- Configuring the NetScaler to Generate SNMP Traps
- Configuring the NetScaler for SNMP v1 and v2 Queries
- Configuring the NetScaler for SNMPv3 Queries
- Configuring SNMP Alarms for Rate Limiting
Simple Network Management Protocol Version 3 (SNMPv3) is based on the basic structure and architecture of SNMPv1 and SNMPv2. However, SNMPv3 enhances the basic architecture to incorporate administration and security capabilities, such as authentication, access control, data integrity check, data origin verification, message timeliness check, and data confidentiality.
To implement message level security and access control, SNMPv3 introduces the user-based security model (USM) and the view-based access control model (VACM).
These entities function together to implement the SNMPv3 security features. Views are created to allow access to subtrees of the MIB. Then, groups are created with the required security level and access to the defined views. Finally, users are created and assigned to the groups.
SNMP engines are service providers that reside in the SNMP agent. They provide services such as sending, receiving, and authenticating messages. SNMP engines are uniquely identified using engine IDs.
The NetScaler appliance has a unique engineID based on the MAC address of one of its interfaces. It is not necessary to override the engineID. However, if you want to change the engine ID, you can reset it.
> set snmp engineId 8000173f0300c095f80c68
> add snmp view View1 -type included
SNMP groups are logical aggregations of SNMP users. They are used to implement access control and to define the security levels. You can configure an SNMP group to set access rights for users assigned to that group, thereby restricting the users to specific views.
You need to configure an SNMP group to set access rights for users assigned to that group.
> add snmp group edocs_group2 authPriv -readViewName edocs_read_view
SNMP users are the SNMP managers that the agents allow to access the MIBs. Each SNMP user is assigned to an SNMP group.
You need to configure users at the agent and assign each user to a group.
> add snmp user edocs_user -group edocs_group