Community Names

Community names provide a rudimentary security scheme for the SNMP service. You can add and delete community names by using the Security tab on the Microsoft SNMP Properties page. You can also filter the type of packets that the computer will accept. The following figure shows the Security tab.

Figure 11.5 Configuring SNMP Security

You must configure the SNMP service with at least one community name. The installation default is the Public community name. You can delete or change the default community name and add multiple community names.

There is no relationship between community names and domain or workgroup names. Community names serve as a shared password for groups of hosts on the network and should be selected and changed as you would any other password. Members of a community (hosts that share the same community name) are typically grouped by their physical proximity.

When the SNMP agent receives an SNMP request that does not contain the correct community name or that came from an unknown host, the SNMP agent can send a trap to one or more trap destinations (SNMP manager programs). The trap message indicates that the request failed authentication.

In the following example, there are two communities — Terraflora and Public.

Figure 11.6 SNMP Community Names

Only the agents and managers that are configured with the same community name can communicate with each other.

• Agent 1 can send traps and other messages to Manager 2 because they are both members of the Terra Flora community.
• Agent 2 through Agent 4 can send traps and messages to Manager 1 because they are all members of the Public (default) community.

The community names that are configured by using the Security tab are used when configuring Trap Destinations.