Overview – Allied Telesis AT-S63 User Manual

Page 221

background image

AT-S63 Management Software Features Guide

Section IV: SNMPv3

221

Overview

The SNMPv3 protocol builds on the existing SNMPv1 and SNMPv2c
protocol implementation which is described in Chapter 4, “SNMPv1 and
SNMPv2c” on page 87. In
SNMPv3, User-based Security Model (USM)
authentication is implemented along with encryption, allowing you to
configure a secure SNMP environment.

In addition, SNMP terminology changes in the SNMPv3 protocol. In the
SNMPv1 and SNMPv2c protocols, the terms agent and manager are
used. An agent is an SNMP user while a manager is an SNMP host. In the
SNMPv3 protocol, agents and managers are called entities. In any
SNMPv3 communication, there is an authoritative entity and a non-
authoritative entity. The authoritative entity checks the authenticity of the
non-authoritative entity. And, the non-authoritative entity checks the
authenticity of the authoritative entity.

With the SNMPv3 protocol, you create users, determine the protocol used
for message authentication as well as determine if data transmitted
between two SNMP entities is encrypted. In addition, you can restrict user
privileges by determining the user’s view of the Management Information
Bases (MIB). In this way, you restrict which MIBs the user can display and
modify. In addition, you can restrict the types of messages, or traps, the
user can send. (A trap is a type of SNMP message.)

After you have created a user, you define SNMPv3 message notification.
This consists of determining where messages are sent and what types of
messages can be sent. This configuration is similar to the SNMPv1 and
SNMPv2c configuration because you configure IP addresses of trap
receivers, or hosts. In addition, with the SNMPv3 implementation you
decide what types of messages are sent.

Note

For the SNMP RFCs supported by this release of the AT-S63
software, see “Remote SNMP Management” on page 44.

This section further describes the features of the SNMPv3 protocol. The
following subsections are included:

ˆ

“SNMPv3 Authentication Protocols” on page 222

ˆ

“SNMPv3 Privacy Protocol” on page 223

ˆ

“SNMPv3 MIB Views” on page 224

ˆ

“SNMPv3 Storage Types” on page 226

ˆ

“SNMPv3 Message Notification” on page 227

ˆ

“SNMPv3 Tables” on page 228

ˆ

“SNMPv3 Configuration Example” on page 232