I am seeking to secure SNMPv3 communications (e.g., RFC 3414), trying to protect against its well-known vulnerabilities such as spoofing. Had SNMPv3 run over TCP, instead of UDP as it does, then I perhaps may attempt to protect it via SSH port forwarding (i.e., SSH tunneling). Coincidentally, I've just read a description in Bob Toxen's book "Real World Linux Security" (page 141) about an approach he has apparently used of wrapping UDP in TCP and SSH in order to accomplish SSH port forwarding for UDP-based protocols as well. This makes me wonder whether SNMPv3 may be a viable candidate for SSH tunneling after all. I am wondering whether anybody in the list has any insights as to the viability and weaknesses of this suggested approach. I am especially interested in learning how people on this list secure SNMPv3. Thank you.