SNMPv3 suffers from a unique chicken and egg problem. To configure SNMPv3 users you need to use SNMPv3. So how does the intial user get configured ?
The intial users are configured via CLI or via standard factory settings. The cable industry has successfully adopted Diffie Hellman to help configure the initial users. However, this method is part of the DOCSIS (cable) standard, not SNMPv3.
Once the initial user is up and running, we can let SNMPv3 take over the user and key management functions.Â
Unbrowse SNMP is under heavy development to help with SNMPv3 user management for small and medium scale networks. The idea is :
- Manage USM users like you would Unix users
- Automatically prevent users from changing passwords of other users, to delete themselves, or to elevate their rights.
- Hide gory details of Contexts, Groups, TreeFamilies
- Tools to automatically propagate changes through network
We have beta builds available for anyone who would like to give it a spin. Please contact us via email for access to the beta.
Â
[tags] snmpv3, USM, VACM [/tags]
