摘要
简单网络管理协议 (SNMP)由于其易于实现和广泛的TCP/IP应用基础成为事实上的网络管理的标准 ,然而SNMP存在着许多缺陷 ,最重要的一点就是缺少安全性。简单网络管理协议的最新版本———SNMPv3针对这一点进行了有效地扩展。SNMPv3通过认证、加密和存取控制等手段 ,有效地抵御了信息更改、伪装、消息序列的更改和泄漏等安全威胁。通过对SNMPv3的相关分析 ,建立一种基于SNMPv3的安全有效网络管理系统实际可行 ,该系统采用分布式、动态的体系结构 ,具有灵活的扩展能力 ;并使用模块化的功能结构 ,使得整个系统易于升级和分布 ,并能够与原有的支持SN MPv1/v2的网络系统兼容 ;
Due to easy implementation and the extensive foundation of TCP/IP applications,Simple Network Management Protocol(SNMP)has become the actual standard of network management.Nevertheless,there were also many defects in SNMP,with the lack of security,the most serious one.The new edition of SNMP—SNMPv3 corrects this deficiency.By means of authentication,encrypt and access control,SNMPv3 can secure against modification of information,masquerade,and message stream modification and disclosure threats.By analysing the related parts of SNMPv3,it is practicable to construct a secure and effective Network Management System based on SNMPv3.The system adopts a distributed and dynamic architecture,which has flexible extensive ability;it also employs a modular function architecture,which makes the system easy to upgrade and distribute,and also compatible with the old SNMPv1/v2-based system.By means of information filtering and MIB classifying,the system overcomes the bulk and disorder of the management information.
