Unicenter

SNMP Introduction

Simple Network Management Protocol (SNMP) helps automate the monitoring and management across diverse, multi-technology networks, ensuring the availability and performance of critical network devices and services essential to run your business. SNMP is part of the application layer protocol of the TCP/IP suite and in most of the deployments functions over User Datagram protocol (UDP).SNMP has grown from unsecure SNMP v1 to SNMP v3 which provides enhanced security in terms of authentication. SNMP today is the defacto standard management protocol in the networking industry.

Any SNMP managed IT infrastructure will have three key constituents in the solution: managed network elements, agents and a Network Management Station (NMS).

Managed network elements can be routers, switches, firewalls, desktops, servers, applications etc. All managed network elements contains SNMP agents.

The agent is a software component that resides on the network element and has the database of the management information (MIB). The agent can send traps, or notification of critical events, to the manager. The communication between the agent and the manager uses the SNMP protocol, which is an application of the Abstract Syntax Notation 1 or ASN1BER typically over UDP. The managed network element caters the management information to the NMS by using agents and SNMP.

The NMS gathers all the data by polling the network elements and by receiving traps. It provides the status of the network infrastructure in an intuitive, easy to understand, human readable and graphical format.

SNMP Versions & Evolution

SNMPv1 (RFC 1157) is the initial implementation of SNMP.

SNMPv2c (RFC 1902) is the second release of SNMP. It provides additions to data types, counter size, and protocol operations.

SNMPv3 (RFC 2271-RFC 2275) is the most recent version of SNMP.

SNMPv1

SNMP version 1, or SNMPv1, has enjoyed matchless success as an interoperable management solution. However, it had multiple weaknesses, the most prominent of which was its deficiency of strong security.

SNMPv2

The SNMPv2 standardization wasn’t successful. Originally, the specification and designing of the SNMPv2 was initiated to enhance SNMP functionality and the security was given some priority. The SNMPv2 has a weak security because of the standardization’s ,as  there are no changes to basic SNMP in terms of security – it relies completely on the community strings.

SNMPv3

The users do not have to worry about the tampering or the data theft when using SNMPv3 when collecting management information from their SNMP agents. The SNMPv1 or v2  PDU, is encapsulated in an SNMPv3 packet. At the level of message processing this encapsulation provides security. The SNMPv3 architecture implements the actual security services for authentication and privacy. There are two different keys which are required, one for privacy (privKey) and the other for authentication (authKey). These keys are not stored in the MIB of the node. Therefore they are not directly accessible through SNMP get- or set-functions.