The Simple Network Management Protocol (SNMP) sure does pack a punch for something with “Simple” in its name. The protocol literally provides the lifeblood of network monitoring and device communications. Network admins rely heavily on SNMP because nearly every technology manufacturer supports the protocol, which enables comprehensive network monitoring across all devices.
A component of the Internet Protocol Suite and defined by the Internet Engineering Task Force (IETF), SNMP consists of a set of standards for network management. These include an application layer protocol and a database schema architecture.
The protocol leverages the client-server model. Servers, called managers, collect and process information about devices on the network. Clients, called agents, are any type of device on the network that sends data to the managers. The managers and agents communicate by leveraging several protocol data units:
- GetRequest – to retrieve the value of a variable from a manager to an agent.
- SetRequest – to change the value of a variable from a manager to an agent.
- GetNextRequest – to find variables from a manager to an agent; can also be executed as a bulk request to many agents.
- Response – to receive replies from agents to a manager through the return of variables.
- Trap – to receive simultaneous messages from agents to a manager.
- InformRequest – to generate simultaneous messages between managers.
- Report – to review messages and determine problem types detected by agents.
The protocol exposes management data in the form of variables on managed systems that describe the system status and configuration. The variables can be remotely queried and manipulated.
See Everything Across Your IP Networks
Without SNMP, you can’t configure network devices as easily. You also can’t collect information on network throughput, usage, performance issues, and security breaches. SNMP virtually gives you the ability to see everything that’s going on across all of your IP networks—from servers to workstations, printers, hubs, switches, and routers.
Another cool feature of SNMP is that it has a negligible impact on the performance of your devices and minimal transport requirements so as to not impact network traffic. It even continues to work when most other network applications fail.
The Importance of Using the Current Version of SNMP
The first version of SNMP launched in the 1980s and is still used on the public Internet. For your internal networks, it’s important to use the most current version (SNMPv3), which is also an Internet standard. It features improved security and device access by authenticating and encrypting data packets to block external intruders from access.
SNMPv3 gives administrators the flexibility to apply four different security levels—depending on what types of users and data each device handles, and whether a network is closed or open:
- Authentication Only
- Privacy Only
- Authentication and Privacy
- No Privacy and No Authentication
New system admin capabilities are another SNMPv3 feature. These include notification originators and proxy forwarders, which assist in remote configuration and device support. They also streamline large-scale device deployments, device accounting, and fault management.
Other key features of SNMPv3 include message integrity checking and assurance that messages come from reliable sources. The protocol also ensures messages are read-only by designated recipients. Any that are intercepted by unauthorized users are automatically garbled.
Although using SNMPv3 will improve your security posture, it’s important to not rely on the protocol alone for protecting your devices. For example, you should also separate user roles and assign proper credentials for each device. And be sure to apply access control lists to block unauthorized device access.
Management Information Base Plays Vital Role
A vital component of SNMP is the
Management Information Base (MIB). This text file contains hierarchically-organized
information pertaining to the data collected from a particular device. MIB is
included in all SNMP-enabled devices and is converted by the protocol into a
format usable by monitoring software.
The hierarchy feature is a vital
aspect. All the manageable features from different vendor devices can be properly
organized with a name and a number that make up the object identifier.
In addition to polling and
information exchange, SNMP sends data packages without explicit requests. You
can preconfigure these SNMP “traps” to let clients know about specific changes
in the device. The setting up of control commands is yet another SNMP
capability that lets the client (monitoring software) make configuration
changes within the device.
An SNMP Companion
A handy tool to use in conjunction
with SNMP is WhatsUp Gold. The
solution monitors SNMP-enabled devices as well as operating systems—including
Windows, Unix and Linux. WhatsUp Gold also provides a complete set of SNMP
management tools, including the SNMP MIB Walker, Explorer, multi-SNMP variable
probing, and trending.
To see exactly how WhatsUp Gold can help you monitor your network devices, download a free trial.