If you have an SNMP (Simple Network Management Protocol) tool, you can use it to monitor the appliance as an
SNMP agent. The appliance supports SNMP versions 2 and 3, and provides a variety of management data in
Management Information Base (MIB) II format.
You can enable SNMPv2 or SNMPv3, but not both at the same time. When SNMPv2 is enabled, SNMPv3
requests are ignored. When SNMPv3 is enabled, SNMPv2 requests are ignored. You can also disable SNMP
support entirely, in which case any SNMP request directed at the system will be ignored and no traps will be
SNMPv3 addresses the security deficiencies that have plagued both SNMPv1 and SNMPv2. SNMPv3 supports all
the operations defined by versions 1 and 2. The new security functionality provided by SNMPv3 can be generally
divided into three principle areas: authentication, privacy (encryption), and access control.
SNMPv3 is the recommended selection for the best security.
Where authentication in SNMPv2 was provided, insecurely, by the clear text community string, authentication
in SNMPv3 uses the SHA algorithm to provide secure authentication. For each SNMP user, both a username and
a passcode as well as the desired algorithm are configured on the agent (in our case, the SMA appliance) and
must match the username, passcode, and algorithm choice provided to the management software that will be
communicating with the appliance.
Prior to SNMPv3, all communications were unencrypted. In SNMPv3, the AES algorithm is used to encrypt and
decrypt SNMP messages. As with authentication, a username, password and encryption algorithm are used to
seed the encryption and must be configured on both the agent and the management station.
The combined authentication and encryption levels supported by Secure Mobile Access for SNMPv3 are shown
in the below table.
Combined authentication and encryption levels
|noAuthNoPriv||Username||No||Uses a username match for authentication.|
|authNoPriv||SHA||No||Provides authentication based on the HMAC-SHA
|authPriv||SHA||AES||Provides authentication based on the HMAC-SHA
algorithm. Provides AES encryption in addition to
Was This Article Helpful?
Help us to improve our support portal