Archived community.zenoss.org | full text search
Skip navigation
Currently Being Moderated

B.2. SNMP V3 Support

VERSION 1 
Created on: Oct 26, 2009 4:19 PM by Zenoss API - Last Modified:  Oct 26, 2009 4:19 PM by Zenoss API

#B.2. SNMP V3 Support

Zenoss provides support for SNMPv3 data collection.

The following zProperties control the authentication and privacy of these requests:

  • zSnmpAuthType: use either "MD5" or "SHA" signatures to authenticate SNMP requests

  • zSnmpAuthPassword: the shared private key used for authentication. Must be at least 8 characters long.

  • zSnmpPrivType: either "DES" or "AES" cryptographic algorithms.

  • zSnmpPrivKey: the shared private key used for encrypting SNMP requests. Must be at least 8 characters long.

  • zSnmpSecurityName: the Security Name (user) to use when making SNMPv3 requests.

If zSnmpPrivType and zSnmpPrivPassword are set, the message is sent with privacy and authentication. If only the zSnmpAuthType and zSnmpAuthPassword are set, then the message is sent with Authentication but no Privacy. If neither the Priv or Auth values are set, the message is sent with no authentication or privacy. It is an error to set the PrivType and PrivPassword without also setting an AuthType and AuthPassword.

SNMPv3 encryption using the AES (Advanced Encryption Standard) algorithm is supported only if the host platform net-snmp library supports it.

Currently, RedHat 5 and Ubuntu 7.10 do not support AES, but OpenSuSE 10.2 and the Zenoss Appliance do.

You can determine if your platform supports AES by using the following test:

$ snmpwalk -x AES 2>&1 | head -1

If the response is:

"Invalid privacy protocol specified after -x flag: AES"

then your platform does not support AES encryption for SNMPv3.

If the response is:

"No hostname specified." 

Then your platform supports AES.

Note

SNMPv3 Traps are not supported by Zenoss.

Comments (0)