views:

17

answers:

0

I'm looking into implementing SNMPv3 as a requirement for monitoring a specific device on the network.

As it is now, our project consists of a number of different Java classes that represent each device to be monitored on the network. Within each of these classes are a number of device-specific attributes that are needed in properly monitoring the device. For example, an SNMP modem would have all the OIDs that need to be monitored as a constant within each class. Those constants would then get polled and displayed to the GUI.

With that said, there are a few values that are received from the database - such as the SNMP community for SNMPv2c. That way if this value ever gets changed, it can be modified in the database and reflected in the system. So, as one can see, there is a difference in handling attributes within the device when it comes to static vs dynamic data. If the attribute of the device can change, it should be in the database. If it will never change, then the attribute should be hard-coded.

Now, we are interested in SNMPv3 monitoring, and we are trying to decide what information should be hard-coded vs stored in the database. With SNMPv3 security, there are a number of new parameters to add to a device:

  • User name
  • Security Level (NoAuthNoPriv|AuthNoPriv|AuthPriv)
  • Authorization Protocol (MD5|SHA)
  • Authorization Password
  • Privacy Protocol (DES|AES)
  • Privacy Password

Which of these parameters should be hard-coded and which should be in the database? It seems to me, that the user name and passwords should be within the database, but the protocols and secutity levels should be hard-coded. Am I right to assume that? What values can/can not be changed on an SNMPv3 device?

Thanks in advance.