Table 175 – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual

Page 980

930

Brocade 6910 Ethernet Access Switch Configuration Guide

53-1002581-01

Simple Network Management Protocol

Access to the switch from clients using SNMPv3 provides additional security features that cover
message integrity, authentication, and encryption; as well as controlling user access to specific
areas of the MIB tree.

The SNMPv3 security structure consists of security models, with each model having it’s own
security levels. There are three security models defined, SNMPv1, SNMPv2c, and SNMPv3. Users
are assigned to “groups” that are defined by a security model and specified security levels. Each
group also has a defined security access to set of MIB objects for reading and writing, which are
known as “views.” The switch has a default view (all MIB objects) and default groups defined for
security models v1 and v2c. The following table shows the security models and levels available and
the system default settings.

NOTE

The predefined default groups and view can be deleted from the system. You can then define
customized groups and views for the SNMP clients that require access.

TABLE 175

SNMPv3 Security Models and Levels

Model

Level

Group

Read View

Write View

Notify View

Security

noAuthNoPriv public

(read only)

defaultview

none

Community string
only

noAuthNoPriv

private
(read/write)

defaultview

none

Community string
only

noAuthNoPriv

user defined

Community string
only

v2c

noAuthNoPriv

public
(read only)

defaultview

none

Community string
only

v2c

noAuthNoPriv

private
(read/write)

defaultview

none

Community string
only

v2c

noAuthNoPriv

user defined

Community string
only

noAuthNoPriv

user defined

A user name match
only

AuthNoPriv

user defined

Provides user
authentication via
MD5 or SHA
algorithms

AuthPriv

user defined

Provides user
authentication via
MD5 or SHA
algorithms and data
privacy using DES
56-bit encryption