System management
Table 1-10 Default data fill for access table
Object
GroupName
ContextPrefix
SecurityLevel
ContextMatch
ReadViewName
WriteViewName
NotifyViewName
StorageType
Access to critical security parameters
The SNMPv3 management interface does not provide access to critical security
parameters (CSPs) of PTP 600. It is not possible to read or modify AES keys used to
encrypt data transmitted at the wireless interface. Neither is it possible to read or
modify security parameters associated with TLS protection of the web-based
management interface. The recovery mode option to zeroise CSPs does not affect
SNMPv3 configuration.
Downgrade of the license key
A possible lockout condition exists if a user downgrades the PTP 600 license key so as
to disable the AES capability when SNMPv3 users are configured with AES privacy
and VACM is configured to require privacy. In this case, recovery is by either (a)
restoring the correct license key, or (b) using recovery mode to erase all configuration
and entering new configuration.
Option (b) will cause default users and access configuration to be re-created.
CAUTION
1-46
Entry 1
initial
""
authNoPriv
exact
internet
internet
internet
nonVolatile
Care should be taken to avoid exposing the ODU to an insecure network
when configuration data is erased.
UNDER DEVELOPMENT
Chapter 1 Product description
Entry 2
initial
""
noAuthNoPriv
exact
restricted
""
restricted
nonVolatile
phn-0896_009v003
Feb 2010