TP-Link TL-SG3109, TL-SL3452, TL-SL3428 manual Snmp v1 and v2c, Defining Snmp Security

Page 77

Section 11. Configuring SNMP Management

Simple Network Management Protocol (SNMP) provides a method for managing network devices. The device supports the following SNMP versions:

SNMP version 1

SNMP version 2c

SNMP version 3

11.1 SNMP v1 and v2c

The SNMP agents maintain a list of variables, which are used to manage the device. The variables are defined in the Management Information Base (MIB). The SNMP agent defines the MIB specification format, as well as the format used to access the information over the network. Access rights to the SNMP agents are controlled by access strings.

11.2 SNMP v3

SNMP v3 applies access control and a new traps mechanism. In addition, User Security Model (USM) parameters are defined for SNMPv3, including:

Authentication — Provides data integrity and data origin authentication.

Privacy — Protects against the disclosure of message content. Cipher Block-Chaining (CBC) is used for encryption. Either authentication is enabled on a SNMP message, or both authentication and privacy are enabled on a SNMP message. However, privacy cannot be enabled without authentication.

Timeliness — Protects against message delay or message redundancy. The SNMP agent compares incoming message to the message time information.

Key Management — Defines key generation, key updates, and key use.

The device supports SNMP notification filters based on Object IDs (OIDs). OIDs are used by the system to manage device features.

SNMP v3 supports the following features:

Security

Feature Access Control

Traps

The device generates the following traps:

Copy trap

This section contains the following topics:

Defining SNMP Security

Configuring SNMP Notification Settings

11.3 Defining SNMP Security

This section describes configuring of SNMP security parameters, and contains the following topics:

