Cisco Systems OL-25712-04 SNMP Notifications, SNMP Security Levels and Privileges

• An SNMP manager—The system used to control and monitor the activities of network devices using

SNMP.

• An SNMP agent—The software component within Cisco UCS, the managed device, that maintains the

datafor CiscoUCS and reportsthe data, as needed,to theSNMP manager.Cisco UCS includes the

agentand a collection of MIBs. To enable the SNMP agent and create the relationship between the

managerand agent, enable and configure SNMP in Cisco UCS Manager.

• A managed information base (MIB)—The collection of managed objects on the SNMP agent. Cisco

UCSrelease 1.4(1) and higher support a larger number of MIBs than earlier releases.

CiscoUCS supports SNMPv1, SNMPv2c and SNMPv3. Both SNMPv1 and SNMPv2c use a community-based

formof security.SNMP is defined in the following:

• RFC 3410 (http://tools.ietf.org/html/rfc3410)

• RFC 3411(http://tools.ietf.org/html/rfc3411)

• RFC 3412 (http://tools.ietf.org/html/rfc3412)

• RFC 3413 (http://tools.ietf.org/html/rfc3413)

• RFC 3414 (http://tools.ietf.org/html/rfc3414)

• RFC 3415 (http://tools.ietf.org/html/rfc3415)

• RFC 3416 (http://tools.ietf.org/html/rfc3416)

• RFC 3417 (http://tools.ietf.org/html/rfc3417)

• RFC 3418 (http://tools.ietf.org/html/rfc3418)

• RFC 3584 (http://tools.ietf.org/html/rfc3584)

SNMP Notifications

Akey featureof SNMP is the ability to generate notifications from an SNMP agent. These notifications do

notrequire thatrequests be sentfrom theSNMP manager.Notifications can indicate improper user

authentication,restarts, the closing of a connection, loss of connection to a neighbor router, or other significant

events.

CiscoUCS Managergenerates SNMP notificationsas either trapsor informs.Traps are less reliable than

informsbecause the SNMP manager does not send any acknowledgment when it receives a trap, and Cisco

UCSManager cannot determine if the trap wasreceived. An SNMP manager that receives an inform request

acknowledgesthe message with an SNMP response protocol data unit (PDU). If the Cisco UCS Manager

doesnot receive the PDU, it can send the inform request again.

SNMP Security Levels and Privileges

SNMPv1,SNMPv2c, andSNMPv3 eachrepresent a differentsecurity model. The security model combines

withthe selected security level to determine the security mechanism applied when the SNMP message is

processed.

Thesecurity level determines the privileges required to view the message associated with an SNMP trap. The

privilegelevel determineswhether the messageneeds to beprotected fromdisclosure or authenticated.The

supportedsecurity level depends upon which security model is implemented. SNMP security levels support

oneor more of the following privileges:

Cisco UCS Manager GUI Configuration Guide, Release 2.0

122 OL-25712-04

Configuring SNMP