This question was also raised during Networkers in Copenhangen and the answer was that there is no plans for SNMPv3 support in CW2000. Note that SNMPv2c doesn't give you more security. Note also that CW2000 uses a lot of other unsecure protocols like tftp, telnet and rcp.
Have a look at OpenView Network Node Manager with the security add-on from SNMP Research. That will give you SNMPv3. Mail me offline if you need pointers.
Although SNMP1 doesn´t provide security, you can raise your security level by using Access Lists numbers at the end of your SNMP community string IOS commands. That will restrict your SNMP messages source/destination based on IP addresses, and that´s the best I´ve been able to do till now.
I aggree on this one. There are many other ways to enforce the security than using the community strings of SNMPv1/v2c or the authentication and encryption of SNMPv3. Access lists are one, configuring the allowed manager(s) is another. There was a really good presentation on this at Cisco Networkers on how to at the same time secure your environment and still make it manageable called "Management in secure environments". It was done by Erik Lenten from Cisco at Netwokers in Copenhagen and the seesion ID was NCM-280. Let me know if you need more info.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...