SNMP Research is located in the scenic foothills of the Great Smoky Mountains in Tennessee on a 75-acre farm overlooking the French Broad River.



Similar documents
SNMP SECURITY A CLOSER LOOK JEFFERY E. HAMMONDS EAST CAROLINA UNIVERSITY ICTN 6865

Management, Logging and Troubleshooting

Network Management Tool IPV6 Validation NASA Integrated Services Network (NISN) Ken White 17 April 06

Title: Standards-based Secure Management of Networks, Systems, Applications and Services using SNMPv3 and HP OpenView Session #: 325 Speaker: David

Configuring SNMP Monitoring

Brocade Product Training

Network Security Part II: Standards

MIB Explorer Feature Matrix

Firewall Access Request Form

Tech Note Cisco IOS SNMP Traps Supported and How to Conf

Simple Network Management Protocol

Configuring and Monitoring Citrix Branch Repeater

Comparison of SNMP. Versions 1, 2 and 3

Cisco CMTS Router MIB Overview

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

A Brief. Introduction. of MG-SOFT s SNMP Network Management Products. Document Version 1.3, published in June, 2008

Interconnecting IPv6 Domains Using Tunnels

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

Configuring and Monitoring Bluecoat AntiVirus

VPN Modules for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

SyncThru TM Web Admin Service Administrator Manual

Monitoring Coyote Point Equalizers

Federal and Large Enterprise Solutions - FAQs

Cisco Cisco 3845 X X X X X X X X X X X X X X X X X X

A Guide to Understanding SNMP

SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)

Monitoring Sonic Firewall

Configuring Simple Network Management Protocol (SNMP)

Configuring and Monitoring Hitachi SAN Servers

Administrator's Guide

SIP Server Requirements

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Network Management Card Security Implementation

Configuring SNMP CHAPTER7

Network FAX Driver. Operation Guide

Chapter 7 Transport-Level Security

Configuring and Monitoring Citrix Access Gateway-Linux Servers. eg Enterprise v5.6

Integrated Services Router with the "AIM-VPN/SSL" Module

Network Security Essentials Chapter 5

ECView Pro Network Management System. Installation Guide.

Why SSL is better than IPsec for Fully Transparent Mobile Network Access

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Monitoring Traffic manager

SNMP Simple Network Management Protocol

IPv6 network management. 6DEPLOY. IPv6 Deployment and Support

CA Virtual Assurance/ Systems Performance for IM r12 DACHSUG 2011

Shipping Services Files (SSF) Secure File Transmission Account Setup

Implementing Cisco IOS Network Security v2.0 (IINS)

Avaya TM G700 Media Gateway Security. White Paper

VERITAS Cluster Server v2.0 Technical Overview

Avaya G700 Media Gateway Security - Issue 1.0

Managing the Co-existing Network of IPv6 and IPv4 under Various Transition Mechanisms

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Citrix MetaFrame XP Security Standards and Deployment Scenarios

Cisco Which VPN Solution is Right for You?

Preparing VoIP and Unified Communications Systems for IPv6 Technical Summary September 2014

Niagara IT Manager s Guide

Subnetting and Network Management Omer F. Rana. Networks and Data Communications 1

Crypt O Pack in security

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Summer 2015 rev A00 NuDesign Technologies, Inc. Price List. SNMP & CLI Tools, Components, Runtimes and Applications

How To Set Up Foglight Nms For A Proof Of Concept

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Simulation of an SNMP Agent: Operations, Analysis and Results

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

For the protocol access paths listed in the following table, the Sentry firmware actively listens on server ports to provide security for the CDU.

Monitoring DoubleTake Availability

StorageTek SL500 Modular Library System

ITL BULLETIN FOR JANUARY 2011

SSL SSL VPN

Integrated Services Router with the "AIM-VPN/SSL" Module

Replication and High-Availability

LinkProof And VPN Load Balancing

Monitoring Network Elements

Presented by Aurang Zeb 14CS-03. Network Management System

Alternatives to SNMP and Challenges in Management Protocols. Communication Systems Seminar Talk 10 Francesco Luminati

Novell Access Manager SSL Virtual Private Network

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Section 1 CREDIT UNION Member Information Security Due Diligence Questionnaire

ANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239

ERserver. iseries. Securing applications with SSL

ERserver. iseries. Secure Sockets Layer (SSL)

Configuring and Monitoring SiteMinder Policy Servers

Quest InTrust. Version 8.0. What's New. Active Directory Exchange Windows

IPv6 network management. Where and when?

