Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP)

This document describes a Transport Model for the Simple Network Management Protocol (SNMP), that uses either the Transport Layer Security protocol or the Datagram Transport Layer Security (DTLS) protocol. The TLS and DTLS protocols provide authentication and privacy services for SNMP applications. This document describes how the TLS Transport Model (TLSTM) implements the needed features of a SNMP Transport Subsystem to make this protection possible in an interoperable way. This transport model is designed to meet the security and operational needs of network administrators. It supports sending of SNMP messages over TLS/TCP, DTLS/UDP and DTLS/SCTP. The TLS mode can make use of TCP's improved support for larger packet sizes and the DTLS mode provides potentially superior operation in environments where a connectionless (e.g. UDP or SCTP) transport is preferred. Both TLS and DTLS integrate well into existing public keying infrastructures. This document also defines a portion of the Management Information Base (MIB) for use with network management protocols. In particular it defines objects for managing the TLS Transport Model for SNMP.

[1]  Bert Wijnen,et al.  An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks , 2002, RFC.

[2]  Bert Wijnen,et al.  Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework , 2000, RFC.

[3]  Wes Hardaker,et al.  Harrington Request for Comments : 5592 Huawei Technologies ( USA ) Category : Standards Track J . Salowey Cisco Systems , 2022 .

[4]  Keith McCloghrie,et al.  Textual Conventions for SMIv2 , 1999, RFC.

[5]  Masanobu Kawashima,et al.  A Recommendation for IPv6 Address Text Representation , 2010, RFC.

[6]  Michael Tüxen,et al.  Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension , 2012, RFC.

[7]  Robert T. Braden,et al.  Requirements for Internet Hosts - Application and Support , 1989, RFC.

[8]  Mark K. Lottor Domain Administrators Operations Guide , 1987, RFC.

[9]  John C. Klensin,et al.  Internationalized Domain Names for Applications ( IDNA ) : Definitions and Document Framework , 2022 .

[10]  Paul E. Hoffman,et al.  Internationalizing Domain Names in Applications (IDNA) , 2003, RFC.

[11]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[12]  Randy Presuhn,et al.  Management Information Base (MIB) for the Simple Network Management Protocol (SNMP) , 2002, RFC.

[13]  Tim Dierks,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .

[14]  Paul Meyer,et al.  Simple Network Management Protocol (SNMP) Applications , 2002, RFC.

[15]  Eric Rescorla,et al.  Datagram Transport Layer Security , 2006, RFC.

[16]  Keith McCloghrie,et al.  Structure of Management Information Version 2 (SMIv2) , 1999, RFC.

[17]  Jeffrey D. Case,et al.  Simple network management protocol , 1995 .

[18]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[19]  Wes Hardaker Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP) , 2010, RFC.

[20]  Keith McCloghrie,et al.  Conformance Statements for SMIv2 , 1999, RFC.

[21]  Scott O. Bradner,et al.  Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.

[22]  Jeffrey D. Case,et al.  Introduction and Applicability Statements for Internet-Standard Management Framework , 2002, RFC.

[23]  Tim Wright,et al.  Transport Layer Security (TLS) Extensions , 2003, RFC.

[24]  Wes Hardaker,et al.  Transport Security Model for the Simple Network Management Protocol (SNMP) , 2009, RFC.

[25]  Jürgen Schönwälder,et al.  Transport Subsystem for the Simple Network Management Protocol (SNMP) , 2009, RFC.

[26]  Uri Blumenthal,et al.  User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) , 1998, RFC.

[27]  Jürgen Schönwälder Simple Network Management Protocol (SNMP) Context EngineID Discovery , 2008, RFC.

[28]  Tim Wright,et al.  Transport Layer Security (TLS) Extensions , 2003, RFC.