Draw the SNMP Access Policy (as in Figure ) for the following scenario. Suppose

Question

Draw the SNMP Access Policy (as in Figure ) for the following scenario. Suppose a corporation with headquarters in Riyadh and domains or network sites in Riyadh, Jeddah, and Dammam. Let Manager 1 and community 1 be associated with Jeddah, Manager 2 and community 2 be associated with Riyadh, and Manager 3 and community 3 be associated with Dammam. Let Manager 4 be the overall network management system, the Manager of Managers (MOM). Each Manager manages 2 Agents associated with network elements in its domain only. So that, Manger 1 does not have the view of Riyadh or Dammam, Manger 2 cannot perform operations on network elements belonging to Jeddah or Dammam domains, and Manger 3 cannot communicate with Agents in Jeddah or Riyadh. However, Manger 4 has all community names defined in its profile and hence has the view of the total enterprise network in Riyadh, Jeddah, and Dammam.

Figure 1 Manager 1 (Community 1) T Community 1 Agent 1 Community Profile 1 Community Profile 2 Agent 2 Manager 3 (Community 1, Community 2) Community 2 Comm e 3 Agent 3 Community Profile 4 H Agent 4 Manager 2 (Community 2)

Explanation / Answer

SNMP access policies are configured on the agent running the snmpd daemon.

Access policies as per the above diagram----

Access policy for Agent 1:

com2sec Manager1 NETWORK/24 community1
com2sec Manager3 NETWORK/24 community3
com2sec Manager4 NETWORK/24 public

group MyGroup1 v2c Manager1
group MyGroup3 v2c Manager3
group MyGroup4 v2c Manager4

# context sec.model sec.level match read write notif
access MyGroup1 "" any noauth exact all all all
access MyGroup3 "" any noauth exact all all all
access MyGroup4 "" any noauth exact all all all

Agent 2:

com2sec Manager1 NETWORK/24 community1
com2sec Manager3 NETWORK/24 community3
com2sec Manager4 NETWORK/24 public

group MyGroup1 v2c Manager1
group MyGroup3 v2c Manager3
group MyGroup4 v2c Manager4

# context sec.model sec.level match read write notif
access MyGroup1 "" any noauth exact all all all
access MyGroup3 "" any noauth exact all all all
access MyGroup4 "" any noauth exact all all all

Agent 3:

com2sec Manager2 NETWORK/24 community2
com2sec Manager3 NETWORK/24 community3
com2sec Manager4 NETWORK/24 public

group MyGroup2 v2c Manager2
group MyGroup3 v2c Manager3
group MyGroup4 v2c Manager4

# context sec.model sec.level match read write notif
access MyGroup2 "" any noauth exact all all all
access MyGroup3 "" any noauth exact all all all
access MyGroup4 "" any noauth exact all all all

Agent 4:

com2sec Manager2 NETWORK/24 community2
com2sec Manager3 NETWORK/24 community3
com2sec Manager4 NETWORK/24 public

group MyGroup2 v2c Manager2
group MyGroup3 v2c Manager3
group MyGroup4 v2c Manager4

# context sec.model sec.level match read write notif
access MyGroup2 "" any noauth exact all all all
access MyGroup3 "" any noauth exact all all all
access MyGroup4 "" any noauth exact all all all

Related Questions

Navigate

• Browse (All)
• Browse D
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.