A Review on SNMP Technologies
SNMP stands for Simple Network Management Protocol.Ā It is a standard way of monitoring hardware and software from nearly any manufacturer, from Juniper, to Cisco, to Microsoft, Unix,Ā and everything in between. SNMP requires only a couple of basic components to work: a management station, and an agent.
First, a management station is required.Ā The management station is simply software that collects information from your network.Ā Most management stations will poll your network for information regularly. Management stations range from the very simple to highly complex.
Simple software is usually very feature-limited, but can be freely available and easy to configure.Ā For example, theĀ free SolarWinds Network Device ManagerĀ that was recently released.
On the other hand, complex systems can manage your entire network. They will also do things like generate reports, perform inventory, and send email or SMS text alerts when systems fail.Ā Networkmanagementsoftware.com recently reviewedĀ SolarWinds Network Performance Monitor, ā an excellent management solution.
Second, the hardware or software that you want to monitor must have an agent running.Ā The agent collects information, and then sends it to the monitoring station when polled. Agents can also send notification to the management station without being polled, for example if an error is detected.
Agents are usually built-in to your network hardware and software ā they simply need to be enabled and configured.
What Can It Do?
SNMP is very simple, yet powerful.Ā It has the ability to help you manage your network by:
- Provide Read/Write abilities ā for example you could use it to reset passwords remotely, or re-configure IP addresses.
- Collect information on how much bandwidth is being used.
- Collect error reports into a log, useful for troubleshooting and identifying trends.
- Email an alert when your server is low on disk space.
- Monitor your serversā CPU and Memory use, alert when thresholds are exceeded.
- Page or send an SMS text-message when a device fails.
- Can perform active polling, i.e. Monitoring station asks devices for status every few minutes.
- Passive SNMP ā devices can send alerts to a monitoring station on error conditions.
Versions and Security (or Lack Thereof)
Several versions of SNMP are supported, v1, v2c, and v3. Nearly all monitoring stations support all three versions. So why not simply use the newest version all the time?
Version 1 is the simplest and most basic of the versions, and there may be times where itās required to support older hardware. But version 2c adds several enhancements to the protocol, such as support for āInformsā.Ā Because of this v2c has become most widely used.
However, a major weakness of v1 and v2c is security.Ā Community strings ā the equivalent of passwords ā are transmitted in clear text and there is no support for authentication.Ā This creates risk that your community strings could become compromised. This is not good, especially considering the power SNMP has to change device configuration.
SNMP v3 adds a security features that overcome the weaknesses in v1 and v2c, and it should generally be used if possible ā especially if you plan to transmit information across unsecured links. However, the extra security makes it much more complex to configure.
Ports and Firewalls
SNMP uses UDP as the transport protocol. If management traffic will traverse firewalls, make sure that the following default ports are open:
- UDP 161: Used when management stations communicate with agents, e.g. Polling
- UDP 162: Used when agents send unsolicited Traps to the management station
MIBs, OIDs and Traps
The basics of SNMP are simple, but terminology is one of the needlessly complicated parts of SNMP.Ā However, itās easily understood.Ā In the next article weāll help clear the confusion around things like āstringsā, and āMIBsā.
> Computer and Education