1. Technical Field
The present invention relates generally to an improved method and an apparatus for configuring the Simple Network Management Protocol (SNMP) agent. Still more particularly, the present invention provides a method and an apparatus for configuring community-based access like that found in SNMPv1 (version 1) within the user-based security model of SNMPv3 (version 3).
2. Description of the Related Art
The Simple Network Management Protocol (SNMP) is a widely used network monitoring and control protocol. SNMP agents report information from various network components, such as hubs, routers, and bridges, to a management workstation console used to manage the network. This information is contained in a Management Information Base (MIB), which is a data structure that defines what information is obtainable from the network component and what can be controlled by the network component.
Versions 1 and 2 of SNMP (SNMPv1 and SNMPv2) used a community-based security model based on a shared, unencrypted community string. This string acts as both a user and password for the community-based SNMP session. Because this string is unencrypted, it is possible for an intruder to intercept this string and discover or disrupt the network configuration. This security loophole is corrected in version 3 (SNMPv3) by moving to the user-based security model. Although this new model is more secure, it is also much more complex and many network managers familiar with using SNMPv1 may find it very difficult to use the new model.
Therefore, it would be advantageous to have a method and an apparatus that allows the simplicity of use of the community-based model and, at the same time, matches the requirements of the user-based model. This simplified user interface and mapping enables a network manager to process information in a fashion similar to SNMPv1 but to use the more robust SNMPv3 software underneath.
The present invention provides a method and an apparatus for converting configuration information input in a format for a first version of a management protocol into configuration information for a second version of the management protocol. In particular, a method and apparatus for converting Simple Network Management Protocol version 1/2c (SNMPv1/v2c) style community-based access configuration information into user-based access information for configuring a SNMPv3 agent is provided. The method and apparatus make use of various graphical user interfaces to allow a user to enter configuration information in a format with which the user is familiar. The method and apparatus of the present invention then maps the configuration information into a format used by the device being configured.