Skip to main content

10.3.6 SNMP Agent Setting Flow


10.3.6 SNMP Agent Setting Flow
This section describes the XSCF SNMP agent setting flow.

For details on each step, see "10.3.7 Setting System Management Information on the SNMP Agent and Enabling/Disabling the SNMP Agent" and the subsequent sections.

SNMPv1 and SNMPv2c cannot be said to be secure since they do not provide communication data encryption. Data can be sent and received more securely with SNMPv3, using the authentication/encryption settings made on both the agent and manager sides. These systems provide SNMPv3 as the default SNMP agent.
Starting Sending and Receiving
  1. Log in to the XSCF.
  2. Set the following management information common to the SNMPv1, SNMPv2c, and SNMPv3 agent protocols (see setsnmp(8)).
    - Agent system installation location

    - Administrator e-mail address

    - Agent system description

    - Agent port number (listening port number)
  3. Set the following management information for SNMPv3 or that for SNMPv1 and SNMPv2c (see setsnmp(8)).
  1. -- Setting SNMPv3 management information

    - User name

    - Authentication password

    - Encryption password

    - Authentication algorithm

    - Encryption protocol

    - Trap destination port number

    - Trap destination host name

    -- Setting SNMPv1 and SNMPv2c management information

    - Trap type specification (selection of v1, v2c, or inform <v2c and response>)

    - Community name

    - Trap destination port number

    - Trap destination host name
  1. Enable the XSCF SNMP agent function. Enable the function in one or both of the following ways, according to the user environment (see setsnmp(8)).
    - Enabling SNMPv1 and SNMPv2c

    - Enabling SNMPv3
Note - If the XSCF SNMP agent has been enabled, all MIB information except the setting items of step 3 is initialized.
Stopping or Disabling Sending and Receiving
  1. Disabling the XSCF SNMP agent function
    Disable the function in one or both of the following ways, according to the user environment:
  1. - SNMPv1 and SNMPv2c nullification

    - SNMPv3 nullification
  1. Disabling transmission to the intended trap destination host for SNMPv3
    Specify the following items to disable transmission:
  1. - User name

    - Trap destination host
  1. Disabling transmission to the intended trap destination host for SNMPv1 or SNMPv2c
    Specify the following items to disable transmission:
  1. - Protocol type (v1/v2c) specification

    - Trap destination host
Managing Users (USM Management) and Managing the Access Control Views of MIB Definition Files (VACM Management)
Manage USM and VACM for SNMPv3.

When using an SNMPv3 agent, use the setsnmp command to set the authentication protocol and the encryption protocol. Next, be sure to use the setsnmpusm command to set the management information for the User-based Security Model (USM), and use the setsnmpvacm command to set the management information for the View-based Access Control Model (VACM). When making settings for SNMPv3, the specification of an authentication protocol and an encryption protocol is required. Moreover, password entry is required when using the setsnmp and setsnmpusm commands.

  1. Log in to the XSCF.
  2. Register, change, or delete the following user management information (see setsnmpusm(8) and setsnmpvacm(8)).
    - Specifying a user authentication algorithm

    - Specifying a user encryption protocol

    - Registering an authentication/encryption password for a user

    - Changing the authentication/encryption password of a user

    - Copying a user

    - Deleting a user
  3. Register, assign, or delete the access control group and access control view (MIB view) for a user as follows:
    - Registering an access control group for a user

    - Deleting the access control group of a user

    - Creating a MIB access control view

    - Deleting a MIB access control view

    - Assigning a MIB access control view to a group

    - Deleting a group from all MIB access control views