|
|
|
Simple Network Management Protocol (SNMP) enables data to be collected by a management system from remote hosts containing an SNMP agent. Data on the remote hosts is stored in a Management Information Base (MIB). MIB data is accessed by SNMP requests.
SNMP is used to collect data from stacks, routers, and other network devices. The data is used for the following:
Note: CA NetMaster NM for TCP/IP needs read access to MIBs for the above functions.
The MIBinsight browser provides a method of accessing MIB data. The browser can also be used to update MIB data.
All SNMP requests issued use SNMP Version 1 and a community name of public (in lower case) as the default. If this is not suitable, you must create an SNMP Host Details Definition, which describes the release of SNMP and the security details to use. The information in the host details definition is used when the monitoring or diagnostic functions require SNMP.
Note: The MIBinsight browser does not use the details stored in the SNMP host details registry. You must enter SNMP security details when you use the browser. If you want to use the browser to perform updates on the host, you must provide a suitable SET community name or Version 3 details that allow a SET request to be performed.
SNMP uses the following to control user access to data from devices:
SNMP Version 1 and SNMP Version 2c use community names to determine the level of access you have to a particular SNMP device. For example, different community names might be required depending on whether you want to browse or have write access to MIB objects.
Note: Community names are case-sensitive and must correspond to the community name set in the target device with which you are communicating. An incorrect community name results in SNMP or monitoring errors for attributes that use SNMP on that resource.
SNMP Version 3 introduces user-based security, which provides a higher level of security than that provided by community names.
SNMP Version 3 offers the following security features:
Provides data integrity of SNMP requests and responses using the MD5 or SHA authentication protocols.
Provides encryption of SNMP requests and responses.
CA NetMaster NM for TCP/IP supports SNMP Version 3 under the terms of RFC2574, as a command generator application. This means that SNMP Version 3 requests can be issued and responses interpreted with full support of the SNMP Version 3 authentication and privacy protocols.
An access list is used to specify the IP addresses from which a device responds to SNMP requests. The IP address of the host making SNMP requests (the host running this product) should be defined in the devices’ SNMP access list; otherwise, SNMP requests fail.
Note: You must configure SNMP on the resource host and on the stack to which the region is connected using the SOCKETS parameter group. The community names must also match.
| Copyright © 2012 CA. All rights reserved. |
|