The biggest thing to be concerned with is whether or not your devices can do the level of SNMPv3 you require. If you require SNMPv3 authPriv, then you require a crypto image. SNMPv3 authPriv provides you with hashed credentials and an encrypted payload.
If all you require, however, is SNMPv3 authNoPriv (i.e. hashed credentials, but clear text payload), then any 120.(3)T image or higher will do.
Part of deciding on the type of v3, as well as the underlying hash and encryption algorithms, is what do your management applications support. Any NMS claiming SNMPv3 support will at least support SNMPv3 authNoPriv with MD5 hashing. If they do authPriv, then they will support (at the very least) MD5 hashing with DES encryption.
MD5 and DES may not be good enough for you, however. You have other options. For hashing, you can move from the 128-bit MD5 to the 160-bit SHA-1, and from the 56-bit DES to 3DES or AES. In general, you will find AES more commonly supported than 3DES, however.
If I were just getting started with SNMPv3, I'd probably start simple just so you can understand the differences between community-string based SNMP and user-based. I'd do SNMPv3 authNoPriv with MD5 hashing. Here is a basic overview of the configuration tasks:
One caveat to share is that the password you pick your both hashing and encryption must be at least 8 characters long so that it works with all management systems. A very basic config which just allows SNMP read-only polling is below:
snmp-server group v3group v3 auth
snmp-server user v3user v3group v3 auth md5 v3user123
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...