SNMP USEC Demonstration Shows That SNMPv2 Security Is Ready.WASHINGTON--(BUSINESS WIRE)--Jan. 22, 1996--At ComNet '96 to be held here Jan. 30 - Feb. 1, Epilogue Technology Corporation and other leading SNMP (Simple Network Management Protocol) A widely used network monitoring and control protocol. Data are passed from SNMP agents, which are hardware and/or software processes reporting activity in each network device (hub, router, bridge, etc. implementors will jointly demonstrate the proposed User-based Security Model (USEC USEC Microsecond USEC United States Enrichment Corporation USEC United States East Coast USEC Unity Security Force (gaming) USEC Universal Services Echo Canceller USEC Umts Security USEC User Based Security Model ) extension to the SNMPv2c, the current release of the Simple Network Management Protocol approved in December. The demonstration will be conducted across the ComNet show network and will include USEC network management agents in the Epilogue Technology booth providing secure SNMP data to independently developed USEC-compliant management applications implemented by IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) and others. The demonstration will show how simple it is to deploy and maintain a secure network management infrastructure using the current proposed USEC extension to SNMP. IBM will provide USEC support they have added to a NetView network management station running in their booth, which will interoperate with USEC-compliant SNMP agents from both Epilogue Technology and Glenn Waters of Bell-Northern Research Bell-Northern Research (BNR) was one of the world's premier research and development organizations in telecommunications, jointly owned by Bell Canada and Nortel Networks (then known as Northern Telecom). , the original author of USEC, running in the Epilogue booth. In addition, USEC-compliant management applications written using the openly available SNMPTcl package running in the Epilogue booth will also interoperate with agents in both the Epilogue and IBM booths. (SNMPTcl is written by Marshall Rose Marshall T. Rose is a network protocol and software engineer, author and speaker who has contributed to the Internet Engineering Task Force (IETF), the Internet, and Internet and network applications. of Dover Beach Dover Beach (1867), is the most famous poem by Matthew Arnold and is generally considered one of the most important poems of the 19th century.[1] It was first published in the collection New Poems. Consulting and Keith McCloghrie of Cisco Systems “Cisco” redirects here. For other uses, see Cisco (disambiguation). Cisco System,Inc. (NASDAQ: CSCO, HKSE: 4333 ) is an American multinational corporation with 54,000 employees and annual revenue of US $28.48 billion as of 2006. , two of the original authors of SNMP and SNMPv2.) Using a dynamic password-to-key algorithm that derives cryptographic key information, the demonstration will show how USEC can extend the current SNMP standard to safely and simply augment the security to network management. "Transaction security in SNMPv2 has become a point of contention in recent months," noted Marshall Rose of Dover Beach Consulting, one of the co-authors of USEC. "This demonstration clearly shows that USEC is ready to implement today to add security to SNMPv2. It will also demonstrate that USEC is easy to deploy, simple to use, and provides agent-friendly network management in keeping with the philosophy of SNMP." Rose and other members of the Internet Engineering Task Force (c/o Corporation for National Research Initiatives (CNRI), Reston, VA, www.ietf.org) Founded in 1986, the IETF is a non-membership, open, voluntary standards organization dedicated to identifying problems and opportunities in IP data networks and proposing technical solutions to the (IETF See Internet Engineering Task Force. IETF - Internet Engineering Task Force ) have been developing and refining USEC since last May. The most recent lab tests of USEC, conducted at the IETF meeting in December, were very successful and according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Rose and other IETF members, the USEC security scheme proved itself to be both easy to use and extremely portable. At ComNet, USEC will be demonstrated along with SNMPv2. SNMPv2 is the most recent IETF-approved community standard which includes all the administration functionality of SNMPv1 and the new mechanisms of SNMPv2, but without security. USEC extends SNMPv2c through an upgraded administrative infrastructure which incorporates security. Three independently developed USEC implementations will be shown to interoperate, thus demonstrating the universal compatibility of the emerging USEC standard. "We were delighted to discover how easy it was to implement USEC as part of our Envoy SNMP agent," said David Preston, President of Epilogue Technology. "This demonstration shows how easy it is for independent SNMP developers to create interoperable SNMPv2 applications that provide real security. Clearly, USEC is ready to deploy as part of SNMPv2 today." The USEC security model is designed to provide a simple yet robust authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. scheme centered on the SNMP agent for network management security. USEC supports three aspects of authentication: replay protection, message integrity, and origin identity. Replay protection is designed to prevent an intruder from capturing an SNMP packet for use at a later time, such as a command to reboot To reload the operating system, which restarts the computer. See boot. (operating system) reboot - (From boot) A boot with the implication that the computer has not been down for long, or that the boot is a bounce intended to clear some state of wedgitude. See warm boot. a router. Message integrity ensures that the content of a packet cannot be changed without detection, e.g. changing a command to dump the routing tables to a command to modify the routing tables. Origin identity ensures that the identity of the originator of an SNMP operation is who he or she appears to be. To provision USEC, the system operator first creates a user identity that is associated with a password. From the password, a cryptographic key is automatically derived. The management station will then be able to enter into a low-level interaction with the agent to establish a secure network management environment, first using authentication to establish communication, then synchronizing synchronizing, n a technique that a therapist uses to coordinate his or her breath with that of the client; builds trust and establishes relationship. the station and agent clocks to prevent replay attacks and attaching cryptographic checksums using the Keyed-MD5 algorithm. The result is a secure SNMP communication channel. Anyone interested in more information about SNMP USEC can get it from the Internet at http://www.simple-times.org/pub/simple-times/usec/. Epilogue Technology Corporation specializes in developing and marketing standards-based network management and protocol software products and support services support services Psychology Non-health care-related ancillary services–eg, transportation, financial aid, support groups, homemaker services, respite services, and other services to computer OEMs and computer systems manufacturers. Epilogue has licensed its products to more than 200 companies to date, including 3Com, Chipcom Corporation, IBM, Network General Corporation, Northern Telecom, and Optical Data Systems, among others. Epilogue Technology Corporation is located at 11116 Desert Classic Lane, N.E., Albuquerque, NM 87111-7512; telephone: 505/271-9933; FAX: 505/271-9798. USEC White Paper available. CONTACT: Woolf Media Relations, Inc. Tom Woolf, 415/508-1554, tomw@woolfmedia.com. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion