Simple Network Management Protocol

SNMP is a standard protocol for network management in IP Networks. Network administrators use SNMP for managing & monitor devices and map network availability, performance, and error rates.

Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks and more.

Understanding SNMP basics

An SNMP-managed network consists of three key components:

Managed device
Agent — software which runs on managed devices
Network management station (NMS) — software which runs on the manager

A managed device is a network node that implements an SNMP interface that allows unidirectional (read-only) or bidirectional (read and write) access to node-specific information. Managed devices exchange node-specific information with the NMSs. Sometimes called network elements, the managed devices can be any type of device, including, but not limited to, routers, access servers, switches, bridges, hubs, IP telephones, IP video cameras, computer hosts, and printers.

An agent is a network-management software module that resides on a managed device. An agent has local knowledge of management information and translates that information to or from an SNMP-specific form.

A network management station (NMS) executes applications that monitor and control managed devices. NMSs provide the bulk of the processing and memory resources required for network management. One or more NMSs may exist on any managed network.

Every switch carries an agent and management information base (MIB), as shown in Figure 1 . The agent accesses information about a device and makes it available to an SNMP network management station.

FIGURE 1 SNMP structure

When active, the management station can get information or set information when it queries an agent. SNMP commands, such as get, set, getnext, and getresponse, are sent from the management station, and the agent replies once the value is obtained or modified (Figure 2). Agents use variables to report such data as the number of bytes and packets in and out of the device, or the number of broadcast messages sent and received. These variables are also known as managed objects. All managed objects are contained in the MIB.

FIGURE 2 SNMP query

The management station can also receive traps, unsolicited messages from the switch agent if an unusual event occurs (Figure 3)

FIGURE 3 SNMP trap

The agent can receive queries from one or more management stations and can send traps to up to six management stations.

Development

SNMPv1

SNMPv1 was the first version of SNMP. Although it accomplished its goal of being an open, standard protocol, it was found to be lacking in key areas for certain applications. Later versions have addressed many of these problems.

Authentication of clients is performed only by a "community string", in effect a type of password, which is transmitted in cleartext.

SNMPv2C

SNMPv2c is a sub-version of SNMPv2. Its key advantage over previous versions is the Inform command. Unlike Traps, which are simply received by a manager, Informs are positively acknowledged with a response message. If a manager does not reply to an Inform, the SNMP agent will resend the Inform.

Other advantages include:

improved error handling
improved SET commands
Authentication in SNMP Versions 1 and 2 amounts to nothing more than a password (community string) sent in clear text between a manager and agent.

SNMP V3

SNMPv3 is the newest version of SNMP. Its primary feature is enhanced security.

The “EngineID” Identifier in SNMPv3 uniquely identifies each SNMP entity. Conflicts can occur if two SNMP entities have duplicate EngineID’s. The EngineID is used to generate the key for authenticated messages.

SNMPv3 security comes primarily in 2 forms:

Authentication is used to ensure that traps are read by only the intended recipient. As messages are created, they are given a special key that is based on the EngineID of the entity. The key is shared with the inteneded recipient and used to receive the message.
Privacy