SNMP Research International, Inc.

Secure Your Network

For More Information

The (D)TLS Option for SNMP Agents

SNMP Research offers solutions supporting Simple Network Management Protocol operations over Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). SNMP Research's (D)TLS option provides secure SNMPv3 communication that uses public-key cryptography and X.509 certificates as an alternative to the private-key cryptography required by the SNMPv3 User-Based Security Model (USM). SNMP Research's (D)TLS option makes it easier to integrate SNMP network management into X.509 public key infrastructures.

SNMP over TLS and DTLS provides comparable security to SNMPv3 with USM while leveraging existing investments in X.509 public key infrastructures. SNMP over TLS and DTLS offers the following security features (similar to the User-based Security Model).

Organizations may consider implementing SNMP over TLS and DTLS if they:

Why? Because SNMPv3 users, applications, and devices must be configured to communicate securely. The User-based Security Model secures SNMPv3 with usernames that have localized keys configured on agents and corresponding passwords configured on managers. SNMP over TLS and DTLS provides comparable security to USM, but uses X.509 certificates stored on agents and managers rather than usernames and passwords. If an organization is already required to use X.509 certificates, it makes sense to also enable SNMP-manageable network devices and managers to use X.509 certificates, as well. However, secure SNMPv3 can be achieved without requiring X.509 certificates or establishing a public-key infrastructure. The SNMPv3 User-based Security Model provides sufficient security for organizations that do not need to use TLS or DTLS. While SNMP Research supports TLS and DTLS by providing the (D)TLS option, we emphasize that the security provided by the SNMPv3 Framework is comparable whether using usernames and passwords or X.509 certificates.

SNMP Research presently supports the (D)TLS specifications published in these RFCs:

Packaging

SNMP Research offers solutions that unlock the full potential of the SNMPv3 architecture, including public-key security with Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). SNMP Research makes software development and configuration easier by providing working examples, valid configuration files, and sample certificates for testing. Network managers can bring SNMP users, applications, and devices under the umbrella an X.509 public key infrastructure easier using SNMP Research's (D)TLS-enabled SNMP agents and Subagent Development Toolkits. The (D)TLS option can be licensed with SNMP Research's Agent Products:

Sales Inquiries

For more information, please call +1 865 579-3311, or send email to info@snmp.com. You can also fill out a Sales Query and one of our sales people will respond to your request quickly.

Licensing terms are available from info@snmp.com.