Defining SNMP Global Parameters

Defining SNMP Views

Defining SNMP Group Profiles

70

Image 77
Contents Embedded Web System User Guide Copyright & Trademarks FCC Statement Table of Contents Defining Access Profiles Configuring Authentication MethodsDefining Authentication Profiles Mapping Authentication ProfilesConfiguring the Classic STP Defining STP Properties Configuring GarpConfiguring Multicast Forwarding Defining GvrpAdvanced QoS Mode Basic QoS ModeConfiguration Download Configuration UploadGlossary Viewing StatisticsGuide Overview PrefaceIntended Audience Starting the TP-Link Embedded Web Interface Getting StartedInterface Components Understanding the TP-Link Embedded Web InterfaceClick . The TP-Link Embedded Web Interface Home Page opens TP-Link Web Interface Configuration Management Buttons Using the TP-Link Embedded Web Interface Management ButtonsDevice Representation TP-Link Web Interface Information ButtonsDeleting Configuration Information Using Screen and Table OptionsAdding Configuration Information Modifying Configuration InformationClick System General Reset. The Reset Page opens Resetting the DeviceLogging Off from the Device Click . a confirmation message is displayedSystem Description Defining Device InformationConfiguring Daylight Savings Time Setting the System TimeSystem Information Time Define the Date, Local Time and Time Zone Offset fields Daylight SavingsRecurring Sntp Overview Configuring SntpPolling for Unicast Time Information Polling for Anycast Time InformationSntp Properties Page contains the following fields Defining Sntp Global SettingsConfiguring Sntp Authentication Sntp Authentication Page contains the following fields To configure Sntp authenticationCheck the Enable Sntp Authentication checkbox Click . The Add Sntp Authentication Page opensClick . The Sntp Server is added, and the device is updated Defining Sntp Interface SettingsSntp Servers Page contains the following fields Click . The Add Sntp Server Page opensCheck the Receive Server Updates option Sntp Interface Settings Page contains the following fieldsClick . The Add Sntp Interface Page opens Select the InterfaceDefining General Log Properties Configuring System LogsFollowing table lists the log severity levels System Log Severity Levels Severity Viewing Memory LogsViewing Flash Logs Click . The Add Syslog Server Page opens Defining System Log ServersTo view Flash memory logs Add Syslog Server Click . The Log server is defined and the device is updatedConfiguring Management Security Configuring Device SecurityConfiguring Authentication Methods Defining Access ProfilesClick . The Add Access Profile Page opens Access ProfileProfile Rules Defining Profile RulesAuthentication Profiles Page provides the following Defining Authentication ProfilesClick . The Profile Rule Settings Page opens Click . The Add Authentication Profile Page opens Mapping Authentication ProfilesClick . The Authentication Profile Settings Page opens Define the Profile Method and enter the Profile Name fieldsAuthentication Mapping Page contains the following fields Authentication MappingTo define TACACS+ authentication settings Defining TACACS+ Host SettingsSession is permitted Define the Console, Telnet, and Secure Telnet SSH fieldsClick . The TACACS+ Host Settings Page opens Defining Radius Server SettingsClick . The Add TACACS+ Host Page opens Select TACACS+ server entryClick . The Add Radius Server Page opens RadiusClick . The Radius Server Settings Page opens Configuring PasswordsDefining Local Users Click . The Add Local User Page opensDefining Line Passwords Configuring Network SecurityDefining Enable Passwords Line Password Page contains the following fieldsPort-Based Authentication Defining Network Authentication PropertiesAdvanced Port-Based Authentication Network Security OverviewPort Authentication Page contains the following fields Defining Port Authentication PropertiesClick . The Port Authentication Settings Page opens Configuring Multiple HostsTo define authenticated users Defining Authentication HostsClick . The Multiple Host Settings Page opens Managing Port Security Configuring Traffic ControlEnabling Storm Control Click . The Port Security Settings Page opensCast B, cast M tbd Cast M, cast tbd Cast tbd Storm ControlDefining IP Addressing Defining IP AddressesDefining IP Addresses Click . The Add IP Interface Page opensClick . The IP Interface Settings Page opens Defining the Default GatewayEnter the name of the User Defined Default Gateway Defining Dhcp AddressesARP Page contains the following fields Defining ARPTo define ARP Defining DNS Servers Defining Domain Name SystemDNS Server Page contains the following fields  Type Displays the IP address type. The possibleHost Mapping Page contains the following fields Configuring Host MappingEnter the Host Name and IP Address Add DNS HostConfiguring Ports Configuring InterfacesClick . The parameters are saved, and the device is updated Interface Configuration SettingsClick . The LAG Membership Settings Page opens Configuring LAGsDefining LAG Members To define LAG membersLAG Membership Settings Page contains the following fields Configuring LacpClick . The Lacp Parameters Settings Page opens Lacp Parameters Page contains the following fieldsDefining Vlan Properties Configuring VLANsDefine the Port Priority and Lacp Timeout settings Defining Vlan Membership Modify the Vlan Name and Disable Authentication fieldsVlan Member Properties Page contains the following fields Click . The Vlan properties are savedVlan Interface Settings Page contains the following fields Defining Vlan Interface SettingsTo define Vlan membership Vlan Member Membership Page contains the following fieldsDefining Garp Configuring GarpClick . The Vlan / LAG Interface Settings Page opens To define Gvrp on the device Defining GvrpGarp Parameters Page contains the following fields Gvrp Parameters Forwarding Database Static Addresses Configuring Static AddressesClick . The Add Forwarding Database Page opens Configuring Dynamic Forwarding AddressesTo define the dynamic forwarding addresses  Clear Table Clears the Current Address TableSelect an Address Table Sort Key Select the Interface, the MAC Address, and the Vlan IDDefining STP Properties Configuring the Classic STPClick System Bridging Info Spanning Tree STP Properties. The STP Properties Page opensComplete the Spanning Tree State and Bridge Settings fields Defining STP Interface SettingsClick the STP enable checkbox Define the fields STP Interface Settings Page contains the following fieldsClick . The STP Interface Settings Page opens Rstp Configuring the Rapid STPDefining Mstp Properties Configuring the Multiple STPClick . The Rstp Settings Page opens Define the Region Name, Revision and Max Hops fields Configuring Mstp InstancesClick . The device information is updated Configuring Mstp Interface Settings Configuring Mstp Vlan InstancesMstp Vlan Instance Configuration Page opens Mstp Interface Settings Page contains the following fieldsModify the Port Priority and Path Cost Mstp Interface SettingsIgmp Snooping Page contains the following fields Configuring Multicast ForwardingClick . The Multicast Global Parameters Settings Page opens Click the Enable Igmp Snooping Status checkboxDefining Multicast Bridging Groups To define multicast groupsClick . The Multicast Group Settings Page opens Igmp Port/LAG Members Table Control SettingsMulticast group statically in the Current Row Join a Multicast groupDefining Multicast Forward All Parameters Port is not attached to a Multicast router or switchMulticast Forward All Page contains the following fields ForbiddenDefining Snmp Security Snmp v1 and v2cSnmp Defining Snmp Global Parameters Define the Local Engine ID and Use Default fieldsDefining Snmp Views Snmp Security Views Page contains the following fieldsClick . The Add Snmp View Page opens Defining Snmp Group ProfilesClick . The Add Snmp Group Profile Page opens Click . The Snmp Group Profile Settings Page opensDefining Snmp Group Members Addition to the fields in the Snmp Security Group Click . The Snmp Group Membership Settings Page opensMembership Page, The Add Snmp Group Membership Contains the following fieldsSnmp Communities Basic Table Defining Snmp CommunitiesSnmp Communities Advanced Table Snmp Security Communities Page is divided intoDevice is updated To modify Snmp Group Membership settings Configuring Snmp Notification SettingsDefining Snmp Notification Properties Defining Notification FiltersClick . The Add Snmp Notification Filter Page opens Defining Notification ReceiversSnmp Notification FiIter Page contains the following fields Snmp Notification Receiver Page c is divided into SNMPv1,2c Notification RecipientSNMPv3 Notification Recipient Click . The Add Snmp Notification Receiver Page opens Click . The Snmp Notification Receiver Settings Page opensMapping to Queues Configuring Quality of ServiceQuality of Service Overview VPT Default Mapping Table Following table contains the VPT to Queue default settingsDscp Default Mapping Table QoS ModesEnabling Quality of Service Enabling Quality of ServiceBasic QoS Mode Advanced QoS ModeDefining Queues CoS SettingsMapping CoS Values to Queues Mapping QueuesMapping QoS Values to Queues  SchedulingDscp to Queue Downloading System Files Managing System FilesDownload Type To download system filesUploading System Files Configuration DownloadFirmware Download Upload TypeActivating Image Files Configuration UploadCopying System Files Software Image UploadSelect Restore Configuration Factory Defaults Select Copy ConfigurationConfiguring Port Mirroring Performing Device DiagnosticsClick . The Port Mirroring Settings Page opens To modify port mirroring settingsViewing Integrated Cable Tests Click the Remove checkbox for selected item, and clickOptical Transceivers Page contains the following fields Viewing Optical TransceiversViewing Interface Statistics Viewing StatisticsViewing Device Interface Statistics Interface Statistics Page contains the following fieldsOpen the Interface Statistics Viewing Etherlike StatisticsClick . The interface statistics counters are cleared Etherlike Statistics Page contains the following fieldsOpen the Etherlike Statistics Viewing Gvrp StatisticsViewing EAP Statistics Managing Rmon StatisticsOpen the Gvrp Statistics Click . The Gvrp interface statistics counters are clearedRmon Statistics Page contains the following fields  Configuring Rmon History  Defining Rmon AlarmsViewing Rmon Statistics Defining Rmon History Control Configuring Rmon HistoryOpen the Rmon Statistics Rmon History Control Page contains the following fieldsRmon History Table Page contains the following fields Viewing the Rmon History TableDefining Rmon Events Control Configuring Rmon EventsRmon Events Control Page contains the following fields Click . The Add Rmon Event User Page opensClick System Statistics Rmon Events. Defining Rmon AlarmsViewing the Rmon Events Logs Click . The Edit Rmon Alarm User Page opens Click . The Add Rmon Alarm User Page opensTo modify an Rmon alarm user 103 Glossary BootP Boot VersionClass of Service BackplaneClient Duplex ModeCollision Combo PortFlapping EthernetFlow Control FragmentIeee 802.1p Ieee 802.1dEEE 802.1q Image FileLimited geographical area Authenticates the origin of the communicationProcess Processing, as there is more information to processPacket NodePolicing PortRJ-45 Connector RJ-11 ConnectorRunning Configuration Stand-alone ModeTelnet Subnet MaskTrap Trunking71035590
Related manuals
Manual 32 pages 61.46 Kb Manual 32 pages 10.85 Kb

