6.3 Community Name and Security
SNMP v.1 was not designed to be a secure protocol. There is no true password, although the string known as a community string does serve some of the same purposes.
SNMP-aware devices, such as this switch, often ship with well-known community strings. For this reason, it is important that the manager change the default community strings before putting the switch on a network. The 35160 Series switches improve on normal security by requiring the management station to appear in the SNMP host table before the agent will recognize the manager.
6.4 The MIB Tree
When the SNMP was designed, a formal structure for creating new management objects was created. A tree represents the structure: nodes in the tree are represented as strings of numbers separated by periods. The three components of the tree are
1.The unnamed root of the tree contains a set of characters common to all MIB objects located beneath the root. Objects beneath unnamed are said to be in that root’s domain.
2.A sub-tree contains a subset of the information available at the root. A sub-tree may also serve as a root and have sub-trees of its own.
3.A leaf is a sub-tree with no additional sub-trees in its domain. A leaf represents a single MIB object whose characteristics are unique from any other MIB object.
The group or organization that owns the sub-tree path assigns sub-tree numbers. The object names in the path are unique all the way to the end of the path.
6.4.1 Name Space Path
The name space path is used by the SNMP protocol to define the piece of data that the manager wants.
The three main name space paths are
1.ISO (International Standards Organization): All sub-tree leaves are under the ISO control.
2.CCITT (Consultative Committee on International Telephony and Telegraphy): the group that sets the standards for the interconnection of telephone equipment).
3.ISO-CCITT: Joint ISO and CCITT.
Each MIB object can be located by following a path from unnamed, through the sub-trees, to the leaf, following the string of numbers. The part of the tree that is of interest to SNMP starts with the “internet” node:
iso.org.dod.internet or 1.3.6.1
Interesting nodes under that one include:
•internet.mgmt.mib-2 or 1.3.6.1.2.1
•internet.private.enterprises or 1.3.6.1.4.1
Most of the industry-standard management objects appear under mib-2, while objects defined by individual manufacturers appear under enterprises. Asanté Technologies, Inc. has 298 as its enterprise number (1.3.6.1.4.1.298). At the time of this writing, nearly 10,000 enterprise numbers have been assigned. A list of enterprise numbers can be found at ftp://ftp.isi.edu/in-notes/iana/assignments/enterprise-numbers/.
