beautypg.com

1 basic concepts, Management information base, Basic commands – Technicolor - Thomson Wireless Business DSL Routers SpeedTouchTM620 User Manual

Page 145: Traps, Community names, Simultaneous snmp version support, Basic concepts, Chapter 10

background image

Chapter 10

SpeedTouch™ Monitoring

E-DOC-CTC-20051017-0155 v1.0

135

10.1.1 Basic Concepts

Management

Information Base

The Management Information Base, or MIB, is a tree-like structure containing SNMP
objects, instances of these objects and their corresponding values. Parts of this tree
have been standardized, other parts may be specific to a device.

For the SpeedTouch™ a set of MIBs is provided on the Setup CD, some being
identical to the standard MIBs, others specifically made for the SpeedTouch™ .

The available data covers statistics of the traffic through an interface, errors and
setup information. For details of what information is available consult the MIB
definitions at

“10.1.2 MIBs Explained.” on page 136

.

Basic Commands

SNMP has two basic commands:

Get:

gets the value of a specific parameter in a specific MIB.

Set:

sets the value of a specific parameter in a specific MIB.

Traps

Traps are SNMP notification messages sent from the SpeedTouch™ to a manager. It
is possible to configure where the traps are sent and which traps are sent.

Community Names

Reading MIBs is harmless. However, some MIBs also contain sensitive security
parameters. Reading these parameters (get) may provide the user with information
he should not have access to.

Writing to a MIB (set) can have severe consequences. Therefore, as a security
measure, it is not possible to set any behavior changing objects using SNMP.

Furthermore, SNMP offers a possibility to restrict access to the SNMP MIBs by
means of SNMP ‘Community Names’.

To have specific kinds of access to the SNMP MIBs, the SNMP manager has to know
the correct Community Name. A Community Name serves as password and
authentication. On agent-side, a community name is associated with a specific MIB-
view (which MIB objects can be seen by a manager using that community name)
and an access policy (read-only or read-write).

By default, the SpeedTouch™ uses the default SNMP Community name for read
only (public). For read/write, no community name is assigned. It is recommended
however that the user should change the default community names in a way to
improve security.

Simultaneous SNMP

Version Support

The SpeedTouch™ simultaneously supports SNMP V1, V2 and V3. This means that
it can handle messages from all three versions. The system forwards the message
to the appropriate subsystem based on the version indicator in the SNMP message.

In a saved configuration file (user.ini, etc.) the Community names are
encrypted to ensure confidentiality.