CCNP (Cisco Certified Network Professional) Route Certification Exam Cram Notes

6. Infrastructure Services

6.1 SNMPv2 and SNMPv3

The security level determines if an SNMP message needs to be protected from disclosure and if the message needs to be authenticated. The various security levels that exist within a security model are as follows:

noAuthNoPriv - Security level that does not provide authentication or encryption.

AuthNoPriv - Communication with authentication and without privacy. The protocols used for Authentication are MD5 and SHA (Secure Hash Algorithm).

authPriv - Communication with authentication and privacy. The protocols used for Authentication are MD5 and SHA ; and for Privacy, DES (Data Encryption Standard) may be used.

Three security models are available: SNMPv1, SNMPv2c, and SNMPv3. The security model combined with the security level determine the security mechanism applied when the SNMP message is processed.

The main difference between SNMPv3 and v2 (or v1) is that the v3 version addresses the security and privacy issues. For example, in SNMPv2, passwords are transmitted in plain text, whereas v3 uses encryption.

The advantages are given below, in brief:

1. Authentication

2. Privacy

3. Authorization and Access Control

4. Remote configuration and administration capabilities

The following are the snmp security model and their encryption types

Security Model Security Level Authentication Encryption Type
SNMPv1 noAuthNoPriv Community string None
SNMPv2c noAuthNoPriv Community string None
SNMPv3 noAuthNoPriv User name None
  AuthNoPriv MD5 or SHA None
  authPriv MD5 or SHA CBC-DES (DES-56)

Previous   Contents   Next

CCNP Route Cram Notes Contents ad