Snmpv3 authentication protocols, Snmpv3 privacy protocol, Snmpv3 mib views – Allied Telesis AT-S102 User Manual

Converteon Management Software User’s Guide

281

SNMPv3

Authentication

Protocols

The SNMPv3 protocol supports two authentication protocols—HMAC-
MD5-96 (MD5) and HMAC-SHA-96 (SHA). Both MD5 and SHA use an
algorithm to generate a message digest. Each authentication protocol
authenticates a user by checking the message digest. In addition, both
protocols use keys to perform authentication. The keys for both protocols
are generated locally using the Engine ID, a unique identifier that is
assigned to the switch automatically, and the user password. You modify a
key only by modifying the user password.

In addition, you have the option of assigning no user authentication. In this
case, no authentication is performed for this user. You may want to make
this configuration for someone with super-user capabilities.

Note

The keys generated by the MD5 and SHA protocols are specific to
the SNMPv3 protocol. They have no relation to the SSL and SSH
keys for encryption.

SNMPv3 Privacy

Protocol

After you have configured an authentication protocol, you have the option
of assigning a privacy protocol. In SNMPv3 protocol terminology, privacy
is equivalent to encryption. Currently, the DES protocol is the only
encryption protocol supported. The DES privacy protocol requires the
authentication protocol to be configured as either MD5 or SHA.

If you assign a DES privacy protocol to a user, then you are also required
to assign a privacy password. If you choose to not assign a privacy value,
then SNMPv3 messages are sent in plain text format.

SNMPv3 MIB

Views

The SNMPv3 protocol allows you to configure MIB views for users and
groups. The MIB tree is defined by RFC 1155 (Structure of Management
Information), as illustrated in Figure 121 on page 282.