Configuring Security using Device Manager 147Field DescriptionInReadOnlys The total number of SNMP PDUs delivered to theSNMP protocol for which the value of the error-statusfield is readOnly. It is a protocol error to generatean SNMP PDU containing the value readOnly in theerror-status field. This object is provided to detectincorrect implementations of the SNMP.InGenErrs The total number of SNMP PDUs delivered to the SNMPprotocol for which the value of the error-status field isgenErr.Working with SNMPv3Simple Network Management Protocol (SNMP) provides a mechanism toremotely configure and manage a network device. An SNMP agent is asoftware process that listens on UDP port 161 for SNMP messages, andsends trap messages using the destination UDP port 162.SNMPv3 is based on the architecture of SNMPv1 and SNMPv2c. It supportsbetter authentication and data encryption than SNMPv1 and SNMPv2c.SNMPv3 provides protection against the following security threats:• modification of SNMP messages by a third party• impersonation of an authorized SNMP user by an unauthorized person• disclosure of network management information to unauthorized parties• delayed SNMP message replays or message redirection attacksThe configuration parameters introduced in SNMPv3 makes it more secureand flexible than the other versions of SNMP.For more information on the SNMPv3 architecture, see RFC 3411.This chapter describes the following concepts associated with SNMPv3:• "Initial Login with an SNMPv3 User" (page 148)• "User-based Security Model" (page 149)• "View-based Access Control Model" (page 152)• "Creating a community" (page 159)• "Management Targets" (page 161)• "The Notify Table" (page 166)Nortel Ethernet Routing Switch 2500 SeriesSecurity — Configuration and ManagementNN47215-505 (323165-B) 02.01 Standard4.1 19 November 2007Copyright © 2007, Nortel Networks.