D-Link DXS-3600-EM-STACK Hardware Installation Guide - Page 26

DXS-3600 Series 10GbE Layer 2/3 Switch Hardware Installation Guide NOTE: For customers interested in D-View, D-Link Corporation's proprietary SNMP management software, go to http://dview.dlink.com.tw/ and download the software and manual. Managed devices that support SNMP include software (referred to as an agent), which runs locally on the device. A defined set of variables (managed objects) is maintained by the SNMP agent and used to manage the device. These objects are defined in a Management Information Base (MIB), which provides a standard presentation of the information controlled by the on-board SNMP agent. SNMP defines both the format of the MIB specifications and the protocol used to access this information over the network. This switch supports SNMP Versions 1, 2c, and 3 alternatively known as SNMPv1, SNMPv2c and SNMPv3. The administrator may specify which version of SNMP to use to monitor and control the switch. The three versions of SNMP vary in the level of security provided between the management station and the network device. In SNMPv1 and SNMPv2c, user authentication is accomplished using 'community strings', which function like passwords. The remote user SNMP application and the Switch's SNMP must use the same community string. SNMP packets from any station that has not been authenticated are ignored (dropped). The default community strings for the Switch used for SNMPv1 and SNMPv2c are: • public - Allows authorized management stations to retrieve MIB objects. • private - Allows authorized management stations to retrieve and modify MIB objects. DXS-3600-32S#show snmp community Community Name: private Community Index: private Community SecurityName: private storage-type: nonVolatile active Community Name: public Community Index: public Community SecurityName: public storage-type: nonVolatile active DXS-3600-32S# Figure 4-9 To view the SNMP community strings SNMPv3 uses a more sophisticated authentication process that is separated into two parts. 1 The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. 2 The second part describes what each user on that list can do as an SNMP manager. The switch allows groups of users to be created and configured with a shared set of privileges. The SNMP version may also be configured for a specific group of SNMP managers. A group of SNMP managers can be created to view readonly information or to receive traps using SNMPv1 while assigning a higher level of security to another group, granting read/write privileges using SNMPv3. Using SNMPv3, individual users or groups of SNMP managers can be allowed to perform or be restricted from performing specific SNMP management functions. The functions allowed or restricted are defined using the Object Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMPv3 in which SNMP messages may be encrypted. Traps Traps are messages that alert network personnel of events that occur on the switch. The events can be as serious as a reboot (someone accidentally turned OFF the switch), or less serious like a port status change. The switch generates 20