Simple Network Management Protocol versions 1 and 2 (SNMPv1 and SNMPv2c) have only a trivial security mechanism 1. The security implementation of SNMPv1 and SNMPv2c is based on the community system where a community name functions both as a password for authentication and access control system. However, due to the simplistic design of the system, the community name is sent as plain-text over the network. This might have been acceptable if implemented solely on a trusted local area network, but today's networks are widely distributed and are linked via many bridges and routers that might be exposed to eavesdropping. Therefore, the security for SNMPv1 and SNMPv2 is impractical in a large and exposed network. SNMPv3 addressed the security issue that was limiting the previous two versions 2,3 but the implementation is complex and requires a significant change in the design of the agent and manager. There is already a large deployed base of SNMPv1 and SNMPv2 systems and it would be difficult to upgrade these systems to SNMPv3. This is reflected in the low deployment rate of SNMPv3 to date.
展开▼
