APPENDIX B
SECURITY STANDARDS IN USE IN ETHERNET INSTALLATIONS
The protocols and standards listed below are readily available components that can be used to implement secure Ethernet networks in factories, power substations and other industrial sites.
SNMP
Simple Network Management Protocol, introduced in 1988, is a standard for gathering and managing statistical data about network traffic and the behavior of network components such as switches, hubs, routers and any device which is SNMP enabled. It is based on the manager/agent model and is used in TCP/IP and other networks to monitor and control network devices, and manage configurations, statistics collection, and performance. It is easy to implement, install, and use, and does not place undue burden on the network. Even better, SNMP modules from different vendors work together with minimal effort. However, early versions of SNMP did not adequately address the issue of security.
Basic security, in the form of authentication and encryption, was first proposed in 1998 with SNMPv3. Accepted as a full Internet standard in 2002, SNMPv3 assures that a received message was transmitted by the entity whose identifier appears as the source in the message header, it assures that the message was not altered in transit and that there was not artificial delay or replay. It also provides for the ability to update configuration parameters in SNMP agents, thus enabling complete remote management of SNMP devices, which is an added convenience as Web management comes into play.
It is important to note that SNMPv3 adds several levels of capability, and increasing complexity, to an SNMP implementation. Unless an implementation requires security features, most SNMP deployments will remain at SNMPv1 or SNMPv2. Perhaps the wisest approach for a vendor of Ethernet switches is to continue to offer these earlier versions, as well as SNMPv3, in its network management package to accommodate users with various levels of security requirements.
Communicating SNMPv3 engines share a secret authentication key that is provided by the sending entity. When the receiving entity gets the message, it uses the same secret key to calculate the message authentication code again. If the receiver’s version of the code matches the value appended to the incoming message, then the receiver knows that the message can only have originated from the
9
