Configuring SNMP users for SNMPv3

book

Article ID: 171243

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

This article provide steps to configuring SNMP users for SNMPv3 and edit.

Resolution

When you set up users, you configure authentication and privacy settings, as required.

 

Note: The enhanced security of SNMPv3 is based on each user having an authentication passphrase and a privacy passphrase. For environments in which there are increased security concerns, you have the option of setting up localized keys instead of passphrases.

You can enable authentication without enabling privacy, however, you cannot enable privacy without enabling authentication. In an authentication-only scenario, a secure hash is done so the protocol can validate the integrity of the packet. Privacy adds the encryption of the packet data.

 

To configure SNMP users:

  1. Select the Maintenance > SNMP > SNMPv3 Users tab.
  2. Click New. The Create User dialog displays.          
  3. Enter the name of the user.
  4. In the Authentication area:
  5. Select the authentication mode: MD5 (Message Digest Version 5) or SHA (Secure Hash Algorithm).
  6. Click Change Passphrase to set or change the authentication passphrase. If your environment requires a higher level of security, you have the option of setting up localized keys instead of passphrases. See Step c. Enter and confirm the passphrase, then click OK.
  7. (Optional) To set up localized keys for authentication instead of using an authentication passphrase, click Set Localized Keys. The Localized Keys dialog displays. When you set up localized keys, any password is deleted and the localized keys are used instead.
    • Click New. The Set Localized Key dialog displays.
    • If the Engine ID is Self, enter and confirm the localized key (hexadecimal), then click OK.
    • To add additional localized keys, enter the Engine ID (hexadecimal) and the localized key, then click OK.
  8. In the Privacy area:
    1. To set up the privacy mode, select DES (Data Encryption Standard) or AES (Advanced Encryption Standard).
    2. Click Change Passphrase to set or change the privacy passphrase. If your environment requires a higher level of security, you have the option of setting up localized keys instead of passphrases. See Step c.
      • Enter and confirm the passphrase, then click OK.
    3. (Optional) To set up localized keys for privacy instead of using a privacy passphrase, click Set Localized Keys. The Localized Keys dialog displays. If you have set up a privacy passphrase, you will not be able to set up localized keys.
      • Click New. The Set Localized Key dialog displays.
      • If the Engine ID is Self, enter and confirm the localized key (hexadecimal), then click OK.
      • To add additional localized keys, enter the Engine ID (hexadecimal) and the localized key, then click OK.
  9. Select the Authorization mode for this user: None, Read-only, or Read-write.
  10. Click OK to close the Create User dialog.
  11. Click Apply.

To edit a user:

  1. Select Maintenance > SNMP > SNMPv3 Users.
  2. Select the user to edit and click Edit. The Edit (user name) dialog displays.
  3. Edit the parameters as required, then click OK.
  4. Click Apply.

Attachments