I see this on the Cisco CSR 1000v that I am using to test my application:
csr1000v-133(config)#snmp-server user someUser someGroup v3 auth md5 secretDontTell priv ? 3des Use 168 bit 3DES algorithm for encryption aes Use AES algorithm for encryption des Use 56 bit DES algorithm for encryption As far as I can tell, though, 3DES is a non-standard Cisco-specific enhancement. DES is covered in RFC 3414, and AES in RFC 3826.
My questions:
1. How popular/prevalent is the use of 3DES as the encryption protocol in SNMPv3?
2. How are third-party NMS vendors expected to operate with a Cisco device that is configured for 3DES, given that it is not standardized?
Background: I am writing an application that uses the Net-SNMP library to talk SNMP to the device, and Net-SNMP does not support 3DES.
No comments:
Post a Comment