LevelOne FGL-2870 User Manual

Page 104

Advertising
background image

Configuring the Switch

3-50

3

the format of the MIB specifications and the protocol used to access this information
over the network.

The switch includes an onboard agent that supports SNMP versions 1, 2c, and 3.
This agent continuously monitors the status of the switch hardware, as well as the
traffic passing through its ports. A network management station can access this
information using software such as HP OpenView. Access to the onboard agent
from clients using SNMP v1 and v2c is controlled by community strings. To
communicate with the switch, the management station must first submit a valid
community string for authentication.

Access to the switch using from clients using SNMPv3 provides additional security
features that cover message integrity, authentication, and encryption; as well as
controlling user access to specific areas of the MIB tree.

The SNMPv3 security structure consists of security models, with each model having
it’s own security levels. There are three security models defined, SNMPv1,
SNMPv2c, and SNMPv3. Users are assigned to “groups” that are defined by a
security model and specified security levels. Each group also has a defined security
access to set of MIB objects for reading and writing, which are known as “views.”
The switch has a default view (all MIB objects) and default groups defined for
security models v1 and v2c. The following table shows the security models and
levels available and the system default settings.

Note:

The predefined default groups and view can be deleted from the system. You can
then define customized groups and views for the SNMP clients that require access.

Table 3-4 SNMPv3 Security Models and Levels

Model Level

Group

Read View Write View Notify View Security

v1

noAuthNoPriv public

(read only)

defaultview none

none

Community string only

v1

noAuthNoPriv private

(read/write)

defaultview defaultview none

Community string only

v1

noAuthNoPriv user defined user defined user defined user defined Community string only

v2c

noAuthNoPriv public

(read only)

defaultview none

none

Community string only

v2c

noAuthNoPriv private

(read/write)

defaultview defaultview none

Community string only

v2c

noAuthNoPriv user defined user defined user defined user defined Community string only

v3

noAuthNoPriv user defined user defined user defined user defined A user name match only

v3

AuthNoPriv

user defined user defined user defined user defined Provides user

authentication via MD5 or

SHA algorithms

v3

AuthPriv

user defined user defined user defined user defined Provides user

authentication via MD5 or

SHA algorithms and data

privacy using DES 56-bit

encryption

Advertising
Popular Brands
Popular manuals