By default, the implementation of SNMP uses SNMPv3. SNMPv3 incorporates security model and security level features. A security model is the authentication type for the group and the security level is the permitted level of security within a security model. The combination of the security level and security model determines which security mechanism handles an SNMP packet.
To implement SNMPv1 and SNMPv2c configurations, several access groups are predefined. These access groups provide standard read-only, read-write, and read-write-all access groups and views that can be assigned community strings. To implement SNMP with security features, security models, security levels, and USM communities must be explicitly configured. Optionally, additional views which specify more specific OIDs (MIB objects in the subtree) can be configured.
Access to the management information in as SNMPv1/SNMPv2c agent is controlled by the inclusion of a community name string in the SNMP request. The community defines the sub-set of the agent managed objects can be accessed by the requester. It also defines what type of access is allowed: read-only or read-write.
The use of community strings provide minimal security and context checking for both agents and managers that receive requests and initiate trap operations. A community string is a text string that acts like a password to allow access to the agent on the router.
The Nokia implementation of SNMP has defined three levels of community-named access:
Read-Only permission
Grants only read access to objects in the MIB, except security objects.
Read-Write permission
Grants read and write access to all objects in the MIB, except security objects.
Read-Write-All permission
Grants read and write access to all objects in the MIB, including security objects.