Cisco Systems 15454 16.8 SNMP Community Names, 16.9 Proxy Over Firewalls, 16.10 Remote Monitoring

16-16

Cisco ONS 15454 Reference Manual, R7.0

78-17191-01

Chapter 16 SNMP

16.8 16.8 SNMP Community Names

16.8 SNMP Community Names

Community names are used to group SNMP trap destinations. All ONS 15454 trap destinations can be

provisioned as part of SNMP communities in Cisco Transport Controller (CTC). When community

names are assigned to traps, the ONS 15454 treats the request as valid if the community name matches

one that is provisioned in CTC. In this case, all agent-managed MIB variables are accessible to that

request. If the community name does not match the provisioned list, SNMP drops the request.

16.9 Proxy Over Firewalls

SNMP and NMS applications have traditionally been unable to cross firewalls used for isolating security

risks inside or from outside networks. Release 7.0 CTC enables network operations centers (NOCs) to

access performance monitoring data such as RMON statistics or autonomous messages across firewalls

by using an SNMP proxy element installed on a firewall.

The application-level proxy transports SNMP protocol data units (PDU) between the NMS and NEs,

allowing requests and responses between the NMS and NEs and forwarding NE autonomous messages

to the NMS. The proxy agent requires little provisioning at the NOC and no additional provisioning at

the NEs.

The firewall proxy is intended for use in a gateway network element-end network element (GNE-ENE)

topology with many NEs through a single NE gateway. Up to 64 SNMP requests (such as get, getnext,

or getbulk) are supported at any time behind single or multiple firewalls. The proxy interoperates with

common NMS such as HP OpenView.

For security reasons, the SNMP proxy feature must be enabled at all receiving and transmitting NEs to

function. For instructions to do this, refer to the Cisco ONS 15454 Procedure Guide.

16.10 Remote Monitoring

The ONS 15454 incorporates RMON to allow network operators to monitor Ethernet card performance

and events. The RMON thresholds are user-provisionable in CTC. Refer to the Cisco ONS 15454

Procedure Guide for instructions. Note that otherwise, RMON operation is invisible to the typical CTC

user.

ONS 15454 system RMON is based on the IETF-standard MIB RFC 2819 and includes the following

five groups from the standard MIB: Ethernet Statistics, History Control, Ethernet History, Alarm, and

Event.

(cont.)

(8) cerent454AlarmObjectName The TL1-style user-visible name

that uniquely identifies an object

in the system.

(9) snmpTrapAddress The address of the SNMP trap.

Table 16-8 ONS 15454 SNMPv2 Trap Variable Bindings (continued)

Group

Trap Name(s) Associated

with

Variable

Binding

Number SNMPv2 Variable Bindings Description