Asante Technologies 3500 Series user manual Community Name and Security, MIB Tree, Name Space Path

Page 71

6.3 Community Name and Security

SNMP v.1 was not designed to be a secure protocol. There is no true password, although the string known as a community string does serve some of the same purposes.

SNMP-aware devices, such as this switch, often ship with well-known community strings. For this reason, it is important that you change the default community strings before putting the switch on a network. The 3500 series switches improve on normal security by requiring the management station to appear in the SNMP host table before the agent will recognize the manager.

6.4 The MIB Tree

When the SNMP was designed, a formal structure for creating new management objects was created. A tree represents the structure: nodes in the tree are represented as strings of numbers separated by periods. There are three components of the tree:

1.The unnamed root of the tree contains a set of characters common to all MIB objects located beneath the root. Objects beneath unnamed are said to be in that root’s domain.

2.A sub-tree contains a subset of the information available at the root. A sub-tree may also serve as a root and have sub-trees of its own.

3.A leaf is a sub-tree with no additional sub-trees in its domain. A leaf represents a single MIB object whose characteristics are unique from any other MIB object.

The group or organization that owns the sub-tree path assigns sub-tree numbers. The object names in the path are unique all the way to the end of the path.

6.4.1 Name Space Path

The name space path is used by the SNMP protocol to define the piece of data that the manager wants.

There are three main name space paths:

1.ISO (International Standards Organization): All sub-tree leaves are under the ISO control.

2.CCITT (Consultative Committee on International Telephony and Telegraphy): the group that sets the standards for the interconnection of telephone equipment).

3.ISO-CCITT: Joint ISO and CCITT.

Each MIB object can be located by following a path from unnamed, through the sub-trees, to the leaf, following the string of numbers. The part of the tree that is of interest to SNMP starts with the internet node:

iso.org.dod.internet or 1.3.6.1

Interesting nodes under that one include:

internet.mgmt.mib-2 or 1.3.6.1.2.1

internet.private.enterprises or 1.3.6.1.4.1

Most of the industry-standard management objects appear under mib-2, while objects defined by individual manufacturers appear under enterprises. Asanté Technologies, Inc. has 298 as its enterprise number (1.3.6.1.4.1.298). At the time of this writing, there are nearly 10,000 enterprise numbers assigned. You can get a list of enterprise numbers from ftp://ftp.isi.edu/in-notes/iana/assignments/enterprise-numbers/.

6.4.2 MIB Groups Supported

The following MIB-II groups are supported:

The System Group -- General information about the managed system, such as contact information and system name

The Interfaces Group -- Information about each interface in the managed unit, and statistics for that interface

The Address Translation Group -- This group is deprecated, and should not be used

