SNMPv1 and SNMPv2c provide no encryption and use community strings as a form of authentication. Community strings are sent in clear text over the network and are usually shared across a group of individuals, rather than being private to an individual user. SNMPv3, conversely, uses encryption to provide a secure channel as well as individual user names and passwords. SNMPv3 user passwords are localized so that they can be stored securely on management stations.
SNMPv1, SNMPv2c, and SNMPv3 are all supported by Oracle ILOM and can be enabled or disabled separately. In addition, “sets” can be enabled or disabled to provide an additional layer of security. This configurable option determines whether the SNMP service will allow configurable SNMP MIB properties to be set. Disabling sets effectively makes the SNMP service useful for monitoring only.
By default, SNMPv1 and SNMPv2c are disabled. SNMPv3 is enabled by default, but requires creating one or more SNMP users prior to use. There are no preconfigured SNMPv3 users.
To configure SNMP management in Oracle ILOM, see the following web-based instructions.
Before You Begin
For Increased SNMP security, use SNMPv1 and SNMPv2c only for monitoring and do not enable “sets” when these less secure protocols are enabled.
SNMP sets should only be enabled for SNMPv3 management. The SNMP Set property is disabled by default.
SNMPv3 sets require the configuration of SNMPv3 user accounts. Preconfigured SNMPv3 user accounts are not provided.
The SNMP service State property is enabled by default.
Admin role (a) privileges are required to modify the SNMP properties.
User management (u) privileges are required to add or modify SNMPv3 user accounts.
For instance:
For further instructions, see the documentation listed in the Related Information section of this procedure. For users running firmware version 3.2 or later, click the More details link in the SNMP page for additional information.
Oracle's Sun MIBs that support configurable objects and where “sets” are applicable are as follows:
SUN-HW-CTRL-MIB – This MIB is used to configure hardware policies, such as power management policies.
SUN-ILOM-CONTROL-MIB – This MIB is used to configure Oracle ILOM features, such as creating users and configuring services.