Advertisement

Performance Analysis of SNMP over SSH

  • Vladislav Marinov
  • Jürgen Schönwälder
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4269)

Abstract

There have been several attempts in the past to secure the Simple Network Management Protocol (SNMP). Version 3 of the SNMP protocol introduced a User-based Security Model (USM) which comes with its own user and key-management infrastructure. However, many operators are reluctant to introduce a new user and key management infrastructure just to secure SNMP. This paper describes how the Secure Shell (SSH) protocol can be used to secure SNMP and it provides a performance analysis of a prototype implementation which compares the performance of SNMP over SSH with other secure and insecure versions of SNMP.

References

  1. 1.
    Case, J., Mundy, R., Partain, D., Stewart, B.: Introduction and Applicability Statements for Internet Standard Management Framework. RFC 3410 (December 2002)Google Scholar
  2. 2.
    Blumenthal, U., Wijnen, B.: User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3). RFC 3414 (December 2002)Google Scholar
  3. 3.
    Ylonen, T., Lonvick, C.: The Secure Shell (SSH) Protocol Architecture. RFC 4251 (January 2006)Google Scholar
  4. 4.
    Harrington, D., Presuhn, R., Wijnen, B.: An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks. RFC 3411 (December 2002)Google Scholar
  5. 5.
    Harrington, D., Schönwälder, J.: Transport Mapping Security Model (TMSM) Architectural Extension for the Simple Network Management Protocol (SNMP). Internet Draft (work in progress) <draft-ietf-isms-tmsm-03.txt> (June 2006)Google Scholar
  6. 6.
    Harrington, D., Salowey, J.: Secure Shell Security Model for SNMP. Internet Draft (work in progress) <draft-ietf-isms-secshell-02.txt> (June 2006)Google Scholar
  7. 7.
    Morgan, A.G.: The Linux-PAM Application Developers’ Guide. Technical report (November 1999)Google Scholar
  8. 8.
    McCloghrie, K., Kastenholz, F.: The Interfaces Group MIB. RFC 2863 (June 2000)Google Scholar
  9. 9.
    Presuhn, R.: Management Information Base (MIB) for the Simple Network Management Protocol (SNMP). RFC 3418 (December 2002)Google Scholar
  10. 10.
    Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.1. RFC 4346 (2006)Google Scholar
  11. 11.
    Du, X., Shayman, M., Rozenblit, M.: Implementation and Performance Analysis of SNMP on a TLS/TCP Base. In: Proc. 7th IFIP/IEEE International Symposium on Integrated Network Management, Seattle, pp. 453–466 (May 2001)Google Scholar
  12. 12.
    Corrente, A., Tura, L.: Security Performance Analysis of SNMPv3 with Respect to SNMPv2c. In: Proc. 2004 IEEE/IFIP Network Operations and Management Symposium, Seoul, pp. 729–742 (April 2004)Google Scholar
  13. 13.
    Schönwälder, J.: SNMP Traffic Measurements. Internet Draft (work in progress) <draft-irtf-nmrg-snmp-measure-00.txt> (May 2006)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2006

Authors and Affiliations

  • Vladislav Marinov
    • 1
  • Jürgen Schönwälder
    • 1
  1. 1.Computer ScienceInternational University BremenBremenGermany

Personalised recommendations