Sun Microsystems StreamLine SL8500 User Manual

SNMP Terms

96154 • Revision K

Appendix C SNMP 133

■

Advanced Encryption Standard (AES)—An NIST-standard cryptographic cipher

that uses a block length of 128 bits and key lengths of 128, 192, or 256 bits. AES uses

the Rijndael algorithm, officially replacing the Triple DES Method. AES encryption

can be done in one pass instead of three and its key size is greater than Triple Desís

168 bits. One of two privacy encryption protocols, AES is a stronger form of

encryption than DES (see also “Data Encryption Standard”). (Source: The Internet

Society, RFC 3664)

■

Agent—A module that resides in a managed device. The agent is responsible for

responding to requests from the manager and for sending traps to a recipient that

inform the systems administrator of potential problems.

■

Community String—Applications use community strings for access control. The

manager includes the community string in its SNMP messages to an agent. The

agent consequently can accept or reject the operation.

■

Data Encryption Standard (DES)—An NIST-standard cryptographic cipher that uses

a 56-bit key. DES has been replaced by AES as an official standard. DES is a

symmetric block cipher that processes 64-bit blocks in four different modes of

operation (electronic code book [ECB] being the most popular). Triple DES added

security by providing several, multiplepass techniques. As an example, Triple DES

encrypts with one key, decrypts the results with a different key, and then encrypts

with a third. These extra passes add considerable time, DES, however, is still used

for applications that do not require the strongest security. One of two privacy

encryption protocols (see also ìAdvanced Encryption Standardî). (Source: The

Internet Society, RFC 1829)

■

EngineID—An administratively unique identifier of an SNMP v3 engine used for

identification, not for addressing (Source: The Internet Society, RFC 3411). SNMP v3

authentication and encryption keys are generated based upon the associated

passwords and the engine ID.

■

Host keyword—Currently, the host keyword is limited to the machine’s IP address

(DNS is not available at this time). The maximum keyword length is 31

alphanumeric characters.

■

Managed device—A device that hosts the services of an SNMP agent that provides

monitored information and controlled operations using SNMP. SL8500 libraries are

managed devices.

■

Management Information Base (MIB)—A collection of information stored in a

database that contains configuration and statistical information for a managed

device. For SL8500 libraries, a copy of the MIB is loaded with microcode and stored

on the processor card. See

“Management Information Base” on page 135

for more

information about the MIB.

■

Manager—Provides the communication link between the systems administrator and

the managed devices on the network. A manager station or server allows the

systems administrator to get information about the device through the MIB and to

receive traps from an agent.

■

Message Digest 5 (MD5)—A popular one-hash function that is used to create a

message digest for digital signatures. MD5 is faster than SHA, but is considered less

secure (see also “Secure Hash Algorithm”). (Source: The Internet Society, RFC 1321)

■

Recipient—A location on a manager where the SNMP agent sends traps. This

location is defined by the combination of either the IP address or DNS name and the

port number. The default recipient port number is 162.