What standards are covered by SNMP4J (i.e., RFCs, FIPS 140-2)?

Last modified by Frank Fock on 2024/05/25 20:40

IETF RFC Compliance

SNMP4J / SNMP4J-Agent implements the following IETF RFCs:

RFC #

Title

Coverage 

 Versions (SNMP4J)

3410Introduction and Applicability Statements for Internet Standard Management Framework(tick)(green star)
3411An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks(tick)(green star)
3412Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)(tick)(green star)
3413Simple Network Management Protocol Applications(tick)(green star)
3414User Based Security Model (USM) for SNMPv3(tick)(green star)
3415View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)(tick)(green star)
3416 Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP)(tick)(green star)
3417 Transport Mappings for the Simple Network Management Protocol (SNMP) UDP and TCP only(green star)
3418 Management Information Base (MIB) for the Simple Network Management Protocol (SNMP) (tick)(green star)
3584Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework (tick)(green star)
3826 The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model(tick)(green star)  
4088Uniform Resource Identifier (URI) Scheme for the Simple Network Management Protocol (SNMP)(tick)>= 2.2 
5343 Simple Network Management Protocol (SNMP) Context EngineID Discovery(tick)>= 2 
6353Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP)

(tick) TLS 1.0, 1.2

(tick) DTLS

>= 2 (TLS 1.2 with Java SE 8 or later)

>= 3.0

5590 Transport Subsystem for the Simple Network Management Protocol (SNMP)(tick)>= 2
5591Transport Security Model for the Simple Network Management Protocol (SNMP)(tick)

>= 2 

CRL, OSCP revocation checking >= 3.6.0

5592 Secure Shell Transport Model for the Simple Network Management Protocol (SNMP)(minus) 
7630HMAC-SHA-2 Authentication Protocols in the User-based Security Model (USM) for SNMPv3(tick)>= 2.4
draft-reeder-snmpv3-usm-3desede-00 Extension to the User-Based Security Model (USM) to Support Triple-DES EDE in "Outside" CBC Mode (tick)(green star)
draft-blumenthal-aes-usm-04 The AES Cipher Algorithm in the SNMP's User-based Security Model (tick) (AES 192 + 256)(green star)  

SNMP4J-AgentX implements the follow IETF RFCs:

RFC #

Title

Coverage

Versions 

 2741 Agent Extensibility (AgentX) Protocol Version 1(tick) (TCP only) (green star)
 2742 Definitions of Managed Objects for Extensible SNMP Agents(tick) (green star)

FIPS 140-2 Compliance

SNMP4J uses standard JCE hashing and encryption algorithms as provided through the Java Cryptography Extension (JCE) as listed in the table below. Thus, by using a FIPS 140-2 certified JCE provider, SNMP4J becomes FIPS 140-2 compliant:

Message Digest / Cipher Suite Name

SNMP4J Class Name

SNMPv3 Protocol

Protocol Type

SHA-1AuthSHASHAAuthentication
MD5AuthMD5MD5Authentication
DES/CBC/NoPaddingPrivDESDESPrivacy
AES/CFB/NoPaddingPrivAES128
PrivAES192
PrivAES256
PrivAES192With3DESKeyExtension
PrivAES256With3DESKeyExtension		AES 128
AES 192
AES 256
(nonstandard)
(nonstandard)		Privacy
DESede/CBC/NoPaddingPriv3DES3DESPrivacy