Abstract: A method of enhancing security in network management for SNMPv2c packet traffic over internet between a (sending) manager location and an (receiving) agent location uses a pluggable security application function. The manager location has a manager side security application (MSA) and may include one or more managers. The agent location has an agent side security application (ASA) and may include one or more agents. Upon a SNMP request from a manager to the MSA, the request is encrypted, appended with authentication digest and sent to a registered agent in ASA. The MSA receives a secured response packet back from the ASA, which after authentication decrypts and forwards it to the intended manager. Thus, an existing protocol implementation is maintained, while reducing additional network overhead. The method obviates the use of IPSec tunnels and migration to SNMPv3.

Abstract: A method of enhancing security in network management for SNMPv2c packet traffic over internet between a (sending) manager location and an (receiving) agent location uses a pluggable security application function. The manager location has a manager side security application (MSA) and may include one or more managers. The agent location has an agent side security application (ASA) and may include one or more agents. Upon a SNMP request from a manager to the MSA, the request is encrypted, appended with authentication digest and sent to a registered agent in ASA. The MSA receives a secured response packet back from the ASA, which after authentication decrypts and forwards it to the intended manager. Thus, an existing protocol implementation is maintained, while reducing additional network overhead. The method obviates the use of IPSec tunnels and migration to SNMPv3.