Allied Telesis AT-8000S SNMP Overview

SNMP Overview

Page 111

SNMP Overview

Simple Network Management Protocol (SNMP) provides a method for managing network devices. Equipment

commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to

configure these devices for proper operation in a network environment, as well as to monitor them to evaluate

performance or detect potential problems.

Managed devices supporting SNMP contain software, which runs locally on the device and is referred to as an

agent. A defined set of variables, known as managed objects, is maintained by the SNMP agent and used to

manage the device. These objects are defined in a Management Information Base (MIB) that provides a standard

presentation of the information controlled by the agent. SNMP defines both the format of the MIB specifications

and the protocol used to access this information over the network.

The switch includes an onboard agent that supports SNMP versions 1, 2c, and 3. This agent continuously

monitors the status of the switch hardware, as well as the traffic passing through its ports. Access to the onboard

agent using SNMP v1 and v2c is controlled by community strings. To communicate with the switch, the

management station must first submit a valid community string for authentication.

Access to the switch using SNMPv3 provides additional security features that cover message integrity,

authentication, and encryption; as well as controlling user access to specific areas of the MIB tree.

The SNMPv3 security structure consists of security models, with each model having its own security levels. There

are three security models defined, SNMPv1, SNMPv2c, and SNMPv3. Users are assigned to “groups” that are

defined by a security model and specified security levels. Each group also has a defined security access to set of

MIB objects for reading and writing, which are known as “views.”

The device has a default view (all MIB objects) and default groups defined for security models v1 and v2c. The

following table shows the security models and levels available and the system default settings.

The SNMP agents maintain a list of variables, which are used to manage the device. The variables are defined in

the Management Information Base (MIB). The SNMP agent defines the MIB specification format, as well as the

format used to access the information over the network. Access rights to the SNMP agents are controlled by

access strings.

The device is SNMP-compliant and contains an SNMP agent that supports a set of standard and private MIB

variables. Developers of management stations require the exact structure of the MIB tree and receive the

complete private MIBs information before being able to manage the MIBs.

All parameters are manageable from any SNMP management platform, except the SNMP management station IP

address and community (community name and access rights). The SNMP management access to the device is

disabled if no community strings exist.

Notes

• The device switch is delivered with no community strings configured.

• The device generates copy traps.