D-Link DGS-3620-28PC Hardware Installation Guide - Page 34

xStack® DGS-3620 Series Layer 3 Managed Stackable Gigabit Switch Hardware Installation Guide Figure 4-5 Assigning the Switch an IP Address In the above example, the Switch was assigned an IP address of 10.90.90.91 with a subnet mask of 255.0.0.0 (the CIDR form was used to set the address (10.90.90.91/8)). The system message Success indicates that the command was executed successfully. The Switch can now be configured and managed via Telnet and the CLI or via the Webbased management. SNMP Settings Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) designed specifically for managing and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches and other network devices. Use SNMP to configure system features for proper operation, monitor performance and detect potential problems in the Switch, switch group or network. Managed devices that support SNMP include software (referred to as an agent), which runs locally on the device. A defined set of variables (managed objects) is maintained by the SNMP agent and used to manage the device. These objects are defined in a Management Information Base (MIB), which provides a standard presentation of the information controlled by the on-board SNMP agent. SNMP defines both the format of the MIB specifications and the protocol used to access this information over the network. The Switch supports SNMP versions 1, 2c, and 3. The administrator may specify which SNMP version to use to monitor and control the Switch. The three SNMP versions vary in the level of security provided between the management station and the network device. In SNMP v1 and v2, user authentication is accomplished using 'community strings', which function like passwords. The remote user SNMP application and the Switch SNMP must use the same community string. SNMP packets from any station that has not been authenticated are ignored (dropped). The default community strings for the Switch used for SNMP v1 and v2 management access are: • public - Allows authorized management stations to retrieve MIB objects. • private - Allows authorized management stations to retrieve and modify MIB objects. SNMP v3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list can do as an SNMP manager. The Switch allows groups of users to be listed and configured with a shared set of privileges. The SNMP version may also be set for a listed group of SNMP managers. Thus, a group of SNMP managers can be created to view read-only information or receive traps using SNMP v1 while assigning a higher level of security to another group, granting read/write privileges using SNMP v3. Using SNMP v3 individual users or groups of SNMP managers can be allowed to perform or be restricted from performing specific SNMP management functions. The functions allowed or restricted are defined using the Object Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMP v3 in that SNMP messages may be encrypted. To read more about how to configure SNMP v3 settings for the Switch read the section entitled Management. Traps Traps are messages that alert network personnel of events that occur on the Switch. The events can be as serious as a reboot (someone accidentally turned OFF the Switch), or less serious like a port status change. The Switch generates traps and sends them to the trap recipient (or network manager). Typical traps include trap messages for Authentication Failure, Topology Change and Broadcast\Multicast Storm. 34