RFC 1446 (rfc1446) - Page 2 of 51
Security Protocols for version 2 of the Simple Network Management Protocol (SNMPv2)
Alternative Format: Original Text Document
RFC 1446 Security Protocols for SNMPv2 April 1993
1. Introduction
A network management system contains: several (potentially
many) nodes, each with a processing entity, termed an agent,
which has access to management instrumentation; at least one
management station; and, a management protocol, used to convey
management information between the agents and management
stations. Operations of the protocol are carried out under an
administrative framework which defines both authentication and
authorization policies.
Network management stations execute management applications
which monitor and control network elements. Network elements
are devices such as hosts, routers, terminal servers, etc.,
which are monitored and controlled through access to their
management information.
In the Administrative Model for SNMPv2 document [1], each
SNMPv2 party is, by definition, associated with a single
authentication protocol and a single privacy protocol. It is
the purpose of this document, Security Protocols for SNMPv2,
to define one such authentication and one such privacy
protocol.
The authentication protocol provides a mechanism by which
SNMPv2 management communications transmitted by the party may
be reliably identified as having originated from that party.
The authentication protocol defined in this memo also reliably
determines that the message received is the message that was
sent.
The privacy protocol provides a mechanism by which SNMPv2
management communications transmitted to said party are
protected from disclosure. The privacy protocol in this memo
specifies that only authenticated messages may be protected
from disclosure.
These protocols are secure alternatives to the so-called
"trivial" protocol defined in [2].
USE OF THE TRIVIAL PROTOCOL ALONE DOES NOT CONSTITUTE
SECURE NETWORK MANAGEMENT. THEREFORE, A NETWORK
MANAGEMENT SYSTEM THAT IMPLEMENTS ONLY THE TRIVIAL
PROTOCOL IS NOT CONFORMANT TO THIS SPECIFICATION.
Galvin & McCloghrie