vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-10-26 08:41:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

SNMP: add security information for SNMPv3

Browse Source
This commit is contained in:
Christian Poessinger 2019-11-12 08:01:42 +01:00
parent 5fcd3ec773
commit 9610be887b
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
docs/services/snmp.rst
View File

@ -118,8 +118,23 @@ Example
SNMPv3 SNMPv3
^^^^^^ ^^^^^^
SNMPv3 is an updated version that, among other things, supports encryption and SNMPv3 (version 3 of the SNMP protocol) introduced a whole slew of new security
cryptographic authentication of clients. related features that have been missing from the previous versions. Security
was one of the biggest weakness of SNMP until v3. Authentication in SNMP
Versions 1 and 2 amounts to nothing more than a password (community string)
sent in clear text between a manager and agent. Each SNMPv3 message contains
security parameters which are encoded as an octet string. The meaning of these
security parameters depends on the security model being used.
The securityapproach in v3 targets:
* Confidentiality Encryption of packets to prevent snooping by an
unauthorized source.
* Integrity Message integrity to ensure that a packet has not been tampered
while in transit including an optional packet replay protection mechanism.
* Authentication to verify that the message is from a valid source.
Example Example
******* *******