TL-SG3109, TL-SL3428, TL-SL3452 specifications

The TP-Link TL-SL3428 is a feature-rich Ethernet switch designed for small to medium-sized business environments. It is part of TP-Link’s JetStream series, which emphasizes reliability, performance, and robust management capabilities. Built with 28 10/100/1000 Mbps ports, the TL-SL3428 provides sufficient bandwidth to support a wide range of network applications.

One of the standout features of the TL-SL3428 is its support for Layer 2 management protocols. This allows for more granular control and optimized performance across network segments. The switch supports VLAN (Virtual Local Area Network) segmentation, which enhances network security and efficiency by isolating various types of traffic. This feature is particularly useful in larger organizations where different departments or teams may require separate network environments.

The TL-SL3428 also includes advanced QoS (Quality of Service) capabilities. This functionality prioritizes traffic based on predefined rules, which ensures that critical applications receive the necessary bandwidth to function optimally. With QoS implementation, users can experience minimized latency, leading to better performance in VoIP and video conferencing applications.

In terms of redundancy and reliability, the switch also supports Link Aggregation Control Protocol (LACP), enabling multiple connections to be combined for increased bandwidth and failover support. This feature significantly enhances network resilience, ensuring minimal downtime during failures.

Power over Ethernet (PoE) support is another important characteristic of the TL-SL3428. With PoE capabilities, this switch can deliver electrical power along with data over the same Ethernet cable, simplifying installation and reducing the need for additional wiring. This is especially advantageous for IP devices like cameras, access points, and VoIP phones.

Security features are abundant in the TL-SL3428 as well. It implements port security, storm control, and DHCP snooping, all of which contribute to a secure network infrastructure. The switch’s management capabilities can be accessed through a user-friendly web interface, making it easier for IT administrators to configure and monitor network activities.

Overall, the TP-Link TL-SL3428 is an exemplary choice for businesses looking to enhance their network performance with advanced management features, security protocols, and reliability. Its combination of speed, flexibility, and manageability make it a valuable tool for any growing organization.