0DQDJLQJ#0XOWLVHUYLFH#1HWZRUNV

Monitoring the HP Blade Servers

Best Practices for IP Node Monitoring

SNMP Version 3. Finding Feature Information. Information About SNMP Version 3. Security Features in SNMP Version 3

Introduction to Security and PIX Firewall

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification

Developing Network Security Strategies

Introduction to Simple Network Management Protocol (SNMP)

Simple Network Management Protocol (SNMP) Primer

Setting up an icap Server for ISG- 1000/2000 AV Support

Virtual Private Networks

End to end security for WebSphere MQ

How To Manage Ipv6 Networks On A Network With Ipvv6 (Ipv6) On A Pc Or Ipv4 (Ip6) (Ip V6) Or Ip V6 ( Ipv5) ( Ip V5

Communication and connectivity the ideal solution for integrated system management and data integrity

Multicast monitoring and visualization tools. A. Binczewski R. Krzywania R. apacz

Transcription:

SNMP Research is located in the scenic foothills of the Great Smoky Mountains in Tennessee on a 75-acre farm overlooking the French Broad River. 1 Welcome to SNMP Research and thank you for investing the next few minutes of your time in this presentation. Yes, we truly are located on a farm in the foothills of the Great Smoky Mountains. Our company began in 1988. Today, SNMP Research is the leading vendor of Internet Management technology based on industry standards. Our primary business is creating, licensing, and supporting software for the management of networks, applications, and systems. Our products are based on the SNMP protocols, v1, v2c and v3, and our products are available for both open systems such as LINUX, Windows, and Solaris and on over 30 embedded systems. Now let s explore three main topics for a moment. (Next Slide) 1

Secure Internet Management IPv6 Support Distributed SNMP Security Pack with Remote Forwarder 2 The Simple Network Management Protocol (or SNMP) is the standard operations and maintenance protocol for the Internet. The Internet Engineering Task Force promoted the SNMPv3 protocol to full standard in 2002. This latest version of the SNMP protocol provides secure network management that goes beyond monitoring. Dr. Jeff Case, our founder, is a recognized industry leader in the development of the SNMP protocols and his company, SNMP Research, is a name synonymous with secure Internet and network management based on industry standards. Internet Protocol version 6 (IPv6) is a network layer protocol for packet switched networks. IPv6 is designated as the successor of the current Internet Protocol (IPv4). There are published government directives today requiring deployment for IPv6 in 2008. The Internet Protocol is the network communication layer that provides transport for SNMP protocol messages. IPv6 support is included in SNMP Research core products on supported operating systems. Our Distributed SNMP Security Pack with Remote Forwarder is an example of our implementation of Secure Internet Management using the SNMP protocols. The DSSP product family will be covered in greater detail later. 2

Secure Internet Management with SNMPv3 Protocol Authentication What: Purported sender is in fact the sender How: MD5 or SHA-1 hash functions Privacy What: Message interpreted only by sender and recipient How: AES, DES and 3DES encryption algorithms Administration What: Protection level on a transaction by transaction basis How: Reconfiguration rather than redeployment 3 The SNMPv3 Protocol is an important enabling technology for Secure Internet Management. By authentication, we mean the purported sender of a message is in fact the sender. Hashing techniques such as MD5 or SHA-1 are employed. By privacy, we mean the message is understood only by the sender and the recipient. Encryption algorithms supported are DES, 3DES and AES. By administration, we mean network administrators have the potential for transaction by transaction protection. Network reconfiguration can be accomplished in real time without redeployment. In short, with SNMPv3 protocol, network communications occur between recognized entities, the messages are understood only by the proper entities and network administrators have real time control of network operations. 3

IPv6 talk over Manager BRASS talk about Agents EMANATE CIAgent 4 Let s focus for a moment on the IPv6 Internet Protocol. The icon on your left, marked BRASS, represents a network manager application installed on a server. The icon on your right, marked EMANATE, represents the multiple devices in your network with a SNMP agent installed. The communication link between the network manager application and network devices is the Internet Protocol IPv6. We recognize two forms of communication: talk over and talk about. Talk over means the SNMP agent can receive and respond to SNMP messages that are sent to it on an IPv6 transport. Talk over also means that the SNMP agent can transmit notifications to IPv6 addresses. Talk about means that information about IPv6 interfaces and network activity is exposed by the agent in SNMP MIB objects. More on MIB objects in a moment. 4

IPv6 talk over Manager BRASS talk about Agents EMANATE CIAgent Linux Windows Solaris HP-UX VxWorks RTOS (Interpeak Stack) 5 BRASS is our Management Application Toolkit that provides the facilities to create SNMP management applications. BRASS has been used to create our Distributed SNMP Security Pack, an application that incorporates the SNMP v3 protocol for industry applications such as HP OpenView, IBM NetView and Concord ehealth. EMANATE is our SNMP agent development product. EMANATE is a recognized industry standard that has been licensed by companies such as CISCO, Lucent Technologies, and Siemens. BRASS and EMANATE are available on the major open operating systems (Windows, Solaris, LINUX, HP/UX, AIX). EMANATE in source form has been deployed on over 30 major embedded systems, including VxWorks, MontaVista, embedded Linux. 5

