Assignment - Zero plagiarism - Network Management
Purpose
Recognize conceptual and practical knowledge of different versions of Simple Network Management Protocol (SNMP).
Topic of Discussion
Discuss the security features in SNMPV3 that SNMPV1 and SNMPV2 do not provide
Submission Instructions
· Post your responses, examples, ideas, and discussions on this topic on the blackboard.
· You are required to write at least ONE original post and at least ONE response giving useful comment on a post uploaded by your classmate.
Total Marks Allotted: 1 mark
Due date: 27-October -2020
Marking Criteria
For your Original Post: Maximum 0.75 mark
Answer:
SNMPv3 has introduced the User-based security Model (USM) to offer security for messages and also for the View-based access control model (VACM) used for access control.
SNMPv3 supports the SNMP "Engine ID" Identifier, which uniquely identifies each SNMP entity. Conflicts can occur if two entities have duplicate EngineID's. The EngineID is used to generate the key for authenticated messages.
Each SNMP entity is identified by a unique identifier, an implementation from SNMP “engine ID”. Main usage for EngineID is to generate Keys for authenticated messages.
SNMP v3 security models come primarily in 2 forms: authentication and encryption.
SNMP comes in 2 forms:
Authentication - ensures traps are only accessed by intended recipients. Encrypting - encrypted SNMP payload hence making sure that messages can’t be read by unauthorized users.
SNMPv1 and SNMPv2 has security issues with the community strings. Read-only strings and also commujnity strung that are read-write are notmallu sent as cleat text-strings. There is no encryption from the NMS. This makes the strings to more available to anyboby who can get access packet sniffers. Hence, anybody within the netwoork wiht a computer and can dowload the software. SNMv3 fixes this problem by making sure that the cimmunity strings are always encrypted.