Sun Management Center 3.6 servers that support encryption can be set up to support agents dynamically regardless of whether those agents support encryption. This feature is called auto-negotiate and can be set to on or off.
When you set the auto-negotiate feature to off, you ensure that the server always uses encryption when initiating communication with agents. Environments with strict security policies might prefer this set up. If you set auto-negotiate to off:
If the agent supports encryption, the agent understands the encrypted SNMP messages.
If the agent does not support encryption, the agent does not understand the encrypted message. Thus, a timeout occurs and a console message states, “Agent is not responding.” The timeout is recorded in the agent log.
When you set the auto-negotiate feature to on, the server encrypts its SNMP communication with an agent only if the agent supports encryption. As a result, one of the following events occurs:
If the agent supports encryption, the agent understands the encrypted SNMP messages.
If the agent does not support encryption, the SNMP messages are only authenticated and not encrypted.