Cisco Cisco IOS Software Release 12.4(2)T
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
© 2005, 2007 Cisco Systems, Inc. All rights reserved.
AES and 3-DES Encryption Support for SNMP
Version 3
Version 3
First Published: May 2005
Last Updated: June 5, 2007
Last Updated: June 5, 2007
The AES and 3-DES Encryption Support for SNMP Version 3 feature enhances the encryption
capabilities of SNMP version 3. Data Encryption Standard (DES) support was introduced in Cisco IOS
Release 12.0 and expanded in Cisco IOS Release 12.1. This support for Simple Network Management
Protocol (SNMP) version 3 User-Based Security Model (USM) is complaint with RFC 3414, which
defines DES as the only required method of message encryption for SNMP version 3 authPriv mode.
capabilities of SNMP version 3. Data Encryption Standard (DES) support was introduced in Cisco IOS
Release 12.0 and expanded in Cisco IOS Release 12.1. This support for Simple Network Management
Protocol (SNMP) version 3 User-Based Security Model (USM) is complaint with RFC 3414, which
defines DES as the only required method of message encryption for SNMP version 3 authPriv mode.
The AES and 3-DES Encryption Support for SNMP Version 3 feature adds Advanced Encryption
Standard (AES) 128-bit encryption in compliance with RFC 3826. RFC 3826 extensions have been
included in the SNMP-USM-AES-MIB. In addition, Cisco-specific extensions to support Triple-Data
Encryption Algorithm (3-DES) and AES 192-bit and 256-bit encryption have been added to the
CISCO-SNMP-USM-MIB. Additional information can be found in the Internet-Draft titled Extension to
the User-Based Security Model (USM) to Support Triple-DES EDE in “Outside” CBC Mode that can be
found at the following URL: http://www.snmp.com/eso/draft-reeder-snmpv3-usm-3desede-00.txt.
Standard (AES) 128-bit encryption in compliance with RFC 3826. RFC 3826 extensions have been
included in the SNMP-USM-AES-MIB. In addition, Cisco-specific extensions to support Triple-Data
Encryption Algorithm (3-DES) and AES 192-bit and 256-bit encryption have been added to the
CISCO-SNMP-USM-MIB. Additional information can be found in the Internet-Draft titled Extension to
the User-Based Security Model (USM) to Support Triple-DES EDE in “Outside” CBC Mode that can be
found at the following URL: http://www.snmp.com/eso/draft-reeder-snmpv3-usm-3desede-00.txt.
Finding Feature Information in This Module
Your Cisco IOS software release may not support all of the features documented in this module. To reach
links to specific feature documentation in this module and to see a list of the releases in which each feature is
supported, use the
links to specific feature documentation in this module and to see a list of the releases in which each feature is
supported, use the
Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS
software image support. To access Cisco Feature Navigator, go to
software image support. To access Cisco Feature Navigator, go to
. An
account on Cisco.com is not required.