Specifications

Functions

RS2-4R

Release

1.0

03/04

4.6

Security

115

4.6 Security

4.6.1 SNMP

The agent communicates with the network management station via the

Simple Network Management Protocol. Therefore the network management

station uses the F network management software or the Web-based

interface.

Every SNMP packet contains the IP address of the sending computer and the

community under which the sender of the packet wants to access the switch

MIB.

The switch receives the SNMP packet and compares the IP address of the

sending computer and the community with the entries in the hmAuthCom

mTable and the hmAuthHostTable of its MIB. If the community has the

appropriate access right, and if the IP address of the sending computer has

been entered, then the switch will allow access.

In the delivery state, the switch is accessible via the "public" community (read

only) and the "private" one (read and write) from every computer.

To protect your switch from unwanted access:

V First define a new community which you can access from your computer

with all rights.

Note: Make a note of the community name and the associated index. For

security reasons, the community name cannot be read later. Access to the

community access, trap destination and trap configuration table is made via

the community index.

V Treat this community with discretion. Because everyone who knows the

community can access the switch MIB with the IP address of your

computer.

V Limit the access rights of the known communities or delete their entries.