SNMP Terms
■Advanced Encryption Standard (AES)—An NIST-standard cryptographic cipher that uses a block length of 128 bits and key lengths of 128, 192, or 256 bits. AES uses the Rijndael algorithm, officially replacing the Triple DES Method. AES encryption can be done in one pass instead of three and its key size is greater than Triple Desís 168 bits. One of two privacy encryption protocols, AES is a stronger form of encryption than DES (see also “Data Encryption Standard”). (Source: The Internet Society, RFC 3664)
■Agent—A module that resides in a managed device. The agent is responsible for responding to requests from the manager and for sending traps to a recipient that inform the systems administrator of potential problems.
■Community String—Applications use community strings for access control. The manager includes the community string in its SNMP messages to an agent. The agent consequently can accept or reject the operation.
■Data Encryption Standard (DES)—An NIST-standard cryptographic cipher that uses a 56-bit key. DES has been replaced by AES as an official standard. DES is a symmetric block cipher that processes 64-bit blocks in four different modes of operation (electronic code book [ECB] being the most popular). Triple DES added security by providing several, multiplepass techniques. As an example, Triple DES encrypts with one key, decrypts the results with a different key, and then encrypts with a third. These extra passes add considerable time, DES, however, is still used for applications that do not require the strongest security. One of two privacy encryption protocols (see also ìAdvanced Encryption Standardî). (Source: The Internet Society, RFC 1829)
■EngineID—An administratively unique identifier of an SNMP v3 engine used for identification, not for addressing (Source: The Internet Society, RFC 3411). SNMP v3 authentication and encryption keys are generated based upon the associated passwords and the engine ID.
■Host keyword—Currently, the host keyword is limited to the machine’s IP address (DNS is not available at this time). The maximum keyword length is 31 alphanumeric characters.
■Managed device—A device that hosts the services of an SNMP agent that provides monitored information and controlled operations using SNMP. SL8500 libraries are managed devices.
■Management Information Base (MIB)—A collection of information stored in a database that contains configuration and statistical information for a managed device. For SL8500 libraries, a copy of the MIB is loaded with microcode and stored on the processor card. See “Management Information Base” on page 135 for more information about the MIB.
■Manager—Provides the communication link between the systems administrator and the managed devices on the network. A manager station or server allows the systems administrator to get information about the device through the MIB and to receive traps from an agent.
■Message Digest 5 (MD5)—A popular one-hash function that is used to create a message digest for digital signatures. MD5 is faster than SHA, but is considered less secure (see also “Secure Hash Algorithm”). (Source: The Internet Society, RFC 1321)
■Recipient—A location on a manager where the SNMP agent sends traps. This location is defined by the combination of either the IP address or DNS name and the port number. The default recipient port number is 162.