SonicOSX 7 Device Settings
- SonicOS 7.0
- About Device Settings
- Managing SonicWall Licenses
- System Administration
- Configuring the Firewall Name
- Enabling Wireless LAN and IPv6
- Changing the Administrator Name and Password
- Configuring Login Security
- Multiple Administrators Support
- Enabling Enhanced Audit Logging Support
- Configuring the Wireless LAN Controller
- Enabling SonicOS API and Configuring Authentication Methods
- Enabling GMS Management
- Configuring the Management Interface
- Client Certificate Verification
- Selecting a Language
- Configuring Time Settings
- Managing Certificates
- Administering SNMP
- Firmware Settings
- Restarting the System
- SonicWall Support
About SNMP
SNMP (Simple Network Management Protocol) is a network protocol used over User Datagram Protocol (UDP) that allows network administrators to monitor the status of the SonicWall Security Appliance and receive notification of critical events as they occur on the network. The SonicWall Security Appliance supports SNMP v1/v2c/v3 and all relevant Management Information Base II (MIB-II) groups except egp and at.
SNMPv3 expands on earlier versions of SNMP and provides secure access to network devices by means of a combination of authenticating and encrypting packets.
Packet security is provided through:
- Message Integrity: ensures a packet has not been tampered with in transit
- Authentication: verifies a message comes from a valid source
- Encryption: encodes packet contents to prevent its being viewed by an unauthorized source.
SNMPv3 provides for both security models and security levels. A security model is an authentication strategy set up between a user and the group in which the user resides. The security level is the permitted level of security within a given security model. The security model and associated security level determine how an SNMP packet is handled. SNMPv3 provides extra levels of authentication and privacy, as well as additional authorization and access control.
Security Level, Authentication, and Encryption Based on SNMP Version shows how security levels, authentication, and encryption are handled by the different versions of SNMP.
Version | Level | Authentication Type | Encryption | Means of Authentication |
---|---|---|---|---|
v1 | noAuthNoPriv | Community String | No | Community string match |
v2c | noAuthNoPriv | Community String | No | Community string match |
noAuthNoPriv | Username | No | Username match | |
authNoPriv | MD5 or SHA | No | Authentication is based on the HMAC-MD5 or HMSC-SRA algorithms. | |
v3 | authPriv | MD5 or SHA | DES or AES | Provides authentication is based on the HMAC-MD5 or HMSC-SRA algorithms. Provides DES 56-bit encryption in addition to authentication based on the CBC-DES (DES-56) standard, or AES 128-bit encryption, as well. |
The SonicWall Security Appliance replies to SNMP Get
commands for MIB-II, using any interface, and supports a custom SonicWall MIB for generating trap messages. The custom SonicWall MIB is available for download from the SonicWall Web site and can be loaded into third-party SNMP management software such as HP Openview, Tivoli, or SNMPC.
You can view and configure SNMP settings. Settings cannot be viewed or modified by the user. SNMPv3 can be modified at the User or Group level. Access Views can be read, write, or both, and can be assigned to users or groups. A single View can have multiple Object IDs (OIDs) associated with it.
SNMPv3 settings for the SNMPv3 Engine ID are configurable under the General menu of the Configure SNMP view dialog. The Engine ID is used to authorize a received SNMP packet. Only matching packet EngineIDs are processed.
Was This Article Helpful?
Help us to improve our support portal