Using simple network management protocol, Figure 18: access management configuration – LevelOne GSW-4876 User Manual

Page 68

Advertising
background image

C

HAPTER

4

| Configuring the Switch

Configuring Security

– 68 –

5.

Mark the protocols to restrict based on the specified address range. The
following example shows how to restrict management access for all

protocols to a specific address range.

6.

Click Save.

Figure 18: Access Management Configuration

U

SING

S

IMPLE

N

ETWORK

M

ANAGEMENT

P

ROTOCOL

Simple Network Management Protocol (SNMP) is a communication protocol

designed specifically for managing devices on a network. Equipment

commonly managed with SNMP includes switches, routers and host

computers. SNMP is typically used to configure these devices for proper

operation in a network environment, as well as to monitor them to evaluate

performance or detect potential problems.

Managed devices supporting SNMP contain software, which runs locally on

the device and is referred to as an agent. A defined set of variables, known

as managed objects, is maintained by the SNMP agent and used to manage

the device. These objects are defined in a Management Information Base

(MIB) that provides a standard presentation of the information controlled

by the agent. SNMP defines both the format of the MIB specifications and

the protocol used to access this information over the network.

The switch includes an onboard agent that supports SNMP versions 1, 2c,

and 3. This agent continuously monitors the status of the switch hardware,

as well as the traffic passing through its ports. A network management

station can access this information using software such as HP OpenView.

Access to the onboard agent from clients using SNMP v1 and v2c is

controlled by community strings. To communicate with the switch, the

management station must first submit a valid community string for

authentication.

Access to the switch using from clients using SNMPv3 provides additional

security features that cover message integrity, authentication, and

encryption; as well as controlling user access to specific areas of the MIB

tree.

The SNMPv3 security structure consists of security models, with each

model having it's own security levels. There are three security models

defined, SNMPv1, SNMPv2c, and SNMPv3. Users are assigned to “groups”

that are defined by a security model and specified security levels. Each

group also has a defined security access to set of MIB objects for reading

Advertising
Popular Brands
Popular manuals