Research For Network Security Management Based On SNMP

Network security management plays an important pole in the network management system, how to manage and deploy the network resource in effect is an important problem for network management, and it is always one of the most important problems in the research of network technique.This thesis has introduced the basic theory of SNMP at first, analyses the security of SNMP protocol which has three versions in depth. There was no security implemented in SNMPv1 and SNMPv2, because they were on community-based, and the community is plaintext on the wire. Because of the lack in the security function of the previous versions, addition with the development of network for the security management needs, SNMPv3 added security to the previous versions of the protocol by introducing a User-based Security Model (USM). But the HMAC-MD5 algorithm procedure in SNMPv3 is disclosed, and the authentication is only single direction, and the privacy key of DES is too short, just 56 bits, which is attacked by hacker. So we can conclusion that SNMPv3 is easily to be attacked. While the security management of network system is not neglected, other security protocol should be taken into account to inforce network security management based on SNMP.In this paper the Secure Shell protocol (SSH) is choiced to inforce network security management based on SNMP, and the Secure Shell Transport-mapping Model (SSHTM) is put forword. SSHTM provides message confidentiality and integrity by using the Trangsport Layer Protocol of SSH, provides for both verification of the identity of the SSH server and verification of the identity of the SSH client, and will establish a channel between itself and the SSHTM of another SNMP engine by using the SSH connection protocol so that it can pass encrypted messages in the channel. The construction of SSHTM is introduced in this paper, the security function of which is discussed, and the work of which is described in detail. In particular several security parameters which are passed is explained. At last the performance analysis of SSHTM is given, including latency, security functionality, memory usge and so on, at the same time the distinctness of security functionality is given by comparing SSHTM with TLS based on SNMP, and the difference between TCP protocol and UDP protocol based on SNMP is also dicussed, from which we can make a conclusion that SSHTM is better than SNMPv3/USM.