Simple Network Management Protocol (SNMP) Version 3

CCNA, , ,

For the longest time in the networking industry, we had a running joke about Simple Network Management Protocol (SNMP). We would love to state that it actually stood for “Security is Not My Problem!”. This was because even though SNMP was dealing with all of this potentially sensitive information about your network device, it would rely on a plain text password for security. Yuck! 

SNMP version 3 really responded to the security weaknesses of the protocol by introducing a security model within the protocol. The wonderful components of this new security model that we can leverage are the user, group and security level.

That’s right, this approach is so flexible, there are multiple security levels you can take advantage of depending on the security requirements of your environment. The following security levels exits: 

  • “noAuthNoPriv” (no authentication and no encryption – use the noauth keyword in the CLI)
  • “AuthNoPriv” (messages are authenticated but not encrypted – use the auth keyword in the CLI)
  • “AuthPriv” (messages are authenticated and encrypted – use the priv keyword in the CLI)

You should note that the old SNMPv1 and SNMPv2 approaches only supported the “noAuthNoPriv” model since they used plain text community strings to match the incoming packets. 

With our SNMPv3 implementations, you can configure the appropriate security model on per-group basis. 

In SNMPv3, a group defines the access policy for a set of users. The access policy defines which SNMP objects can be accessed for reading and writing or which SNMP objects can generate notifications to the members of a group. A group also defines the security model and security level for its users. 

Here is an example configuration for you. Here three groups are created. They are the TEST1, TEST2, and TEST3 groups. Notice these groups consist of users and can be associated with SNMP views to control the scope of access. 

!
snmp-server view VIEW1 iso included
snmp-server view VIEW2 ifEntry.*.3 included
!
snmp-server group TEST1 v3 priv read VIEW1 write VIEW1
snmp-server group TEST2 v3 auth read VIEW2
snmp-server group TEST3 v3 priv
!
snmp-server user JOHN TEST1 v3 auth sha CISCO priv des56 CISCO
snmp-server user SARAH TEST2 v3 auth sha CISCO
snmp-server user LUCY TEST3 v3 auth sha CISCO priv des56 CISCO
!

Do You Know Your WiFi 802.11 Standards?

CCNA, , ,
CCNA Wireless

So I am putting the finishing touches on my upcoming CCNA Exam Cram for 200-301 and I needed an additional resource for the first of the three Wireless chapters. As a result – enjoy this quick and fun WiFi Quiz on the various 802.11 amendments. Score of 100%? Let me know in the comments of this post and get entered to win a prize!

WiFi Standards Quiz

Start

Congratulations - you have completed WiFi Standards Quiz.

You scored %%SCORE%% out of %%TOTAL%%.

Your performance has been rated as %%RATING%%


Your answers are highlighted below.
Return
Shaded items are complete.
12345
6End
Return

CCNA Sim Buster Replay Bundle is Here!

CCENT, CCNA R&S

Many of you have written to me asking about purchasing the replay of this event. I am happy to announce that the bundle is now available!

CCNA Training
The Replay of this Live Event is Here!

THE CCNA SIM BUSTER CLASS REPLAY AND CCNA SIMULATION PRACTICE PACK BUNDLE JUST $19.95

  • MP4 Download of the Complete Live Class
  • Class Slides
  • Class Starting and Ending Packet Tracer Files
  • The Complete CCENT (ICND1) and CCNA (ICND2) Simulation Practice Pack – this product consists of 32 labs covering every possible simulation topic in these exams! Each lab comes with a challenge scenario for the topology with a complete solution guide!

NOTE: You will receive an email within 24 hours of your order providing download instructions. The email is sent to your PayPal email address.