Configuring System Administrator Settings : Configuring SNMP settings : Configuring SNMPv3
  
Configuring SNMPv3
SNMPv3 provides additional authentication and access control for message security. For example, you can verify the identity of the SNMP entity (manager or agent) sending the message.
RiOS 7.0 and later support SNMPv3 message encryption for increased security.
Using SNMPv3 is more secure than SNMPv1 or v2; however, it requires more configuration steps to provide the additional security features.
Basic steps
1. Create the SNMP-server users. Users can be authenticated using either a password or a key.
2. Configure SNMP-server views to define which part of the SNMP MIB tree is visible.
3. Configure SNMP-server groups, which map users to views, allowing you to control who can view what SNMP information.
4. Configure the SNMP-server access policies that contain a set of rules defining access rights. Based on these rules, the entity decides how to process a given request.
To create users for SNMPv3
1. Choose Administration > System Settings: SNMP v3 to display the SNMP v3 page.
SNMP v3 page
2. Under Users, complete the configuration as described in this table.
Control
Description
Add a New User
Displays the controls to add a new user.
User Name
Specify the username.
Authentication Protocol
Select an authentication method from the drop-down list:
MD5—Specifies the Message-Digest 5 algorithm, a widely used cryptographic hash function with a 128-bit hash value. This is the default value.
SHA—Specifies the Secure Hash Algorithm, a set of related cryptographic hash functions. SHA is considered to be the successor to MD5.
Authentication
Optionally, select either Supply a Password or Supply a Key to use while authenticating users.
Password/Password Confirm
Specify a password. The password must have a minimum of eight characters. Confirm the password in the Password Confirm text box.
Use Privacy Option
Select to use SNMPv3 encryption.
Privacy Protocol
Select either the AES or DES protocol from the drop-down list. AES uses the AES128 algorithm.
Privacy
Select Same as Authentication, Supply a Password, or Supply a Key to use while authenticating users. The default setting is Same as Authentication.
Privacy Password
(Appears only when you select Supply a Password.) Specify a password. The password must have a minimum of eight characters. Confirm the password in the Privacy Password Confirm text box.
Key
(Appears only when you select Supply a Key.) Specify a unique authentication key. The key is an MD5 or SHA-1 digest created using md5sum or sha1sum.
MD5/SHA Key
(Appears only when you select Supply a Key.) Specify a unique authentication key. The key is either a 32-hexadecimal digit MD5 or a 40-hexadecimal digit SHA digest created using md5sum or sha1sum.
Add
Adds the user.
Remove Selected
Select the check box next to the name and click Remove Selected.
3. Click Save to Disk to save your settings permanently.