71

Page 70 Page 72
Image 71
Page 70 Page 72
Contents IntraCore 3500 Series Quick Start Guide IntraCore 3500 Series Gigabit Ethernet Switches User’s ManualTable of Contents Page Introduction Package Contents1 IC3524 Models LEDs4810/100 2 IC3548-2GT#49 Front and Back Panel DescriptionsManagement and Configuration Snmp Management Console InterfaceWeb-Based Interface Safety Overview Hardware Installation and SetupInstallation Overview Environmental Requirements Installation into an Equipment RackRecommended Installation Tools Power RequirementsEquipment Rack Guidelines Installing a GbicGbic Interfaces Gbic Care and Handling Installing Optional Hardware ModulesConnecting Power Removing a Gbic1 10/100BaseT Ports Cabling Procedures Connecting to the NetworkConnecting to a Console SetupGigabit Ethernet Ports Cabling Procedures Connecting Via Telnet Changing the PasswordConnecting Via the Web Browser Snmp Management IP AssignmentUsing the Stacking Feature IC3524 only Toggle Stacking Enable/Disable Logging ConfigurationAccessing a Submenu Exiting a Submenu Configuration MenuGeneral Information Changing System Administration Info System Administration ConfigurationChanging System IP Information System IP ConfigurationBootstrap Configuration Changing Community Strings Snmp ConfigurationDeleting a Trap Receiver Enabling Authentication TrapsAdding or Updating a Trap Receiver Basic Port Configuration Menu appears Port ConfigurationEnabling or Disabling a Port Configuring Auto-NegotiationToggling Half to Full Duplex Configuring a Port ManuallyConfiguring 1000BaseX Ports Toggling Port Link SpeedEnabling or Disabling 802.3x Flow Control Advanced Port ConfigurationSetting Port Class of Service Global Port Configuration Setting Port Default PriorityDisplaying the Forwarding Database Unicast Forwarding Database ConfigurationSearching for a MAC Address Setting the MAC Address Age-Out TimeIP Multicast Traffic Management Port Mirroring ConfigurationSecurity Management Vlan ManagementImage Downloading through Tftp File Up/Downloading ConfigurationSetting the Monitor Port Performing a Software Upgrade at Runtime Serial Downloading ConfigurationPerforming a Software Upgrade System Reset ConfigurationResetting the Switch System Log Scheduling a System ResetClearing the System Log User Interface ConfigurationSetting Telnet Idle Time-out Period Setting Console Idle Time-out PeriodEnabling or Disabling the Web Server Changing the PasswordSystem Utility Viewing Statistics Enabling and Disabling STP Configuring Spanning Tree ParametersAdvanced Management Spanning Tree ProtocolSetting Port Priority and Path Cost Spanning Tree Port ConfigurationRmon Management Snmp and Rmon ManagementDuplicated IP Detection and Trap Viewing a List of Duplicated IP Addresses Enabling and Disabling Station Movement TrapEnabling and Disabling Duplicated IP Detection Enabling and Disabling Duplicated IP TrapConfiguring Port New Node Detection Trap Configuring Port SecuritySetting the Intruder Trap Configuring Port Lock and Intruder LockConfiguring Security Level 2 or Level Inserting/Modifying a Port Trusted MAC Address Vlan Specifications for the IntraCore 3500 SeriesResetting Security to Defaults Other Vlan Features of the switchKkxxxxxx Kxxxxxxx Configuring Static Vlan GroupsAdvanced Static Vlan Configuration Specifying Tagging or No Tagging for a Port Configuring Vlan Port AttributesSetting the Port Vlan ID Adding and Deleting VLANs from the Port Configuring Port Receive Frame TypeDisplaying a Summary of Vlan Groups Displaying a Vlan Port SummaryMulticast Addresses Resetting Vlan Configuration to DefaultsDisplaying a Summary of Group Addresses Configuring IP Multicast Traffic ManagementIgmp Snooping Enabling and Disabling Igmp SnoopingRemoving a Multicast Group Address To remove an address IP Multicast Forwarding Database ConfigurationAdding Ports to the Selected Address Inserting a Multicast Group AddressWeb-Based Management Accessing with a Web BrowserGenl Info General Information Button Front Panel ButtonStatistics Button Port Config Port Configuration Button Span Tree Spanning Tree Button Addr Address Table Button Snmp ButtonVlan Button Port Configuration Adding and Deleting Port Members Vlan ConfigurationCreating or Modifying a Vlan Page Security Button Duplicate IP Button Snmp Protocol Snmp ManagementSnmp Management Operations MIB Groups Supported Community Name and SecurityMIB Tree Name Space PathPage Vlan ID and Tagged Frames Switching ConceptsVLANs Port-Based VLANsSpanning Tree Parameters Port Vlan IDHow It Works Port Priority Forward DelayFull Duplex, Flow Control and Auto-negotiation Full DuplexAuto-Negotiation Flow ControlProblem Possible Solutions Appendix A. TroubleshootingSpecifications Appendix B. Features and SpecificationsFeatures Standards Compliance Physical CharacteristicsTechnical Support and Warranty Environmental RangeIntraCare Warranty Statement Appendix C. FCC Compliance and Warranty StatementsFCC Compliance Statement Important Safety Instructions Page Appendix D. Console Port Pin Outs Pin Number Signal NameAppendix E. Online Warranty Registration Loading Software Locally Appendix F. BootP ConfigurationBootstrap Configuration Image Banks
Top Page Image Contents