Simple Network Management Protocol Versions 1 (SNMPv1), 2 (SNMPv2c),
and 3 (SNMPv3). SNMPv3 protocol provides secure access to devices by a combination of
authentication and packet encryption over the network. SNMPv3 security features include the
following:
• message integrity – ensures that a packet has not been tampered with in-transit.
• authentication – determines the message is from a valid source.
• encryption – scrambles the contents of a packet to prevent it from being seen by an
unauthorized source.
SNMPv3 provides security models and security levels. A security model is an authentication
strategy that is set up for a user and the group in which the user resides. A security level is
a permitted level of security within a security model. A combination of a security model and
security level will determine which security mechanism is employed when handling an SNMP
packet.
Note the following about the SNMPv3 protocol:
• each user belongs to a group.
• a group defines the access policy for a set of users.
• an access policy defines what SNMP objects can be accessed for: reading, writing and
creating notifications.
• a group determines the list of notifications its users can receive.
• a group also defines the security model and security level for its users.
Community is configured for protocols v1 and v2c. Community is mapped to the group and
access level with security name (which is configured as User name).
1.12.1. SNMP Users
These parameters provide the ability to configure users for the local SNMPv3 engine, along
with the community for SNMPv1 and SNMPv2c. Note that when employing the SNMPv1 or
SNMPv2c security level, the User Name maps the community name with the security group
and access level. Up to 32 entries can be configured.
Figure 1.15. SNMP User Table