Talk Over IPv4 vs. IPv6 32-bit IPv4 address XXX XXX XXX XXX XXX = 8 bits (Resulting in 4,294,967,296 unique IP addresses) 128-bit IPv6 address Network prefix (Describes network location) Interface ID (Provides unique identifying number) XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX = 16 bits (Resulting in 340,282,366,920,938,463,374,607,432,768,211,458 unique IP addresses) 6 The Internet Engineering Task Force (IETF) became aware of the shortage of IPv4 addresses over a decade ago. IPv6 addresses this shortage. With current IPv4 deployment, the address space is limited to around 4 billion unique IP addresses. IPv6 exponentially increases the address space by employing a 128-bit address. Remember, talk over means the IPv6 network addresses are recognized by SNMP agents and managers. 6

IPv6 Talk About Managed Objects (MIB) supported by SNMP Research * IF-MIB (RFC 2863) * INET-ADDRESS-MIB (RFC 4001) * IP-MIB (RFC 4293) * TCP-MIB (RFC 4022) * UDP-MIB (RFC 4113) * IP-FORWARD-MIB (RFC 4292) Request For Comments (RFC) documents available at www.ietf.org 7 Remember, from our earlier comments, that talk about means the SNMP agent exposes the IPv6 interfaces and network activity (termed managed objects) supported by the installed operating system. The definitions of these managed objects are found in Management Information Base documents (termed RFCs) published by the IETF. Operating systems that support IPv6 managed objects at some level are Linux, Windows, HP-UX 11i, and Solaris. Consult your vendor for specific information. For complete details about SNMP Research's "talk about" IPv6 extensions for a specific platform, contact SNMP Research and request the AGENT- CAPABILITIES statement for that particular operating system. 7

IPv6 128-bit IPv6 address Network prefix (Describes network location) Interface ID (Provides unique identifying number) XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX = 16 bits (Resulting in 340,282,366,920,938,463,374,607,432,768,211,458 unique IP addresses) Talk About: EMANATE agent receives/sends SNMP messages in IPv6 packets Talk Over: EMANATE agent supports IPv6 managed objects (MIBs) implemented by operating system 8 To review briefly, IPv6 extends the available address space for networks exponentially by using the 128- bit address space, Talk over means the SNMP agent can receive and send SNMP messages in an IPv6 packet, and Talk about means the SNMP agent supports IPv6 managed objects (called MIBs) implemented by the resident operating system 8

Supports SNMPv1, SNMPv2c, and SNMPv3 Agents EMANATE CIAgent Supports IPv6 * talk over is platform independent * talk about is platform dependent Linux Windows HP-UX Solaris VxWorks Real Time OS Provides Master Agent/Subagent Development Architecture EMANATE Options: CLI Web Interface XML Java 9 A key component in implementing Secure Internet Management is a robust SNMP agent development toolkit. As emphasized earlier, the SNMP Research EMANATE product is a recognized industry standard for agent development. Specifically, EMANATE supports the SNMP version 1 and version 2c protocols for legacy applications and SNMP v3 protocol for advanced security features including authentication, privacy and network administration with dynamic deployment. IPv6 support is available with our current EMANATE release and active development continues to keep pace with Ipv6 releases by the industry operating systems for both talk over and talk about features. EMANATE produces the effect of multiple SNMP agents on a single platform through a modular and extensible master agent/subagent architecture. This architecture permits dynamic loading and unloading of subagents during run time. Need a Command Line Interface or a web-based management interface for access to the MIB object data? How about support for XML or Java. These features are available with EMANATE. 9

DSSP Internet Management Appliance-RF is available for AIX, HP-UX, Linux, Solaris, and Windows. 10 Let s now turn to our final topic, SNMP Research s BRASS management application represented here by our Distributed SNMP Security Pack. There are three products in the DSSP family: To your left, behind the red firewall, the DSSP Server provides support for SNMPv3 protocol to applications that do not natively support the SNMPv3 protocol. Industry applications such as IBM Netview, HP OpenView and Concord ehealth are integrated with the DSSP Server to add SNMPv3 protocol support. The DSSP Remote Forwarder (upper right on your screen) will establish secure connections for SNMP managers through firewalls to all SNMP agents. The DSSP Remote Forwarder working with the DSSP Server enables network administrators to use the SNMP protocols for monitoring and control throughout their networks. The DSSP Internet Management Appliance-RF (lower right) provides the DSSP Remote Forwarder application pre-installed on an embedded Linux platform. This newest member of the DSSP product family provides network administrators with the option of installing the DSSP Remote Forwarder application on an existing platform or on the stand alone embedded Linux appliance. 10

DSSP Remote Forwarder Supports SNMPv1, SNMPv2c, SNMPv3 protocols Uses encrypted TCP tunnels through firewalls AIX, HP-UX, Linux, Solaris, and Windows DSSP Internet Management Appliance-RF DSSP Remote Forwarder Pre-installed on embedded Linux platform DSSP Server Product Line Secure solution for network managers SNMP protocols in multi-site networks 11 Our DSSP Remote Forwarder and DSSP Internet Management Appliance-RF offer these benefits for network management: Secure communication for multi-site networks SNMPv1 and v2c support for legacy systems and SNMPv3 protocol for advanced security These products are available on industry standard operating systems And offer deployment on existing servers or on a stand alone embedded Linux appliance. 11

12 Thank you for visiting with SNMP Research today. 12

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information