Browse Prior Art Database

SNMP SECURE FORWARDER

IP.com Disclosure Number: IPCOM000008553D
Original Publication Date: 1998-Mar-01
Included in the Prior Art Database: 2002-Jun-24
Document File: 2 page(s) / 108K

Publishing Venue

Motorola

Related People

Jun Zhu: AUTHOR [+2]

Abstract

SNMP is the most popular protocol used for network management. However, lack of security is the major disadvantage of SNMP. Security is essential for SNMP based network management over a public network. The "community string" is the only method of enforcing SNMP security with the current SNMPvl or SNMPv2 protocol. This approach is susceptible to security threats since the non-encrypted community string is easily intercepted and decoded. An attacker can then modify the SNMP agent since there is not any type of authenti- cation provided by SNMP.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 2

m MOTOROLA Technical Developments

SNMP SECURE FORWARDER

by Jun Zhu and Paul Wadzinske

INTRODUCTION AND PRIOR ART

  SNMP is the most popular protocol used for network management. However, lack of security is the major disadvantage of SNMP. Security is essential for SNMP based network management over a public network. The "community string" is the only method of enforcing SNMP security with the current SNMPvl or SNMPv2 protocol. This approach is susceptible to security threats since the non-encrypted community string is easily intercepted and decoded. An attacker can then modify the SNMP agent since there is not any type of authenti- cation provided by SNMP.

  Several RFCs were proposed to enforce SNMP security. Due to the complexity of the proposals, most of the proposed RFCs related to SNMP security

are categorized as history by the IETF. So far, no approach can add security to SNMP without requir- ing intensive programming of the SNMP application.

SOLUTION

  The solution to this problem is a secure forwarder that enforces SNMP message privacy and authentication. The secure forwarder can use any encryption method to secure the SNMP messages.

  The SNMP secured message forwarder is a soft- ware process that constantly listens to the secured port for incoming messages. The security process is responsible for wrapping and unwrapping a security layer in order to provide message authentication and encryption.

  This solution is independent of the type of message to a designated...