The IP address restrictions you're talking about apply to both v1 and v2c. If you intend to set up view-only accounts, you can configure them just as easily with 2c as you can with 1 in snmpd.conf. I'd stick with 2c unless you have a real reason to use 1, and I don't belief this qualifies.
It is worth mentioning that USM and VACM, which are only available in v3, allow you to remotely push user accounts and ACLs. It takes some more time to learn of course, and doesn't fit in to your immediate plans, but it's *very* nice if you ever get to a point where you want to protect certain subsets of SNMP information and not make the entire OID tree publicly readable. -Davin McGowen, Wendy wrote: > I’ve implemented the first round of our SNMP agents – we’ll be > supporting get’s only, along with traps; no set’s will be supported for > the first release. > > > > We’ll be allowing the user to configure the SNMP security through our UI > (which does NOT use SNMP), so we’re hoping to keep it as simple as > possible. I’ve been testing with what I guess is called “v2” security – > where you have to list IP addresses of clients, put them in groups with > specific access, etc. (I haven’t even attempted the “v3” stuff yet). But > management is wondering if we could make it even simpler for the > customer, and step back to “v1”, which I guess is nothing more than a > community string and either “read” or “read/write” access. > > > > So my question is, is it “okay” to use the simplest security model (and > the least secure) if you’re going to have view only data? Or are most > SNMP customers going to want a more secure model? Again, we aren’t ready > to move to the latest and greatest yet (we want to have a better feel > for SNMP in general before we go down that path), so at best it would be > the “v2” stuff. > > > > Thanks! > > > > ~ Wendy > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > Check out the new SourceForge.net Marketplace. > It's the best place to buy or sell services for > just about anything Open Source. > http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace > > > ------------------------------------------------------------------------ > > _______________________________________________ > Net-snmp-users mailing list > [email protected] > Please see the following page to unsubscribe or change other options: > https://lists.sourceforge.net/lists/listinfo/net-snmp-users ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Net-snmp-users mailing list [email protected] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
