Page 38 - CITS - Computer Software Application -TT
P. 38

COMPUTER SOFTWARE APPLICATION - CITS




           These three concepts are closely interconnected
           •  Security and Control: Security measures include controls that are designed to safeguard systems and data.
              Access  controls,  authentication  mechanisms,  encryption,  and  authorization  processes  are  examples  of
              security controls.
           •  Security and Monitoring: Monitoring is essential to detect security breaches or unusual activities. Intrusion
              detection systems, security information and event management (SIEM) systems, and network traffic analysis
              tools are used to monitor and identify potential security threats.
           •  Monitoring and Control: Monitoring provides real-time data and insights that are used to implement control
              measures. For instance, if a server’s performance metrics indicate high resource utilization, a control action
              might involve reallocating resources to maintain optimal performance.


            SNMP V2 and V3, RMON, RMON2


           SNMP,  which  stands  for  Simple  Network  Management  Protocol,  was  developed  in  1988  by  a  consortium  of
           university researchers. Its primary purpose was to offer monitoring capabilities for devices connected across
           TCP/IP-based networks. Just two years later, in 1990, SNMP earned recognition as an internet standard from the
           Internet Architecture Board (IAB).
           The  SNMPv2  protocol  standards  introduced  several  endeavors  to  tackle  the  security  concerns  inherent  in
           SNMPv1. These efforts included the introduction of various security models like the party-based SNMPv2p, user-
           based SNMPv2u, and the community-based SNMPv2c.
           Despite these initiatives not completely rectifying the critical security issues, SNMPv2 did bring about several
           enhancements  over  SNMPv1.  Notably,  it  improved  data  retrieval  capabilities  through  the  inclusion  of  SNMP
           GETBULK  operations.  Moreover,  SNMPv2  retained  the  community-based  security  approach  established  by
           SNMP.
           SNMP V3
           In the late 1990s, SNMPv3 was conceived, and by December 2002, it was ratified as a standard.
           This version is delineated across RFCs 3410 to 3415. While SNMPv3 retains the fundamental SNMP management
           system and operations from SNMPv1 and SNMPv2, it introduces a comprehensive security architecture.
           This  architecture  is  designed  in  a  modular  fashion,  allowing  specific  components  to  be  enhanced  without
           necessitating a complete overhaul.
           SNMPv3’s framework encompasses several models:
           1  Message Processing Model (SNMPv3)
           2  User-Based Security Model
           3  View-Based Access Control Model

           This framework is structured to support multiple models concurrently and to facilitate gradual replacements over
           time. For instance, although SNMPv3 introduces a new message format, it still supports messages created in
           SNMPv1 and SNMPv2c formats. Similarly, the user-based security model can coexist with the previously used
           community-based models. Additionally, SNMPv3 incorporates significant protocol updates
           1  Enhanced  Notification  Support:  SNMPv3  introduces  a  new  notification  type  called  INFORM.  This  type
              resembles a TRAP but requires acknowledgment. If acknowledgment is absent, the INFORM is retransmitted.
           2  Trap Filtering: SNMPv3 allows filtering of TRAPs at the sender’s end.
           3  Dynamic Configuration: SNMP agents in SNMPv3 can be dynamically configured using MIB modules defined
              in RFC 3584 and RFCs 3411 through 3415
           SNMP utilizes port numbers 161 and 162 for transmitting instructions and messages. Specifically, the SNMP
           agent employs port 161, while the SNMP manager operates through port 162.





                                                           25

                              CITS : IT&ITES - Computer Software Application - Lesson 01-17
   33   34   35   36   37   38   39   40   41   42   43