Download presentation
Presentation is loading. Please wait.
Published byMerilyn Spencer Modified over 9 years ago
1
1 Kyung Hee University Prof. Choong Seon HONG Chapter 15 SNMPV3 Architecture and Applications
2
2 Kyung Hee University The Evolution of SNMP
3
3 Kyung Hee University SNMPv3 Overview Design Requirements SNMPv3 security features rely heavily on SNMPv2u and SNMPv2* Address the need for secure Set request messages over real- world networks, which is the most important deficiency of SNMPv1 and SNMPv2
4
4 Kyung Hee University SNMPv3 Overview - Design Requirements - ADDRESS THE NEED FOR SECURY SUPPORT DEFINE AN ARCHITECTURE THAT ALLOWS FOR LONGEVITY OF SNMP ALLOW THAT DIFFERENT PORTIONS OF THE ARCHITECTURE MOVE AT DIFFERENT SPEEDS TOWARDS STANDARD STATUS ALLOW FOR FUTURE EXTENSIONS KEEP SNMP AS SIMPLE AS POSSIBLE ALLOW FOR MINIMAL IMPLEMENTATIONS SUPPORT ALSO THE MORE COMPLEX FEATURES, WHICH ARE REQUIRED IN LARGE NETWORKS RE-USE EXISTING SPECIFICATIONS, WHENEVER POSSIBLE
5
5 Kyung Hee University SNMP Entities
6
6 Kyung Hee University SNMPv3 ARCHITECTURE: MANAGER UDP, IPX, Others
7
7 Kyung Hee University SNMPv3 ARCHITECTURE: Agent
8
8 Kyung Hee University CONCEPTS: snmpEngineID
9
9 Kyung Hee University CONCEPTS: Context
10
10 Kyung Hee University PRIMITIVES BETWEEN MODULES
11
11 Kyung Hee University SendPdu
12
12 prepareOutgoingMessage
13
13 generateRequestMsg
14
14 send / receive
15
15 Kyung Hee University prepareDataElements
16
16 processIncomingMsg
17
17 processPd
18
18 isAccessAllowed
19
19 returnResponsePdu
20
20 prepareResponseMessage
21
21 generateResponseMsg
22
22 send / receive
23
23 Kyung Hee University prepareDataElements
24
24 processIncomingMsg
25
25 processResponsePdu
26
26 MODULES OF THE SNMPv3 ARCHITECTURE DISPATCHER AND MESSAGE PROCESSING MODULE SNMPv3 MESSAGE STRUCTURE snmpMPDMIB RFC 3412 APPLICATIONS snmpTargetMIB snmpNotificationMIB snmpProxyMIB RFC 3413 SECURITY SUBSYSTEM USER-BASED SECURITY MODEL (USM) snmpUsmMIB RFC 3414 ACCESS CONTROL SUBSYSTEM VIEW-BASED ACCESS CONTROL MODEL (VACM) snmpVacmMIB RFC 3415
27
27 Kyung Hee University SNMPv3 MESSAGE STRUCTURE
28
28 Kyung Hee University SNMPv3 PROCESSING MODULE PARAMETERS
29
29 Kyung Hee University SECURE COMMUNICATION VERSUS ACCESS CONTROL
30
30 Kyung Hee University USM: SECURITY THREATS
31
31 Kyung Hee University USM MESSAGE STRUCTURE
32
32 Kyung Hee University IDEA BEHIND REPLAY PROTECTION
33
33 Kyung Hee University IDEA BEHIND DATA INTEGRITY AND AUTHENTICATION
34
34 Kyung Hee University SNMPv3 IMPLEMENTATIONS ACE*COMM AdventNet BMC Software Cisco Epilogue Gambit Communications Halcyon IBM ISI IWL MG-SOFT MultiPort Corporation SimpleSoft SNMP Research SNMP++ TU of Braunschweig UCD University of Quebec
35
35 Kyung Hee University SNMPv3 RFCs OTHER SNMP APPLICATIONS SNMP ENGINE MESSAGE PROCESSING SUBSYSTEM DISPATCHER SECURITY SUBSYSTEM ACCESS CONTROL SUBSYSTEM SNMP ENTITY RFC 3413 RFC 3411 RFC 3412 USM: RFC 3414VACM: RFC 3415
36
36 Kyung Hee University SNMPv3 RFCs (2) RFC 3410 (Informational) - Introduction and Applicability Statements for Internet Standard Management Framework (December 2002) RFC 3411 - An Architecture for Describing SNMP Management Frameworks (December 2002) RFC 3412 - Message Processing and Dispatching (December 2002) RFC 3413 - SNMP Applications (December 2002) RFC 3414 - User-based Security Model (December 2002) RFC 3415 - View-based Access Control Model (December 2002) RFC 3416 - Version 2 of SNMP Protocol Operations (December 2002) RFC 3417 - Transport Mappings (December 2002) RFC 3418 - Management Information Base (MIB) for the Simple Network Management Protocol (SNMP) (December 2002)
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.