Cisco Cisco ONS 15454 M6 Multiservice Transport Platform (MSTP)
SNMP External Interface Requirement
Since all SNMP requests come from a third-party application, the only external interface requirement is that a third-party SNMP
client application can upload RFC 3273 SNMP MIB variables in the etherStatsHighCapacityTable, etherHistoryHighCapacityTable,
or mediaIndependentTable.
client application can upload RFC 3273 SNMP MIB variables in the etherStatsHighCapacityTable, etherHistoryHighCapacityTable,
or mediaIndependentTable.
SNMP Version Support
The ONS 15454 supports SNMPv1 and SNMPv2c traps and get requests. The ONS 15454 SNMP MIBs define alarms, traps, and
status. Through SNMP, NMS applications can query a management agent for data from functional entities such as Ethernet switches
and SONET multiplexers using a supported MIB.
status. Through SNMP, NMS applications can query a management agent for data from functional entities such as Ethernet switches
and SONET multiplexers using a supported MIB.
ONS 15454 MIB files in the CiscoV1 and CiscoV2 directories are almost identical in content except for
the difference in 64-bit performance monitoring features. The CiscoV2 directory contains three MIBs
with 64-bit performance monitoring counters:. CERENT-MSDWDM-MIB.mib, CERENT-FC-MIB.mib,
and CERENT-GENERIC-PM-MIB.mib The CiscoV1 directory does not contain any 64-bit counters, but
it does support the lower and higher word values used in 64-bit counters. The two directories also have
somewhat different formats.
the difference in 64-bit performance monitoring features. The CiscoV2 directory contains three MIBs
with 64-bit performance monitoring counters:. CERENT-MSDWDM-MIB.mib, CERENT-FC-MIB.mib,
and CERENT-GENERIC-PM-MIB.mib The CiscoV1 directory does not contain any 64-bit counters, but
it does support the lower and higher word values used in 64-bit counters. The two directories also have
somewhat different formats.
Note
SNMPv3 Support
Cisco ONS 15454 Software R9.0 and later supports SNMPv3 in addition to SNMPv1 and SNMPv2c. SNMPv3 is an interoperable
standards-based protocol for network management. SNMPv3 provides secure access to devices by a combination of authentication
and encryption packets over the network based on the User Based Security Model (USM) and the View-Based Access Control Model
(VACM).
standards-based protocol for network management. SNMPv3 provides secure access to devices by a combination of authentication
and encryption packets over the network based on the User Based Security Model (USM) and the View-Based Access Control Model
(VACM).
• User-Based Security Model—The User-Based Security Model (USM) uses the HMAC algorithm for generating keys for
authentication and privacy. SNMPv3 authenticates data based on its origin, and ensures that the data is received intact. SNMPv1
and v2 authenticate data based on the plain text community string, which is less secure when compared to the user-based
authentication model.
and v2 authenticate data based on the plain text community string, which is less secure when compared to the user-based
authentication model.
• View-Based Access Control Model—The view-based access control model controls the access to the managed objects. RFC
3415 defines the following five elements that VACM comprises:
◦Groups—A set of users on whose behalf the MIB objects can be accessed. Each user belongs to a group. The group defines
the access policy, notifications that users can receive, and the security model and security level for the users.
◦Security level—The access rights of a group depend on the security level of the request.
◦Contexts—Define a named subset of the object instances in the MIB. MIB objects are grouped into collections with
different access policies based on the MIB contexts.
◦MIB views—Define a set of managed objects as subtrees and families. A view is a collection or family of subtrees. Each
subtree is included or excluded from the view.
◦Access policy—Access is determined by the identity of the user, security level, security model, context, and the type of
access (read/write). The access policy defines what SNMP objects can be accessed for reading, writing, and creating.
5