SNMPv3 Security Features

SNMP version 3 provides the following security features that SNMPv1 and v2 do not provide:

• Encryption of protocol data units (PDUs) to prevent unauthorized users from viewing the PDU contents. SNMPv3 uses CBC-DES for its encryption protocol.
• Authentication of the user who sent the PDU. User authentication is provided by either the HMAC-SHA or HMAC-MD5 authentication protocol.
• Timeliness checks of the PDU to ensure that it has not been delayed or replayed.
• Ability to define which MIB objects and table rows that specific users can access and whether they have read-only, read-write, or notify access. This functionality is achieved by creating views, associating user groups with views, and then assigning users to groups.

Note: For security reasons, you no longer can view the SNMP configuration in the startup configuration file.