Skip to Main content Skip to Navigation
Conference papers

Radius-Based SNMP Authorization

Vincent Cridlig 1 Radu State 1 Olivier Festor 1 Jean-François Leroy 2
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : The security of the management plane is an important challenge in large networks, where multiple and heterogeneous devices have to be managed in a secure way using different management frameworks (CLI, SNMP, or XML based management). Each of these frameworks comes with its own specific security mechanisms (SNMP with USM/VACM, CLI with TACACS/RADIUS/exec mode), such that the security settings of the overall management plane must be individually adapted to each of them. This is a complex task in even moderate sized network, having major shortcomings in terms of scalability and coherent configuration practice. This paper details some of the practical experience learned, while we extended the SNMP framework with a RADIUS based authorization scheme. We propose in this paper an extension to SNMP agents capable to integrate the authorization of managers within a larger RADIUS based enterprise level security architecture. Our implementation was built on top of the NET-SNMP framework, and is available under the Open Source license
Complete list of metadata

https://hal.inria.fr/inria-00000214
Contributor : Vincent Cridlig <>
Submitted on : Tuesday, September 13, 2005 - 4:32:58 PM
Last modification on : Friday, February 26, 2021 - 3:28:04 PM

Identifiers

  • HAL Id : inria-00000214, version 1

Collections

Citation

Vincent Cridlig, Radu State, Olivier Festor, Jean-François Leroy. Radius-Based SNMP Authorization. 9th IFIP/IEEE International Symposium on Integrated Network Management - IM 2005 Application Session, May 2005, Nice, France. ⟨inria-00000214⟩

Share

Metrics

Record views

204