Configuring Security using Device Manager 149User-based Security ModelThe User-based Security Model (USM) provides a mechanism toauthenticate and encrypt SNMPv3 messages.A message, if configured, is authenticated with the help of a one-way hashfunction that is associated with an individual user ID. In the Ethernet RoutingSwitch 2500 Series, a user can be configured to use the HMAC-MD5-96 orthe HMAC-SHA-96 algorithm for the authentication of SNMPv3 messages.An SNMPv3 message, if configured, is encrypted with the help of the CipherBlock Chaining - Data Encryption Standard (CBC-DEC).An SNMPv3 user can be configured in three ways.Table 67 "SNMPv3 user configuration method" (page 149) describes theways in which an SNMPv3 user can be configured.Table 67SNMPv3 user configuration methodSNMPv3 ConfigurationMethod DescriptionNoAuthNoPriv The user cannot use an authentication or anencryption mechanism.AuthNoPriv The user can use an authentication but not anencryption mechanism.AuthPriv The user can use an authentication as well as anencryption mechanism.For more information on USM, see RFC 3414.Configuring the User-based Security ModelTo create a user in the USM table, use the following procedure:Step Action1 From the Device Manager menu bar, choose Edit > SnmpV3 >USM Table.The USM dialog box appears.The following figure displays the USM dialog box.Nortel Ethernet Routing Switch 2500 SeriesSecurity — Configuration and ManagementNN47215-505 (323165-B) 02.01 Standard4.1 19 November 2007Copyright © 2007, Nortel Networks.