19 snmp v1 & 2 access view, 20 key generation mode, 21 context engine id – Comtech EF Data SFC1800A User Manual

User Interfaces

SFC1800A Synthesized Frequency Upconverter

4-38

TM111 - Rev. 1.0

4.6.2.19 SNMP V1 & 2 Access View

The default access rights for Version 1 and 2 SNMP users are minimal. They are limited to a
system view, and a description of the upconverter System and Contact Information. For
additional information, go to View-Based Access Control Section. To accommodate older
systems, an Operator user may modify these access rights to allow full or partial read/write
access. SNMP Version 1 and 2 does not use any security measures, therefore users should be
very careful when changing access rights.

4.6.2.20 Key Generation Mode

The password localization algorithm is intensive enough that the Motorola 68332 Embedded
Processor cannot handle the process in a timely manner. This selection allows the Operator user
to optionally store localized keys in non-volatile memory. These keys correspond to a set of
passwords and Modem IP Address. If either changes, the SNMP agent automatically
recalculates the new keys and stores them in non-volatile memory (only if the Key Generation
Mode is set to ‘STORE’).

4.6.2.21 Context Engine ID

“contextEngineID” is the unique identifier of the upconverter SNMP Engine that provides services
for sending and receiving messages, authenticating and encrypting messages, and controlling
access to managed objects.

1.

The Context Engine ID, 80000A1F01AC1264B0, is formatted as follows:

a.

The first 4 bytes are the Radyne Private Enterprise Number (2591).

b.

The very first bit is set to 1, for example: 80000A1F (H).

c.

The fifth byte indicates how the 6

th

and remaining bytes are formatted. A ‘1’

means it’s an IPv4 Address.

d.

The last 4 bytes are the IP Address 172.18.100.176 (AC1264B0).

4.6.2.22 View-Based Access Control

SNMPv3 defines a method of access control known as the View-based Access Control Model
(VACM). It is defined as a means to restrict access to particular subsets of variables based on the
identity of the manager and the security level used in the request.

A view is a group of MIB variables on the agent. The agent defines a view for each user based
on the user identity (securityName) and security level. Following are the major views:

System view: Access to system description

MIB-II view:

Access to the standard MIB-II information

Device view: Access to the device private information

World view:

Access to every managed object in the MIB

Following are the available access groups: