Network Administration: SNMP Monitoring 279FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\UserGuide\Dell_Astute_Network_Admin_SNMP.fmD E L L C O N F I D E N T I A L – P R E L I M I N A R Y 8 / 9 / 1 6 - F O R P R O O F O N L Y• SNMPv3 — Users and GroupsSNMP v3 works with users instead of communities. The users belong togroups that have access rights assigned to them. Users are defined in theUser Security Model pagesSNMPv3 provides two security mechanisms:– Authentication — The switch checks that the SNMP user is anauthorized system administrator. This is done for each and everyframe.– Privacy — SNMP frames can carry encrypted data.These mechanisms can be combined to provide three levels of security:– No security– Authentication– Authentication and Privacy. Note that for both authentication andprivacy to be enabled, two groups with the same name, one withauthentication and one with privacy, must be created.A group is a label for a combination of attributes that determines whethermembers have read, write, and/or notify privileges. Users can be associatedwith a group. A group is operational only when it is associated with anSNMP user.SNMP Global ParametersThe Engine ID is used by SNMPv3 entities to uniquely identify themselves.Both a remote and local Engine ID can be specified.An SNMP agent is considered an authoritative SNMP engine. This meansthat the agent responds to incoming messages (Get, GetNext, GetBulk, Set),and sends trap messages to a manager. The agent's local information isencapsulated in fields in the message.Each SNMP agent maintains local information that is used in SNMPv3message exchanges (not relevant for SNMPv1 or SNMPv2). The defaultSNMP Engine ID is comprised of the enterprise number and the defaultMAC address. The SNMP engine ID must be unique for the administrativedomain, so that no two devices in a network have the same engine ID.