Polycom RealPresence DMA System SNMP Support

self-documenting, including information about the purpose of specific traps and inform notifications. Third-party MIBs accessible through the Polycom system may include both hardware and software system MIBs.

SNMP Notifications

A key feature of SNMP is the ability to generate notifications from an SNMP agent. Notifications are called as such because they are sent, unsolicited and asynchronous to the SNMP manager from the Polycom system. Notifications can indicate improper user authentication, restarts, the closing of a connection, loss of connection to another system, or other significant events. They are generated as informs or trap requests.

Traps are messages alerting the SNMP manager to a system or network condition change. Inform requests (informs) are traps that include a request for a confirmation receipt from the SNMP manager. Traps are less reliable than informs because the SNMP manager does not send any acknowledgment when it receives a trap. However, informs consume more system and network resources. Traps are discarded as soon as they are sent. An inform request is held in memory until a response is received or the request times out. Traps are sent only once while informs may be retried several times.The retries increase traffic and contribute to a higher overhead on the network. Thus, traps and inform requests provide a trade-off between reliability and network resources.

SNMP Versions

Polycom supports two versions of SNMP:

SNMPv2c—Polycom implements a sub-version of SNMPv2. SNMPv2c uses a community-based form of security. The community of SNMP managers able to access the agent MIB is defined by an IP-based Access Control List and password.

One drawback of SNMPv2c is that it is subject to packet sniffing of the clear text community string from the network traffic, because it does not encrypt communications between the management system and SNMP agents.

SNMPv3—Polycom implements the newest version of SNMP. Its primary feature is enhanced security. SNMPv3 provides secure access to systems with a combination of authenticating and encrypting packets over the network.The contextEngineID in SNMPv3 uniquely identifies each SNMP entity. The contextEngineID is used to generate the key for authenticated messages. Polycom implements SNMPv3 communication with authentication and privacy (the authPriv security level as defined in the USM MIB).

Authentication is used to ensure that traps are read by only the intended recipient. As messages are created, they are given a special key that is based on the contextEngineID of the entity. The key is shared with the intended recipient and used to receive the message.

Privacy encrypts the SNMP message to ensure that it cannot be read by unauthorized users.

Message integrity ensures that a packet has not been tampered with in transit.

Configure SNMP

The RealPresence DMA system uses SNMP to provide a standardized framework and a common language used monitoring and managing the system.

Note that you should understand how your SNMP management system is configured to properly configure the RealPresence DMA system’s SNMP transport protocol, version, authentication, and privacy settings.

Polycom, Inc.

420

Page 420
Image 420
Polycom 3725-76302-001O manual Configure Snmp, Snmp Notifications, Snmp Versions