Manuals / Cisco Systems / Computer Equipment / Network Router

Cisco Systems Dial NMS manual About SNMP Security

Models: Dial NMS

1 132

Download 132 pages 47.44 Kb

Page 21

About SNMP Security

Overview of Basic SNMP Building Blocks

About SNMP Security

About SNMP Security

SNMP lacks authentication capabilities, which results in a variety of security threats:

•Masquerading—An unauthorized entity attempting to perform management operations by assuming the identity of an authorized management entity.

•Modification of information—An unauthorized entity attempting to alter a message generated by an authorized entity, so the message results in unauthorized accounting management or configuration management operations.

•Message sequence and timing modifications—Occurs when an unauthorized entity reorders, delays, or copies and later replays a message generated by an authorized entity.

•Disclosure—Results when an unauthorized entity extracts values stored in managed objects. The entity can also learn of notifiable events by monitoring exchanges between managers and agents.

Note Because SNMP does not implement authentication, many vendors do not implement Set operations, which reduce SNMP to a monitoring facility.

Basic Dial NMS Implementation Guide

Image 21

Cisco Systems Dial NMS manual About SNMP Security

Contents

Basic Dial NMS Implementation Guide Internetworking Solutions Guide August Corporate HeadquartersCisco Systems, Inc 170 West Tasman Drive San Jose, CA 800 553-NETS Fax 408Copyright 2000, Cisco Systems, Inc All rights reserved Basic Dial NMS Implementation GuideC O N T E N T S Task 5-Setting Up a Web Portal for the Dial NMS Task 3-Using MRTG to Monitor and Graph Traffic LoadsTask 1-Enabling SNMP in a Cisco IOS Device Enabling SNMPTask 7-Using HP OpenView to Create the SNMP Framework Task 6-Managing IP Addresses by Using DNSTask 8-Using CiscoWorks 2000 Resource Manager Essentials Using CiscoViewContents Basic Dial NMS Implementation Guide Purpose PrefaceAudience ScopeConventions boldLEEE Technical References and Support Related Documentation and SitesInternetworking Solutions Guides FreewareCisco Product Documentation Cisco Connection Online Documentation CD-ROM Documentation FeedbackAcknowledgements About SNMP Overview of Basic SNMP Building BlocksWhat are the Basic Components of SNMP? SNMP Technology TAC Page -NetworkManaged devices About Basic SNMP Message Types and Commands About Basic SNMP Message Types and CommandsFigure 1 An SNMP-Managed Network Entity NMSWhat are SNMP MIBs? A managed object has these unique identities What is SNMPv1? SNMPv1 and ASN1 Data TypesSNMPv1 and SMI-Specific Data Types SNMPv1 Protocol Operations What is SNMPv2?SNMPv2 and SMI About SNMP ManagementSMI Information Modules SNMPv2 Protocol OperationsAbout SNMP Security Basic Dial NMS Implementation Guide Overview of Basic SNMP Building Blocks About SNMP SecurityIntroduction to the Case Study Network Design for a Dial NMS Case StudyBenefits of a Dial NMS THEnet Dial NMS Planning QuestionnaireNetwork Design Questions AnswersTHEnet Network Design Questions and Answers continuedNetwork Design Questions Answersshow isdn service Dial NMS Service Definitiondebug ppp error show controller t1show running show versionshow modem version show interface accounting` show modem operational-status ` show access-lists` show modem connect-speeds show modem summaryNetwork Topology Figure 5 Network Topology for One POPFigure 6 Network Topology for the NOC Hardware Description for Two POPs and the NOC Hardware RequirementsCapacity-Planning Matrix for the Line and Chassis Requirements 3 monthsDial NMS Software and Management System Requirements Software RequirementsConfiguration Design Parameters POP #1 Support Implementation and Operation TasksContact Phone T1 Dial-in NumberNetwork Design for a Dial NMS Case Study Implementation and Operation TasksBasic Dial NMS Implementation Guide Dial Related Dial MIBs and OIDs Used in the Case StudySystem Management MIB II / Interfacesshow controllers t1 show modem summarycall-counters show isdn memory See thecall-counters show controllers t1show modem summary show modemshow isdn history show caller ipshow caller ip show caller ipAbout Enabling SNMP Task 1-Enabling SNMP in a Cisco IOS DeviceTable 13 SNMP Command Descriptions Enabling SNMPEnables traps for unsolicited notifications for configuration Basic Dial NMS Implementation Guide Task 1-Enabling SNMP in a Cisco IOS Device About Enabling SNMPTask 2- Exploring SNMP Capabilities by Using About Using UCD-SNMPUCD-SNMP Exploring SNMP MIBs for Dial Netwo rks Installing UCD-SNMP and Downloading Cisco MIBs1.3.6.1.2.1 location. The Cisco enterprises prefix points to Note Do not forget the space between and /export Setting Up SNMP Commander About SNMP CommanderTask 2- Exploring SNMP Capabilities by Using UCD-SNMP Figure 8 SNMP Commander ToolAbout SNMP Commander Basic Dial NMS Implementation GuideTask 2- Exploring SNMP Capabilities by Using UCD-SNMP About SNMP CommanderBasic Dial NMS Implementation Guide About SNMP Commander Basic Dial NMS Implementation Guide Task 2- Exploring SNMP Capabilities by Using UCD-SNMPAbout MRTG Task 3-Using MRTG