Chapter 39 Access Control

SNMP version 3. The next figure illustrates an SNMP management operation. SNMP is only available if TCP/IP is configured.

Figure 179 SNMP Management ModelAn SNMP managed network consists of two main components: agents and a manager.

An agent is a management software module that resides in a managed switch (the Switch). An agent translates the local management information from the managed switch into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions. It executes applications that control and monitor managed devices.

The managed devices contain object variables/managed objects that define each piece of information to be collected about a switch. Examples of variables include number of packets received, node port status and so on. A Management Information Base (MIB) is a collection of managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects.

SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a request and the agent returns responses using the following protocol operations:

Table 126 SNMP Commands

COMMAND

DESCRIPTION

GetAllows the manager to retrieve an object variable from the agent.

 

 

GetNext

Allows the manager to retrieve the next object variable from a table or list within an agent. In

 

SNMPv1, when a manager wants to retrieve all elements of a table from an agent, it initiates

 

a Get operation, followed by a series of GetNext operations.

 

 

SetAllows the manager to set values for object variables within an agent.

 

 

TrapUsed by the agent to inform the manager of some events.

 

 

39.3.1 SNMP v3 and Security

SNMP v3 enhances security for SNMP management. SNMP managers can be required to authenticate with agents before conducting SNMP management sessions.

Security can be further enhanced by encrypting the SNMP messages sent from the managers. Encryption protects the contents of the SNMP messages. When the contents of the SNMP messages are encrypted, only the intended recipients can read them.

 

293

ES3500 Series User’s Guide