Cisco Systems IE 2000 Information About SNMP

36-2

Cisco IE 2000 Switch Software Configuration Guide

OL-25866-01

Chapter 36 Configuring SNMP

Information About SNMP

• Changing the value of the SNMP engine ID has important implications. A user's password (e ntered

on the command line) is converted to an MD5 or SHA security digest based on the password a nd the

local engine ID. The command-line password is then destr oyed, as required by RFC 2274. Because

of this deletion, if the value of the engine ID changes, the security digests o f SNMPv3 users become

invalid, and you need to reconfigure SNMP users by using the snmp-server user username global

configuration command. Similar restrictions require the reconfigurati on of community strings when

the engine ID changes.

Information About SNMP

The Simple Network Management Protocol (SNMP) is an applica tion-layer protocol that provides a

message format for communication between managers and agents. The SNMP system consists of an

SNMP manager, an SNMP agent, and a MIB. The SNMP manager can be part of a network management

system (NMS) such as CiscoWorks. The agent and MIB reside on the switch. To configure SNMP on the

switch, you define the relationship between the manager and the agent.

The SNMP agent contains MIB variables whose values the SNMP manager can request or change. A

manager can get a value from an agent or store a value into the agent. The agent gathers data from the

MIB, the repository for information about device parameters and network data. The agent can also

respond to a manager’s requests to get or set data.

An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to

a condition on the network. Traps can mean improper user authentication, restarts, link status (up or

down), MAC address tracking, closing of a TCP connection, loss of connection to a neighbor, or other

significant events.

This software release supports these SNMP versions:

• SNMPv1—The Simple Network Management Protocol, a Full Internet Standard , defined in

RFC 1157.

• SNMPv2C replaces the Party-based Administrative and Security Framework of SNMPv2Classic

with the community-string-based Administrative Framework of SNMPv2C while retaining the bulk

retrieval and improved error handling of SNMPv2Classic. It has these features:

–

SNMPv2—Version 2 of the Simple Network Management Protocol, a Draft Internet Standard,

defined in RFCs 1902 through 1907.

–

SNMPv2C—The community-string-based Administrative Framework for SNMPv2, an

Experimental Internet Protocol defined in RFC 1901.

• SNMPv3—Version 3 of the SNMP is an interoperable standards-based protocol defined in RFCs

2273 to 2275. SNMPv3 provides secure access to devices by authenticating and encrypting packets

over the network and includes these security features:

–

Message integrity—Ensures that a packet was not tampered with in transit.

–

Authentication—Determines that the message is from a valid source.