SNMP Version 3 SNMPv3 - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

SNMP Version 3 SNMPv3

Description:

... how to provide secure access between manager and managed devices ... Security model: an authentication strategy that is set up for a ... authorization and ... – PowerPoint PPT presentation

Number of Views:893
Avg rating:3.0/5.0
Slides: 11
Provided by: jwh8
Category:

less

Transcript and Presenter's Notes

Title: SNMP Version 3 SNMPv3


1
SNMP Version 3(SNMPv3)
  • J. Won-Ki Hong
  • Dept. of Computer Science and Engineering
  • POSTECH
  • Tel 054-279-2244
  • Email jwkhong_at_postech.ac.kr

2
Table of Contents
  • The Birth of SNMPv3
  • SNMPv3 Security Models and Levels
  • Comparison with SNMPv1 SNMPv2

3
The Birth of SNMPv3
  • SNMPv1 SNMPv2 both lack strong security
    features
  • Internet being open environment, how to provide
    secure access between manager and managed devices
    has been a big concern
  • SNMPv3 was born to solve this problem
  • Security features provided in SNMPv3
  • Authentication determining if a message is from
    a valid source
  • Encryption scrambling the contents of a packet
    prevents it from being seen by an unauthorized
    source

4
Recall Internet NM Framework
  • Basically, SNMPv3 is a natural extension of
    SNMPv1 SNMPv2
  • Internet NM Framework consists of
  • 1. Manager-agent interaction model
  • 2. a management information definition language
    (SMI)
  • 3. definitions of management information (MIB)
  • 4. management protocol
  • 5. security and administration
  • SNMPv3 inherited 1, 2, 3 4 from SNMPv2 and
    added a new set of documents for 5

5
Security Models Levels (1)
  • SNMPv3 provides for both security models levels
  • Security model an authentication strategy that
    is set up for a user and the group in which the
    user resides
  • Security level permitted level of security
    within a model
  • Three security models available - SNMPv1, SNMPv2,
    SNMPv3
  • Three security levels available - noauth, auth,
    priv
  • Authenticates a packet by using
  • noauth a string match of the user name
  • auth either HMAC MD5 or SHA algorithms
  • priv either HMAC MD5 or SHA algorithms and
    encrypts the packet using the CBC-DES (DES-56)
    algorithm

6
Security Models Levels (2)
  • DES Data Encryption Standard
  • MD5 SHA Secure Hash Function
  • HMAC Message Authentication Code

7
SNMPv1 vs. SNMPv3
8
SNMPv2 vs. SNMPv3
  • The unmet goals of SNMPv2 include provision of
    commercial grade security
  • authentication origin identification, message
    integrity, replay protection
  • privacy confidentiality
  • authorization and access control
  • suitable remote configuration and administration
    capabilities for these features
  • SNMPv3 attempts to provide these

9
SNMPv3 References (1)
  • RFC 3410 (Informational) - Introduction and
    Applicability Statements for Internet Standard
    Management Framework (December 2002)
  • RFC 3411 - An Architecture for Describing SNMP
    Management Frameworks (December 2002)
  • RFC 3412 - Message Processing and Dispatching
    (December 2002)
  • RFC 3413 - SNMP Applications (December 2002)
  • RFC 3414 - User-based Security Model (December
    2002)
  • RFC 3415 - View-based Access Control Model
    (December 2002)
  • RFC 3416 - Version 2 of SNMP Protocol Operations
    (December 2002)
  • RFC 3417 - Transport Mappings (December 2002)
  • RFC 3418 - Management Information Base (MIB) for
    the Simple Network Management Protocol (SNMP)
    (December 2002)

10
SNMPv3 References (2)
  • http//www.snmp.com/snmpv3/v3white.html
  • http//www.ibr.cs.tu-bs.de/ietf/snmpv3/
  • http//www.ietf.org/html.charters/snmpv3-charter.h
    tml
  • http//www.simpleweb.org/ietf/
Write a Comment
User Comments (0)
About PowerShow.com