Bert Wijnen, Lucent Technologies - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Bert Wijnen, Lucent Technologies

Description:

APT 2003. 1. Bert Wijnen, Lucent Technologies. bwijnen_at_lucent.com. APT Security Seminar ... Note that architecture addresses security mechanims for all versions ... – PowerPoint PPT presentation

Number of Views:66
Avg rating:3.0/5.0
Slides: 20
Provided by: bertw
Category:

less

Transcript and Presenter's Notes

Title: Bert Wijnen, Lucent Technologies


1
SNMPv3 Status andSNMPv3 Security Mechanisms
APT Security Seminar Aug 2003
  • Bert Wijnen, Lucent Technologies
  • bwijnen_at_lucent.com

2
Agenda
  • IETF documents
  • RFC status
  • Internet Drafts
  • SNMP Status
  • Other IETF Network Management Activities
  • SNMPv3 Security Mechanisms
  • Note that architecture addresses security
    mechanims for all versions of SNMP as we will see
    in the following slides

3
SNMP Message formats
4
SNMPv3 Message Format
5
User-based Security Model (USM)
  • Authentication mechanisms
  • HMAC MD5 (RFC3414)
  • HMAC SHA-1 (RFC3414)
  • Privacy/Encryption
  • DES (RFC3414)
  • AES (being worked on)
  • draft-blumenthal-aes-usm-06.txt
  • Symmetric Keys, Localized Keys

6
SNMP entity/system
7
Architecture Multiple Message Processing
Subsystems
8
Architecture Multiple Security Subsystems
9
Architecture Multiple Access Control Subsystems
10
SNMP Manager
11
SNMP agent
12
Naming for Security
13
Naming for MIB access
14
Process flow in an SNMP Manager
15
Process flow in an SNMP agent
16
View-based Access Control
17
Other SNMP Security Mechanisms/Methods
  • Firewall/Filter SNMP traffic from outside
    networks
  • Use dedicated (physical) Network for NM
  • Use IPsec between NMS and Managed systems
  • Use SNMP over TCP over TLS
  • Diffie-Helman USM Key Management (RFC2768)
  • etc

18
More Information
  • http//www.ietf.org/html.charters/wg-dir.html
  • For all current IETF Working Groups
  • http//www.ietf.org
  • Starting point for IETF information
  • http//www.ops.ietf.org
  • Starting point for OPS Area specific web pages
  • http//www.ibr.cs.tu-bs.de/projects/snmpv3/
  • SNMPv3 specific website

19
QA
  • Any Questions ?
Write a Comment
User Comments (0)
About PowerShow.com