SNMPv3

SNMPv3 is the latest SNMP version to become a full standard. Its introduction has moved SNMPvl and SNMPv2 to historic status. SNMPv3, which is described in RFCs 3410 through 3415, adds methods to ensure the secure transmission of critical data to and from managed devices. Table 3-2 lists these RFCs. Note that these RFCs make RFCs 2271 through 2275 and RFCs 2570 through 2575 obsolete.

Table 3-2 SNMPv3 Proposed Standards Documents

RFC Number

Title of RFC

3410

Introduction and Applicability Statements for Internet-Standard Management Framework

3411

An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks

3412

Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)

3413

Simple Network Management Protocol (SNMP) Applications

3414

User-based Security Model (USM) for Version 3 of the Simple Network Management Protocol (SNMPv3)

3415

View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)

SNMPv3 introduces the following three security levels:

SNMPv3 introduces the following three security levels:

■ NoAuthNoPriv: Without authentication and without privacy (encryption).

■ AuthNoPriv: With authentication but without privacy. Authentication is based on Hash-Based Message Authentication Code-Message Digest 5 or HMAC-Secure Hash Algorithm algorithms.

■ AuthPriv: With authentication as described earlier and privacy using the 56-bit Cipher-Block Chaining-Data Encryption Standard encryption standard.

Security levels can be specified per user or per group of users via direct interaction with the managed device or via SNMP operations. Security levels determine which SNMP objects a user can access for reading, writing, or creating, and the list of notifications that users can receive. On Cisco routers, Cisco IOS software release 12.0 and later versions implement SNMPv3.

Was this article helpful?

0 0

Post a comment