Mocomtech CIM-550 manual 258

13.4.1.7CIM SNMP COMMUNITY NAMES

The CiM-550 uses community strings as a password scheme that provides authentication before gaining access to the CiM-550 agent’s MIBs.

In SNMP v1/v2c, the community string is sent unencrypted in the SNMP packets. Caution must be taken by the network administrator to ensure that SNMP packets travel only over a secure and private network if security is a concern. A packet sniffer can easily obtain the community string by viewing the SNMP traffic on the network.

The community string is entered into the MIB Browser or Network Node Management software and is used to authenticate users and determine access privileges to the SNMP agent. The community string should match the concatenated user name and password. For example, if the user name is “comtech” and the password is “donttell” then the community string should be “comtechdonttell”.

Community strings are used to set up a three-tiered security scheme in the CiM-550. The CiM-550 provides for three types of users in the system: an Admin User, a Read/Write User, and a Read Only User. These users mirror those found in the CLI Name/Password Configuration screen. The Admin User has read and write access to all parameters in all standard and private MIBs. The Read/Write User has read and write access to all parameters in the standard and private MIBs, except for the cimUnitAdmin Group in the cimController MIB. The Read Only User has access to only read parameters from the standard MIBs and the private CiM-550 MIB. The Read Only User cannot do any reads (GETS) in the private CiM-550 IP Controller MIB.

232