1. Field of the Invention
The present invention relates to a network device management apparatus and system configured to securely manage a network device using a network device management protocol, and a network device management method.
2. Description of the Related Art
In recent years, there has been increasing interest in security in network environments. This is also true for network device management environments associated with printers, multifunction devices, or other devices on a network. In network device management, SNMP (Simple Network Management Protocol) is widely used. As a new version of SNMP, version 3 has appeared which provides an enhanced security function. Note that version 1 and version 2 of SNMP, which are lower versions of SNMP version 3, are still used. In many cases, it is becoming increasingly common to use a secure protocol such as IPSec in communication between a management apparatus and a network device. In such a technological situation, there has appeared a technique of managing network devices in accordance with an optimum policy by using the security function described above.
Note that IPSec refers to a communication protocol having the capability of preventing data from being tampered with and the capability of concealing data by using an encryption technique, for each IP packet.
Conventionally, as a method of securely managing network devices using a network device management protocol, it is common to monitor a network environment and dynamically apply an optimum security policy depending on an operating condition (see Japanese Patent Laid-Open No. 2004-236030). This method has an advantage that it is possible to apply the security policy to all network devices that satisfy a particular criterion, and thus it is possible to efficiently perform secure network device management.
Japanese Patent Laid-Open No. 2005-101741 discloses a technique to achieve device management with proper security by applying different security policies for two phases, i.e., a phase in which searching for network devices is performed, and a phase in which the network devices are controlled.
In the conventional technique described above, the secure network device management is achieved by properly changing, with a management apparatus, the security policy depending on the network status or the monitor phase.
However, in the conventional technique, a user has to manually change the setting depending on a security level required in the network device management performed by the management apparatus.