Configuring SNMP
SNMP Versions and Workflow
Cisco Small Business 300 Series Managed Switch Administration Guide 275
19
SNMP agents maintain a list of variables that are used to manage the switch. The
variables are defined in the Management Information Base (MIB). The MIB
presents the variables controlled by the agent.
NOTE SNMPv2 protocol has known security vulnerabilities, and it is recommended to use
SNMPv3.
SNMP v3
In addition to the functionality provided by SNMP v1 and v2, SNMP v3 applies
access control and new trap mechanisms to SNMPv1 and SNMPv2 PDUs.
SNMPv3 also defines a User Security Model (USM) that includes:
• Authentication—Provides data integrity and data origin authentication.
• Privacy—Protects against disclosure message content. Cipher Block-
Chaining (CBC) is used for encryption. Either authentication alone is
enabled on an SNMP message, or both authentication and privacy are
enabled on an SNMP message. However, privacy cannot be enabled
without authentication.
• Timeliness—Protects against message delay or playback attacks. The
SNMP agent compares the incoming message time stamp to the message
arrival time.
• Key Management—Defines key generation, key updates, and key use. The
switch supports SNMP notification filters based on Object IDs (OID). OIDs
are used by the system to manage device features.
To Next Page
Loading...
Need help?
General
