1
0
Fork 0
mirror of https://gitlab.com/netravnen/NetworkLabNotes.git synced 2024-11-23 19:17:54 +00:00

Added SNMPv2,SNMPv2c descriptions

This commit is contained in:
chhan11 2017-06-05 22:18:17 +02:00
parent b53a77ab34
commit 55877d8233

View file

@ -351,10 +351,12 @@ Cisco switches allow by default only the following 3 protos until the client is
\item \textit{Get Bulk Request}\footnote{To pull data from a network node in bulk}, and \item \textit{Get Bulk Request}\footnote{To pull data from a network node in bulk}, and
\item \textit{Inform Request}\footnote{\gls{snmp} trap message added with a requirement for an acknowledgement returned back to the network node}. \item \textit{Inform Request}\footnote{\gls{snmp} trap message added with a requirement for an acknowledgement returned back to the network node}.
\end{enumerate} \end{enumerate}
\item \gls{snmp}v2 added \textit{in addition} to 2 extra message types also a complex new security model. This was never widely accepted which is why we have \gls{snmp}v2c existing and considered the \textit{de-facto} \gls{snmp}v2 standard.
\end{itemize} \end{itemize}
\item \itemhead{v2c} \item \itemhead{v2c}
\begin{itemize} \begin{itemize}
\item \item \gls{snmp}v2c switched from the complex security model \gls{snmp}v2 used to using \texttt{community strings}. This posses a lot of inherent security risks because (amongst other) of the low level Authentication used when polling data from \gls{snmp} agents. Because of this Cisco recommends when using \gls{snmp}v2c to only enable the protocol for data polling from \gls{snmp} agents.
\item \textbf{Never} use v2c to push configuration changes to \gls{snmp} agents because the security level is just not up to standard to provide the necessary security level at all.
\end{itemize} \end{itemize}
\item \itemhead{v3} \item \itemhead{v3}
\begin{itemize} \begin{itemize}