Starting with VMware Cloud Director 10.2.2, you can configure the VMware Cloud Director appliance for SNMP v3. When you configure the SNMP agent for SNMP v3, the agent supports polling and provides stronger security, including cryptographic authentication and encryption.
- Configuring the SNMP engine ID
- Configuring SNMP authentication and privacy protocols
- Configuring SNMP users
Every SNMP v3 agent has an engine ID, which serves as a unique identifier for the agent. The engine ID is used with a hashing function to generate localized keys for authentication and encryption of SNMP v3 messages. If you do not specify an engine ID before you enable the SNMP agent, when you enable the standalone SNMP agent, VMware Cloud Director generates an engine ID.
To ensure the identity of users, you can use authentication. Privacy allows for encryption of SNMP v3 messages to ensure the confidentiality of the data. The privacy protocols provide a higher level of security than is available in SNMP v1 and v2c, which use community strings for security. Both authentication and privacy are optional. However, if you plan to enable privacy, you must enable authentication.
The default value for the authentication and privacy protocols is none.
You can configure up to five users who can access SNMP v3 information. User names must be no more than 32 characters long. While configuring a user, you generate the authentication and privacy hash values based on the authentication and privacy passwords of the user and the engine ID of the SNMP agent. After configuring the users, if you change the engine ID, authentication protocol, or privacy protocol, invalidates the users and you must reconfigure them.
Prerequisites
If you want to configure SNMP authentication and privacy protocols, verify that you know the authentication and privacy passwords for each user that you plan to configure. The passwords must be at least eight characters long.