z/OS® Communications Server
SNMP supports SNMPv3. The legacy community-based protocols SNMPv1
and SNMPv2 are also supported. SNMPv3, defined in RFCs 3410 through
3415 is the standards-based solution for SNMP security. It is categorized
as a User-based Security Model (USM) which provides different levels
of security based on the user accessing the managed information. To
support this security level, the SNMPv3 framework defines several
security functions, such as USM for authentication and privacy, and
view-based access control model (VACM) which provides the ability
to limit access to different MIB objects on a per-user basis, and
the use of authentication and data encryption for privacy. However,
SNMP is not just enhanced security. It defines an architecture for
SNMP management frameworks, with the intent that pieces of the architecture
can advance over time without requiring the entire structure to be
rewritten. For that reason, three major subsystems are defined:
- Message processing subsystem
- Security subsystem
- Access control subsystem
The framework is structured so that multiple models can be supported
concurrently and replaced over time. For example, although there is
a new message format for SNMPv3, messages created with the SNMPv1
and SNMPv2 formats can still be supported. Similarly, the user-based
security model can be supported concurrently with the community-based
security models previously used. For more information on SNMPv3 and
configuring SNMPv3 support, see
Simple Network Management Protocol.
For information about accessing RFCs, see
Related protocol specifications.