to Monitor and Graph Traffic LoadsAbout Selecting Dial OIDs Table 14 Circuit Utilization OIDsVariable Description Base MIB and OIDBase MIB and OID DescriptionHow to Inspect and Interpret Data Figure 12 Weekly Graph DS0s and PPP Sessions in Use Figure 11 Daily Graph DS0s and PPP Sessions in UseThe configuration file used to create these graphs is posted at Creating and Editing a Configuration File Interface TypeSyntax Example Example Task 3-Using MRTG to Monitor and Graph Traffic Loads How to Inspect and Interpret DataBasic Dial NMS Implementation Guide Task 3-Using MRTG to Monitor and Graph Traffic Loads How to Inspect and Interpret DataBasic Dial NMS Implementation Guide crontab from any directory Sending MRTG Graphs to a Web Server Page How to Inspect and Interpret Data Basic Dial NMS Implementation Guide Task 3-Using MRTG to Monitor and Graph Traffic LoadsAbout Syslog emergencies About Modem Call Records About NTPReleases 11.3AA and 12.0T Enabling NTP on a Cisco IOS Device Setting Up an NTP Client The following information appears Troubleshooting the NTP Client Enabling Syslog and Modem Call Records in the Cisco IOS Softwarentpq -p command console errors or logging console warnings Configuring the Syslog Daemon daemon is not running, no ID is returned Figure 18 Syslog Messages that Appear by Using FTP and a Web Browser Inspecting Syslog Messages in t he Log FileUses FTP to view About Modem Call Records Basic Dial NMS Implementation Guide About a Web Portal Task 5-Setting Up a Web Portal for the Dial NMSFunction UtilityBuilding a Device Linker Web Page OOB console access Troubleshooting a Cisco 2511 Console Connection Using HTTP to Access CLI Commands About HTTP Access to the CLIshow isdn service show running configurationshow file systems show ip routeauthentication show caller timeoutauthorization debug ppp authenticationTask 5-Setting Up a Web Portal for the Dial NMS Figure 22 Cisco IOS CLI CommanderAbout HTTP Access to the CLI Basic Dial NMS Implementation GuideTask 5-Setting Up a Web Portal for the Dial NMS Figure 23 Output for the Show Caller CommandAbout HTTP Access to the CLI Basic Dial NMS Implementation GuideTask 6-Managing IP Addresses by Using DNS About Managing IP AddressesReference Using Cisco Network Registrar CLI Command s Note The NRCMD command mode is not used In the previous example, the zone command Using a Batch File to Make Changes to a DNS Configuration Creating an IP Tracker Web Page Creating a Primary Forward ZoneTo create an IP tracker web page, follow these steps Task 6-Managing IP Addresses by Using DNS About Managing IP AddressesFigure 24 IP Tracker Web Page Basic Dial NMS Implementation GuideStep 2 Understand how the CGI scripts function esupport-austin.the.net How to Create a Reverse DNS ZoneRefresh 1 hours Retry 30 minutesHow to Create a Reverse DNS Zone Basic Dial NMS Implementation Guide Task 6-Managing IP Addresses by Using DNSAbout HP OpenView Task 7-Using HP OpenView to Create the SNMP FrameworkConnected to native database openview Verifying the SNMP ConfigurationIn the SNMP Configuration screen, enter the following information Step 4 Click Add and Apply to submit the entries Task 7-Using HP OpenView to Create the SNMP FrameworkAbout HP OpenView Basic Dial NMS Implementation GuidePerforming an SNMP Demand Poll About SNMP Demand PollsStep 5 Select Network Connectivity Poll Node Table 31 Important Fields to Inspect In the Polling Results continued Testing SNMP Get RequestsFigure 29 Successful SNMP Test Table 32 Test IP/TCP/SNMP Field DescriptionsVerifying that SNMP Traps Are Received Troubleshooting SNMP and a Demand PollStep 1 Open the All Events Browser. From the Fault menu, select Events Unmanaging the Dial Ports Creating and Adjustin g Maps About Discovery Filters Select Automatic LayoutChoose Off For This Submap Setting Up and Editing a Discover y Filter TheNetNodes TheNetFilters TheNetNodeList This is the filter for TheNet nodeslistUsing the HPOV CLI to Enter a Device into the Database About Discovery Filters Basic Dial NMS Implementation Guide Task 7-Using HP OpenView to Create the SNMP FrameworkAbout CiscoWorks 2000 RME Task 8-Using CiscoWorks 2000 Resource Manager EssentialsCiscoWorks 2000 TAC Support Page -Provides links to CiscoWorks 2000 Documentation Set -A collection ofStep 5 Select Inventory Import from Local NMS Importing Devices from HPOV and Popul ating the DatabasesChoose Resolve conflicts after importing Choose Cisco devices only Verifying that Device Polling is Turned On Figure 35 The Status of the Devices Polling the DevicesFigure 36 Devices Listed in the Availability Monitor Task 8-Using CiscoWorks 2000 Resource Manager EssentialsStep 6 Click Finish About CiscoWorks 2000 RMEStep 2 Select All Devices Backing up Cisco IOS ConfigurationsStep 2 Go to Monitor CiscoView Using CiscoViewFigure 39 Available Modems in the Cisco AS5800 Dial Shelf Task 8-Using CiscoWorks 2000 Resource Manager EssentialsAbout CiscoWorks 2000 RME Basic Dial NMS Implementation GuideAbout CiscoWorks 2000 RME Basic Dial NMS Implementation Guide Task 8-Using CiscoWorks 2000 Resource Manager EssentialsI N D E Page Page Page Page Index Basic Dial NMS Implementation Guide