SNMP over DTLS or SNMPv3

Question

What is the Major difference in SNMP over DTLS and SNMPv3 USM model, which one to prefer.

TLS and DTLS make use of the Transport Security Model (TSM) security model, defined in RFC5591 which was created as an alternative to the USM security model

Answer 1

The difference is what is the problem each of them wants to resolve.

SNMP v3 USM enhances the SNMP message format itself to add proper integrity check and encryption, so that it can be transferred on probably unsafe wires.

SNMP over DTLS uses another approach that it tries to build safe channels on unsafe wires, and allows the messages to be transferred safely.

You can prefer either of them to achieve significant security improvements over the original SNMP, but please analyze your scenarios carefully and put the following into consideration,

• What are the devices in your whole solution?
• Whether they support both models? Which one of them only supports one of the model?

Then you can make a decision on which model to choose. As far as I know SNMP v3 USM is more widely supported, but I might be wrong.