Controlling access to managed objects in networked devices

摘要

Controlling access to managed objects associated with a networked device. A method comprises receiving a request from a principal for access to a managed object associated with the networked device. The managed objects are accessible based on membership in access groups that are compliant with a Simple Network Management Protocol (SNMP). A first and a second of the access groups associated with the principal are determined. Access privileges for the principal are determined, based on the first and the second access groups. Access to the managed object is granted if permitted based on the access privileges for the principal.

主权项

1. A network management device comprising: a network management engine configured to send a request for access to managed objects defined in a management information base associated with a remote managed device, wherein the request indicates a principal is a member of at least one of a plurality of access groups compliant with a Simple Network Management Protocol (SNMP), wherein each of the plurality access groups defines a set of access privileges, wherein access to the managed objects is based on membership in at least one of the plurality of access groups; wherein the network management engine is aware that the remote managed device is compliant with SNMP and not aware that the remote managed device is configured to perform access control based on roles in accordance with a Role-Based Command Line Interface (CLI) Access protocol by aligning SNMP compliant access groups with corresponding roles of the Role-Based CLI Access protocol.