Does PRTG Support AUTH/PRIV in SNMP3

hallo,

PRTG only supports MD5 and SHA authentication for SNMP V3 at the moment, sorry.

AuthPriv's components are Authentication (the Auth) and Encryption (the Priv). Auth options for the SNMPv3 standard are MD5 and SHA where Priv options for SNMPv3 are DES, 3DES, AES128, AES192, AES256.

Even though the above support user indicates that MD5 and SHA are all that is currently supported (which would make it authNoPriv), DES is definitely supported for encryption. All you need to do is select SNMPv3, select MD5 or SHA authentication, enter the user, enter the password (MD5 or SHA authentication password), and enter the data encryption key (DES encryption password) and your sensors should work without issues.

I am currently running 700 SNMPv3 AuthPriv sensors using MD5/DES with no issues using the latest build of PRTG 8.

I've tried to use AES-256 encryption with Cisco switches but without success. AES-128 works fine.

Is PRTG going to support SHA-256 and AES-256 in the latest version?

It's still not in our plans, essentially because as far as we now there's no RFC for these key lengths for SNMP V3, which also means that not every device out there supports these key lengths.

The majority of all the SNMP implementations still rely on SNMP V2c or V1, which is usually fine if you're sending SNMP within a management network or private LAN, an even in those cases using SNMP V3 with 128 bits which should provide more than enough security for the time being.

Most of the data being transferred over SNMP is not sensitive (Traffic Counters, Disk Usage Metric, etc). Apart from sensitive interface names the data is not sensitive. And when using a "Read-Only" user or community, even if the credentials where compromised one would still not be able to cause any damage with that information.

Best Regards,
Luciano Lingnau [Paessler Support]