SNMPv3 provides a modular structure that allows for specific subsystems to be used for certain tasks . This approach is in line with the increasing trend toward component technology (we discuss this later, but for now just think of components as real-world mini-objects that are embodied in software. Components are joined together to form more complex entities, such as VLANs, virtual connections made up of Ethernet cross-connections joined across an ATM/MPLS core network, etc.). Broadly speaking, an SNMPv3 entity consists of two main components:
Our discussion of SNMPv3 is more of an overview than a detailed description. The latter can be found in [Zeltserman1999]. SNMPv3 EngineThe SNMPv3 engine is made up of four subcomponents:
Two important points to note about the engine subcomponents are that they:
The SNMPv3 architecture is flexible and modular. It remains to be seen whether this facility will be used over time, but one area where change is quite likely is that of security. Another security model could be added to the architecture by extending the security subsystem and adding an extra value in the security model number field (as illustrated in Figure 2-1 with the MessageSecurity parameter). Such a change would require a potentially costly software upgrade, but the benefits of extra security may become a necessity. Figure 2-1. SNMPv3 message format.
|