Alcatel Carrier Internetworking Solutions omniswitch User Manual

SNMP Overview

Using SNMP

page 10-8

OmniSwitch 6600 Family Switch Management Guide

The community string security standard offers minimal security and is generally insufficient for networks 
where need for security is high. Although SNMPv1 lacks bulk message retrieval capabilities and security 
features, it is widely used and is a de facto standard in the Internet environment.

SNMPv2 is a later version of the SNMP protocol. It uses the same Get, Set, GetNext, and Trap operations 
as SNMPv1 and supports the same community-based security standard. SNMPv1 is incompatible with 
SNMPv2 in certain applications due to the following enhancements.

• Management Information Structure

SNMPv2 includes new macros for defining object groups, traps compliance characteristics, and 
capability characteristics.

• Protocol Operations

SNMPv2 has two new PDUs not supported by SNMPv1. The GetBulkRequest PDU enables the 
manager to retrieve large blocks of data efficiently. In particular, it is well suited to retrieving multiple 
rows in a table. The InformRequest PDU enables one manager to send trap information to another 
manager. 

SNMPv3 supports the View-Based Access Control Model (VACM) and User-Based Security Model 
(USM) security models along with these added security features: 

• Message integrity—Ensuring that a packet has not been tampered with in transit.

• Time Frame Protection—Limiting requests to specified time frames. The user can specify a time frame 

so that any PDU bearing an out of date timestamp will be ignored. 

• Encryption—Scrambling the contents of a packet to prevent it from being learned by an unauthorized 

source.

• Authentication—Determining that the message is from a valid source holding the correct privileges.