Secured
Management
Traditionally NMS and the SNMP protocol have been synonymous with clear text open community strings being transferred on the wire as well as saved in the databases of NMS applications without any encryption. In other words; Known and widely used NMS applications are severely unsecured. Historically “compromised security” was sold to customers as the cost of doing network management.
Security of SNMP was introduced through SNMP Version 3. Hence the significance of SNMPv3 SmartMIB and SOSL’s support is really critical for building secured solutions. It is interesting to mention here that NO serious SNMPv3 based NMS application solutions are available in the market today!
We are currently listed at The SNMPv3 web page. and approved by the Internet Engineering Steering Group (IESG).
| Please Note: |
|
The reader should be alerted to the fact that the term “Secured Management Solution” is different from a “Security Management Solution”. As the former addresses issues such as securing the management related traffic between the NMS and the managed element(s) and encrypting the secured SNMP Usernames allowed to access all or limited parts of the MIB on the managed element(s). |
While there are workarounds that provide security for SNMP traffic; those workarounds come at high costs to the networks they are supposed to run on and to the managed element(s) internal resources, as those solutions require extensive Memory and CPU usage as well as the difficulties in configuring and maintaining those solutions. Hence almost no one today deploys any secured management solution; those who do however are reliant on the NMS application vendor driven solution and have very limited or no control at all of what, where, and the extent of security applied to the particular NMS solution.
Using SmartMIB It is simply a matter of adding the managed device credentials in the “Secured Device” drawer to force all communications to that particular device to be secured through SNMPv3. Hence the management script is completely oblivious to the device itself and the NMS application itself through the GUI handles the type and the SNMP version it should use to communicate to the device. Furthermore; since the managed device could be a member of multiple AMZs, the administrator is in total control of when SNMPv3 could be used to poll the device and which MIB Objects are hence polled securely.
SmartMIB further drills into the secured solutions by addressing the issue of which application User(s) own a particular AMZ where a secured device belongs.
Adding Secured Devices to Inventory
To add a new secured device to the Inventory; choose the Inventory menu option from the main SmartMIB menu and click on ‘Secured Devices’ to open the ‘Secured Devices List’ window. (See Figure 3 below).
Figure (3):
To add the Secured device; click on the Add button to get the ‘Add New Secured Device’ window shown in Figure (4) below:
Figure (4):
The Secured device credentials are those credentials required for SNMPv3 security model setup on the managed device itself.
The SNMP protocol
settings could be modified from its defaults for the particular device being
added. The list of Management Zones is also detected by the Managed Elements
Seeder Process to allow the administrator(s) to assign the device to any number
of the Zones listed.
[SOS
Language Definition], [AMZ
Definition], [SNMP MIB Views],
[Secured
Management], [User Levels and
Roles Definition], [Real-Time
Journal Reports],
[SmartMIB
Components Definition], [SmartMIB
Data Integrity],
[Threshold
Management], [Trend Management]
[About
ANMS], [About SmartMIB], [About IMMS], [About SOSL], [FAQ]
[Home], [About], [Solutions
Center], [Sales & Marketing],
[Products & Services], [Software
Center], [Technical Support],
[Contact us], [Site
Map]