beautypg.com

Securing snmp access, Snmp overview, Establishing snmp community strings – Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual

Page 125: Encryption of snmp community strings, Adding an snmp community string, Chapter 4

background image

Brocade Virtual ADX Administration Guide

113

53-1003249-01

Chapter

4

Securing SNMP Access

SNMP overview

Simple Network Management Protocol (SNMP) is a set of protocols for managing complex
networks. SNMP sends messages, called protocol data units (PDUs), to different parts of a
network. An SNMP-compliant device, called an agent, stores data about itself in Management
Information Bases (MIBs) and SNMP requesters or managers.

Establishing SNMP community strings

SNMP versions 1 and 2c use community strings to restrict SNMP access. The default passwords for
SNMP access are the SNMP community strings configured on the device.

The default read-only community string is “public”. Use this community string for any SNMP
Get, GetNext, or GetBulk request.

By default, you cannot perform any SNMP Set operations since a read-write community string
is not configured.

You can configure as many additional read-only and read-write community strings as you need. The
number of strings you can configure depends on the memory on the device. There is no practical
limit.

If you delete the startup configuration file, the device automatically re-adds the default “public”
read-only community string the next time you load the software.

Encryption of SNMP community strings

Encryption is enabled by default. The software automatically encrypts SNMP community strings.
Users with read-only access or who do not have access to management functions in the CLI cannot
display the strings. For users with read-write access, the strings are encrypted in the CLI but are
shown in the clear in the Web Management Interface.

To display the community strings in the CLI, first use the enable password-display command and
then use the show snmp server command. This will display both the read-only and read-write
community strings in the clear.

Adding an SNMP community string

By default, the string is encrypted. To add a community string, enter commands such as the
following.

Virtual ADX(config)#snmp-server community private rw

The command adds the read-write SNMP community string “private”.

Syntax: [no] snmp-server community [0] string ro | rw [view viewname]

See also other documents in the category Brocade Computer Accessories: