What Is SNMP –
Simple Network Management Protocol (SNMP) is an application–layer protocol which is part of Transmission Control Protocol ⁄ Internet Protocol (TCP⁄IP) protocol suite .SNMP has been defined by the Internet Architecture Board (IAB) in RFC1157 for exchanging management information between network devices. It collects information from, and configures, network devices, such as servers, printers, hubs, switches, and routers on an Internet Protocol (IP) network.
SNMP was developed in 1988 to provide network-device-monitoring capability for TCP/IP-based networks, it was approved as an Internet standard in 1990 by the Internet Architecture Board (IAB) and has been in wide use since that time. SNMP is appropriately one of the widely accepted protocols to manage and monitor network elements. Most of the professional–grade network elements come with bundled SNMP agent. These agents have to be enabled and configured to communicate with the network management system (NMS). Currently, most network equipment vendors provide SNMP support in their products.
SNMP has four basic components:
- SNMP Manager
- Managed devices
- SNMP agent
- Management Information Base (MIB)
SNMP Manager is responsible to communicate with network devices on which SNMP agent is configured. This is typically a computer that is used to run one or more network management systems. The key functions of SNMP Manager are –
• Query the agents
• Gather responses from agents
• Sets variables in agents
• Acknowledges events from agents
A managed device is a part of the LAN or WAN network which is required to be monitored or managed.The managed devices may be – routers, switches, servers, workstations, printers, UPSs, etc…
SNMP agent is a program that is packaged within the network element. Agent collects the management information database from the device locally and makes it available to the SNMP manager, when it is queried for. These agents could be standard (e.g. Net-SNMP) or specific to a vendor (e.g. HP insight agent)
SNMP agent basically:
- Collects management information about its local environment.
- Stores and retrieves management information as defined in the MIB.
- Signals an event to the manager.
- Acts as a proxy for some non–SNMP manageable network node.
BASIC SNMP COMMUNICATION DIAGRAM
Management Information Base (MIB)
Every SNMP agent maintains an information database describing the managed device parameters. The SNMP manager uses this database to request the agent for specific information and further translates the information as needed for the Network Management System (NMS). This commonly shared database between the Agent and the Manager is called Management Information Base (MIB).
Typically these MIB contains standard set of statistical and control values defined for hardware nodes on a network. SNMP also allows the extension of these standard values with values specific to a particular agent through the use of private MIBs.
In short, MIB files are the set of questions that a SNMP Manager can ask the agent. Agent collects these data locally and stores it, as defined in the MIB. So, the SNMP Manager should be aware of these standard and private questions for every type of agent.
Typical SNMP communication
Being the part of TCP⁄ IP protocol suite, the SNMP messages are wrapped as User Datagram Protocol (UDP) and intern wrapped and transmitted in the Internet Protocol. The following diagram will explains the four–layer model developed by Department of Defense (DoD).
SNMP has gone through significant upgrades.SNMP v1 and v2c are the most implemented versions of SNMP. SNMP v3 has recently started catching up as it is more secured when compare to its older versions, but still it has not reached considerable market share.
This is the first version of the protocol, which is defined in RFCs 1155 and 1157
This is the revised protocol, which includes enhancements of SNMPv1 in the areas of protocol packet types, transport mappings, MIB structure elements but using the existing SNMPv1 administration structure (“community based” and hence SNMPv2c). It is defined in RFC 1901, RFC 1905, RFC 1906, RFC 2578.
SNMPv3 defines the secure version of the SNMP. SNMPv3 also facilitates remote configuration of the SNMP entities. It is defined by RFC 1905, RFC 1906, RFC 3411, RFC 3412, RFC 3414, RFC 3415.
Though each version had matured towards rich functionalities, additional emphasis was given to the security aspect on each upgrade. Here is a small clip on each editions security aspect.