Linking Views with Users

The security name in the "VACM Security To Group" table below is further specified by the "SecurityModel" and then associated with a group name. This allows the user to view different parts of the MIB depending on the security model availability. For instance, where we have tighter security in v3 we may let a user do more whereas if the user is using a v2 model we would probably restrict his access to compensate for the lesser security inherent in v2.

$image\ebx_2108476015.gif$

In the VACM Access Table we use those named views to allow "Read", "Write", and "Notify" to be associated with specific named views. Furthermore, the "SecurityLevel", "SecurityModel" and "ContextPrefix" are used to further subdivide these groups which are given distinct "GroupNames" so they can be associated with a user in the VACM Security to Group Table.

$image\ebx_-803278604.gif$

With the completion of this step we have defined all issues of the interaction between the management stations and this agent. The final step that is to define the unsolicited interactions of the agent to the stations. This is dealt with in the "Configuring Notification Targets in SNMPv3" topic.