With the release of Infinite Device Management 3.18 and ICE 1.30, Print Audit is pleased to announce the introduction of SNMPv3 for scanning print devices. We encourage to check out our online tutorial on configuring SNMPv3 in IDM.
What is SNMPv3?
SNMP version 3 is the latest version of the SNMP (Simple Network Management Protocol) protocol. The primary feature of SNMP version 3 is its enhanced security in communications between the SNMP agent (the printer) and the SNMP Manager (the Information Collection Engine or ICE).
Why would I use SNMPv3?
SNMP version 3 provides a number of security enhancements over previous versions of SNMP that give an increased level of protection against possible attacks or intrusions. SNMPv3 does this using three features:
- Users - when trying to access data stored in a printer’s MIB, a username is required providing a higher level of security than simply providing a Community Name.
- Authentication - additional security is provided by using either a SHA or MD5 hash algorithm applied to the passwords.
- Encryption - DES/AES level security can be added to the data being transferred without overwhelming agents and clients with a lot of unnecessary cryptography overhead.
Why wouldn’t I use SNMPv3?
SNMPv3 sounds great. Why not use it? And after all, isn’t newer and more secure better? The additional security provided by SNMPv3 comes with a price tag. Unlocked doors are more convenient to use. Community strings in versions 1 and 2 are relatively easy to administer especially if they all default to “public”. In addition:
- Implementing SNMPv3 requires an effort on the part of the dealer and on the end customer’s IT department to ensure that the deployment is successful and maintainable.
- Improper implementation can result in print devices not scanning.
- Troubleshooting mixed SNMP environments can be difficult and time consuming.
Does SNMPv3 improve security between ICE and the Infinite Device Management server?
No. SNMPv3 only affects communication between the ICE software and the print devices that are being scanned. For additional details on security on ICE - IDM communication, please refer to our IDM Security Overview document.
What’s the difference between using SNMPv3 locally and configuring it through the IDM web interface?
Configuring SNMPv3 locally adds another layer of security for SNMPv3 by keeping the settings local to the machine where the ICE software is installed.
If I configure ICE to use SNMPv3 settings locally, can I still manage other scan settings?
Yes. Other SNMP settings can still be configured through the IDM web interface along with scan intervals, scan ranges and local device tracking filters.
Check out the view below to learn more about SNMPv3 and Infinite Device Management.