User Guide: PTP 600 Series
System management
phn-0896_012v000
Jul 2010
1-49
The default user
initial
is created with a view of the entire MIB, requiring
authentication for SET operations. There is no access for template users.
NOTE
VACM grants access for requests sent with more than the configured
security level.
The default user
initial
will have read/write access to the whole of the MIB. This is
described in further detail in
View-based access control model
on page
1-47
. The
template users have no access to the MIB in the default configuration. User
initial
will normally be used to create one or more additional users with secret authentication
and privacy keys, and with appropriate access to the whole of the MIB or to particular
views of the MIB according to the operator’s security policy. New users must be
created by cloning template users. The user
initial
may then be deleted to prevent
access using the well-known user name and keys. Alternatively, the keys associated
with
initial
may be set to some new secret value.
Web-based management of SNMPv3 security
PTP 600 supports an alternative, web-based approach for configuring SNMPv3
security. In this case, the web-based interface allows users to specify SNMPv3 users,
security levels, privacy and authentication protocols, and passphrases. Web-based
management will be effective for many network applications, but the capabilities
supported are somewhat less flexible than those supported using the MIB-based
security management.
Selection of web-based management for SNMPv3 security disables the MIB-based
security management.
Web-based management of SNMPv3 security allows for two security roles:
•
Read Only
•
System Administrator
Read Only and System Administrator users are associated with fixed views allowing
access to the whole of the MIB, excluding the objects associated with SNMPv3
security. System Administrators have read/write access as defined in the standard and
proprietary MIBs.
Web-based management of SNMPv3 security allows an operator to to define the
security levels and protocols for each of the security roles; all users with the same role
share a common selection of security level and protocols.
4Gon www.4Gon.co.uk info@4gon.co.uk Tel: +44 (0)1245 808195 Fax: +44 (0)1245 808299