Businesses and individuals rely upon data networks for communications and the exchange of information. Today, personal computers, mobile computing computing devices, personal data units, servers, storage devices, and printers are either directly or wirelessly connected to local area networks (LANs). These LANs, together with metropolitan area networks (MANs), wide area networks (WANs), and the Internet enable users to readily gain access to, exchange, download, and archive data of all types (e.g., sound, text, numerical data, video, graphics, multi-media, etc.) from other networked computers, databases, and websites.
In order to communicate over a network, a device coupled to the network typically includes a network transceiver which transmits data packets generated by the networked device over the network and which also receives data packets destined for that network device from the network. For example, a printer can be coupled to a network by installing an internal network card (e.g., JetDirect™ manufactured by Hewlett-Packard™). By installing a network card, the printer is no longer dedicated to a single PC. Anyone coupled to the network can potentially use that network printer to print his or her documents.
When a device is coupled to a network, the network device must initially be properly configured and then subsequently managed and monitored. This task is often accomplished through the use of specialized network management software. A widely accepted protocol adopted by many network management software is known as the Simple Network Management Protocol (SNMP). SNMP refers to a simple request/response protocol that communicates management information between two types of SNMP software entities: SNMP applications (also known as SNMP managers) and SNMP agents. Typically, SNMP applications run in a network management station and issue queries to gather information about the status, configuration, and performance of external network devices (commonly referred to as network elements). Meanwhile, SNMP agents run in network elements and respond to network management station queries. In addition, agents send unsolicited reports back to the network management station when certain network activity occurs.
For security reasons, the SNMP agent validates each request from an SNMP manager before responding to the request, by verifying that the manager belongs to an SNMP community which has the proper access privileges to the agent. By definition, an SNMP community establishes a logical relationship between an SNMP agent and one or more SNMP managers. The community has a name, and all members of a community have the same access privileges: either read-only (i.e., members can view configuration and performance information) or read-write (i.e., members can view configuration and performance information, and also change the configuration. All SNMP message exchanges consist of a community name and a data field, which contains the SNMP operation and its associated operands. The SNMP agents are typically configured to receive requests and send responses only from managers that are members of a known community. If the agent knows the community name in the SNMP message and knows that the manager generating the request is a member of that community, it considers the message to be authentic and gives it the access allowed for members of that community. In theory, the SNMP community prevents unauthorized managers from viewing or changing the configuration of a network device.
Unfortunately, in SNMPv1, the community name is broadcast over the network in plain text. This poses a serious security risk because unauthorized parties can snoop, sniff, trace, or otherwise intercept and obtain the unencrypted, plain text community name during startup, configuration, or any general communication between the manager and agent. Once the community name is exposed, the entire network is susceptible to being hacked, corrupted, and having its sensitive, proprietary data contained thereon compromised.
In an effort to close this serious security flaw inherent with SNMPv1, some vendors have resorted to implementing default accounts for the purposes of initializing security parameters. But hackers can nonetheless, reverse engineer from default accounts, any new accounts or modifications. Indeed, such default account schemes actually increase the vulnerability of network security were default security accounts to be hard-coded into a network device. Other vendors have attempted to control access by implementing an access control list which only provides set access control information based on the IP address of known, authorized clients. However, this approach fails to prevent unauthorized parties from spoofing or fraudulently assuming the IP address of an authorized client and gaining access thereby. Another prior art approach entails the use of a Secure Socket Layer (SSL). Although SSL provides a relatively high level of security, it is quite cumbersome to set up and requires a high degree of sophistication and specific, technical know-how to put in place. In another prior art approach, vendors have provided network devices with point-to-point interfaces, such as a terminal or USB connector, designated to configure accounts. Adding physical interfaces for this purpose increases that product's costs, which is disadvantageous. Another similar prior art approach entails using a front panel display to configure accounts. Again, this prior art approach is not ideal because the front panel space is limited; besides which, it adds cost, complexity, and is overly cumbersome.
Therefore, there is a need in the prior art for a method and apparatus for initializing security information on a network device. It would be highly preferable if such a method and apparatus could improve network security and yet be cost-effective and easy to use and implement. The present invention provides unique, novel solutions which meet these needs.