35 trace mode -48, 36 snmp v1 & 2 access view -48, 37 key generation mode -48 – Comtech EF Data MM200 User Manual

User Interfaces

MM200 High-Speed Microwave Modem

4-48

TM086 - Rev. 4.1

4.35 Trace Mode

1.

For debugging purposes, a trace mode is specified by the Operator users for various
diagnostic levels.

4.36 SNMP V1 & 2 Access View

The default access rights for Version 1 and 2 SNMP users are minimal. They are limited to a
system view, and a description of the MM200 System and Contact Information. For additional
information go to View-Based Access Control Section). To accommodate older systems, an
Operator user may modify these access rights to allow full or partial read/write access. SNMP
Version 1 and 2 does not use any security measures, therefore users should be extra careful
when changing access rights.

4.37 Key Generation Mode

The password localization algorithm is intensive enough that the Motorola 68332 Embedded
Processor cannot handle the process in a timely manner. This selection allows the Operator user
to optionally store localized keys in non-volatile memory. These keys correspond to a set of
passwords and Modem IP Address. If either changes, the SNMP agent automatically recalculates
the new keys and stores them in non-volatile memory (only if the Key Generation Mode is set to
‘STORE’).

4.38 Context Engine ID

“contextEngineID” is the unique identifier of the MM200 SNMP Engine that provides services for
sending and receiving messages, authenticating and encrypting messages, and controlling
access to managed objects.

1.

The Context Engine ID, 80000A1F01AC1264B0, is formatted as follows:

a.

The first 4 bytes are the Radyne Inc. Private Enterprise Number (2591).

b.

The very first bit is set to 1, for example: 80000A1F (H).

c.

The fifth byte indicates how the 6

th

and remaining bytes are formatted. A ‘1’

means it’s an IPv4 Address.

d.

The last 4 bytes are the IP Address 172.18.100.176 (AC1264B0).

4.39 View-Based Access Control

SNMPv3 defines a method of access control known as the View-based Access Control Model
(VACM). It is defined as a means to restrict access to particular subsets of variables based on the
identity of the manager and the security level used in the request.

A view is a group of MIB variables on the agent. The agent defines a view for each user based on
the user identity (securityName) and security level. Following are the major views:

System view: Access to system description

MIB-II view:

Access to the standard MIB-II information

Device view: Access to the device private information

World view:

Access to every managed object in the MIB

Following are the available access groups: