Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Management Security

Published byFriedrich Heintze Modified over 5 years ago

Similar presentations

Presentation on theme: "Network Management Security"— Presentation transcript:

1 Network Management Security
Chapter 8 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden Henric Johnson

2 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3
Recommended Reading and WEB Sites Henric Johnson

3 Basic Concepts of SNMP An integrated collection of tools for network monitoring and control. Single operator interface Minimal amount of separate equipment. Software and network communications capability built into the existing equipment SNMP key elements: Management station Managament agent Management information base Network Management protocol Get, Set and Notify Henric Johnson

4 Protocol context of SNMP
Henric Johnson

5 Proxy Configuration Henric Johnson

6 Henric Johnson

7 SNMP v1 and v2 Trap – an unsolicited message (reporting an alarm condition) SNMPv1 is ”connectionless” since it utilizes UDP (rather than TCP) as the transport layer protocol. SNMPv2 allows the use of TCP for ”reliable, connection-oriented” service. Henric Johnson

8 Comparison of SNMPv1 and SNMPv2
SNMPv1 PDU SNMPv2 PDU Direction Description GetRequest Manager to agent Request value for each listed object Request next value for each listed object ------ GetBulkRequest Request multiple values SetRequest Set value for each listed object InformRequest Manager to manager Transmit unsolicited information GetResponse Response Agent to manager or Manage to manager(SNMPv2) Respond to manager request Trap SNMPv2-Trap Agent to manager Henric Johnson

9 SNMPv1 Community Facility
SNMP Community – Relationship between an SNMP agent and SNMP managers. Three aspect of agent control: Authentication service Access policy Proxy service Henric Johnson

10 SNMPv1 Administrative Concepts
Henric Johnson

11 SNMPv3 SNMPv3 defines a security capability to be used in conjunction with SNMPv1 or v2 Henric Johnson

12 SNMPv3 Flow Henric Johnson

13 Traditional SNMP Manager
Henric Johnson

14 Traditional SNMP Agent
Henric Johnson

15 SNMP3 Message Format with USM
Henric Johnson

16 User Security Model (USM)
Designed to secure against: Modification of information Masquerade Message stream modification Disclosure Not intended to secure against: Denial of Service (DoS attack) Traffic analysis Henric Johnson

17 Key Localization Process
Henric Johnson

18 View-Based Access Control Model (VACM)
VACM has two characteristics: Determines wheter access to a managed object should be allowed. Make use of an MIB that: Defines the access control policy for this agent. Makes it possible for remote configuration to be used. Henric Johnson

19 Access control decision
Henric Johnson

20 Recommended Reading and WEB Sites
Subramanian, Mani. Network Management. Addison-Wesley, 2000 Stallings, W. SNMP, SNMPv1, SNMPv3 and RMON 1 and 2. Addison-Wesley, 1999 IETF SNMPv3 working group (Web sites) SNMPv3 Web sites Henric Johnson

Download ppt "Network Management Security"

Similar presentations

Henric Johnson1 Chapter 12 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 12 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden
CSCE 815 Network Security Lecture 17 SNMP Simple Network Management Protocol March 25, 2003.

CSCE 815 Network Security Lecture 17 SNMP Simple Network Management Protocol March 25, 2003.
Net Security1 Chapter 8 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden Revised by Andrew Yang.

Net Security1 Chapter 8 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden Revised by Andrew Yang.
CS 678 P. T. Chung1 Network Management Security CS 678 Network Security, Dept. of Computer Science, Long Island University,Brooklyn, NY.

CS 678 P. T. Chung1 Network Management Security CS 678 Network Security, Dept. of Computer Science, Long Island University,Brooklyn, NY.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
CIS 203 17 : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.

CIS : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.
Henric Johnson1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden
Network Management Security

Network Management Security
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.
Manajemen Jaringan dan Network Security Pertemuan 26 Matakuliah: H0484/Jaringan Komputer Tahun: 2007.

Manajemen Jaringan dan Network Security Pertemuan 26 Matakuliah: H0484/Jaringan Komputer Tahun: 2007.
Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.

Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
NS-H0503-02/11041 SNMP. NS-H0503-02/11042 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.

NS-H /11041 SNMP. NS-H /11042 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.
1 Pertemuan 26 Manajemen Jaringan dan Network Security Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.

1 Pertemuan 26 Manajemen Jaringan dan Network Security Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.
EE579T/10 #1 Spring 2005 © 2000-2005, Richard A. Stanley EE579T Network Security 10: An Overview of SNMP Prof. Richard A. Stanley.

EE579T/10 #1 Spring 2005 © , Richard A. Stanley EE579T Network Security 10: An Overview of SNMP Prof. Richard A. Stanley.
Network Management Management Tools –Desirable features Management Architectures Simple Network Management Protocol.

Network Management Management Tools –Desirable features Management Architectures Simple Network Management Protocol.
1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.

1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.
Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.

Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.
COMP4690, by Dr Xiaowen Chu, HKBU

COMP4690, by Dr Xiaowen Chu, HKBU
EE579T/9 #1 Spring 2003 © 2000-2003, Richard A. Stanley EE579T Network Security 9: An Overview of SNMP Prof. Richard A. Stanley.

EE579T/9 #1 Spring 2003 © , Richard A. Stanley EE579T Network Security 9: An Overview of SNMP Prof. Richard A. Stanley.

Similar presentations

Ads by Google