Accession Number : ADA325666

Title :   Distributed Network Management Security,

Corporate Author : SECURE COMPUTING CORP ROSEVILLE MN

Personal Author(s) : Meyer, Paul

PDF Url : ADA325666

Report Date : JAN 1997

Pagination or Media Count : 14

Abstract : Use of SNMP to securely manage distributed networks through firewalls has not been formally described, although features critical to such management are included in SNMP. This document reports on a study performed at Secure Computing Corporation on a method to solve this management function. The project name this study occurred under is Distributed Network Management Security. Slight modifications to the SNMP V2 User-Based Security Model (RFC 1910) and a conceptual redeployment of some of the functions contained within this model provide a basis for this study. The acronym DNMS will be used in this document to refer to the modifications. The basis for the DNMS extensions is a firewall platform that contains at least two distinct network stack implementations, one for the exterior, or public network, and one for the interior, or protected network. DNMS consists of two SNMP V2 proxies, one on each network, with the security-related functions implemented in a third component that also serves as the communication path between the two proxy components. This implementation allows the management and use of SNMP security to be concentrated in the firewalls, where it is assumed that the threats being protected against lie outside the firewall.

Descriptors :   *DATA PROCESSING SECURITY, *WALLS, *COMPUTER NETWORKS, *SYSTEMS MANAGEMENT, *FIRE PREVENTION, MANAGEMENT, DISTRIBUTION, PATHS, COMMUNICATION AND RADIO SYSTEMS, ABBREVIATIONS.

Subject Categories : Computer Systems
      Computer Systems Management and Standards
      Safety Engineering

Distribution Statement : APPROVED FOR PUBLIC RELEASE