Applications - Cisco WS-C6506 Software Manual

Catalyst 6500 series switch

Hide thumbs Also See for WS-C6506:

Manual (110 pages)

Installation manual (336 pages)

Table of Contents

Configuring SNMP

Each incoming message is passed to the security subsystem from the message processing subsystem. If

required, the security subsystem checks the authentication code and performs the decryption. The

processed message is returned to the message processing subsystem. An implementation of the security

subsystem may support one or more distinct security models. The only currently defined security model

is the user-based security model (USM) for SNMPv3, which is specified in RFC 2274.

The USM protects the SNMPv3 messages from the following potential security threats:

The USM currently defines the HMAC-MD5-96 and HMAC-SHA-96 as the authentication protocols and

CBC-DES as the privacy protocol.

SNMPv1 and SNMPv2c security models provide only the community names for authentication and no

Access Control Subsystem

The access control subsystem determines whether access to a managed object should be allowed. With

the view-based access control model (VACM), you can control which users and which operations can

have access to which managed objects.

Applications

The SNMPv3 applications refer to the internal applications within an SNMP entity. These internal

applications can do the following operations:

There are currently five types of applications:

An authorized user sending a message that gets modified in transit by an unauthorized SNMP entity.

An unauthorized user trying to masquerade as an authorized user.

A user modifying the message stream.

An unauthorized user listening to the message.

Generate the SNMP messages

Respond to the received SNMP messages

Generate and receive the notifications

Forward the messages between the SNMP entities

Command generators—Generate the SNMP commands to collect or set management data.

Command responders—Provide access to the management data. For example, processing get,

get-next, get-bulk, and set pdus are used in a command responder application.

Notification originators—Initiate the Trap or Inform messages.

Notification receivers—Receive and process the Trap or Inform messages.

Proxy forwarders—Forward the messages between the SNMP entities.

Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7

Understanding How SNMPv3 Works

Show Quick Links

Table of Contents

Troubleshooting

Catalyst 6506 Catalyst 6509 Catalyst 6513

Applications - Cisco WS-C6506 Software Manual

Applications

Hide quick links:

Troubleshooting

Related Manuals for Cisco WS-C6506

Related Content for Cisco WS-C6506

This manual is also suitable for:

Table of Contents