To efficiently manage and navigate a network, Internet protocols are essential. One of them is SNMP, which, despite the fact that it was introduced as early as 1988, is still widely used, including by the CosmicWeb team. From our article you will learn what SNMP is and what it is used for, as well as how to use it safely when monitoring your network.
SNMP protocol – the principle of operation
SNMP (short for Simple Network Management Protocol) is actually not one, but a family of network protocols. It is an expanded version of SGMP (Simple Gateway Monitoring Protocol). The protocol operates at the seventh layer of the ISO/OSI model, the application layer, which allows data to be transferred to the network. It is based on the popular client/server model and consists of two components:
- SNMP Manager – is a centralized monitoring station, which can be a computer or server with device management software such as NMS (Network Management System) installed,
- SNMP Agent – is software installed on a router, printer or laptop.
Theagent’s task is to collect data about the device and respond to requests sent by the manager. The latter directs requests to the agent, acquiring data at specified intervals, and processes the responses it receives. One manager can monitor up to several hundred agents.
Other SNMPcomponents include:
- MIB (Management Information Base), or database – it contains a dictionary that contains variables that describe elements of network devices; an SNMP manager, depending on its privileges, can read and modify such variables,
- OID (Object Identifier) – this is a single variable, which can be, for example, the state of an interface (up or down) or the bandwidth of a port.
SNMP Views, or views, are also available on some devices. These are additional security features to restrict access to the MIB.
Commands used within the SNMP protocol
Communication between the manager and agent is carried out using PDUs (Protocol Data Units). These include the following commands:
- Get Request – a request sent by the manager to read the value of an object from the agent’s MIB database,
- Set Request– a command to make a change in the MIB database,
- GetNext Request – a request for data relating to the next object (in relation to the last retrieved object),
- GetBulk Request – a command to send the manager several values simultaneously,
- Response – response to the manager’s request, containing the read value or confirmation of the change,
- Trap/Inform – a message sent by the agent, concerning changes in the object (for example, failed login, shutting down the port) or exceeding predefined parameters, including the temperature of the device.
Knowledge of such commands is sufficient for effective management and monitoring of the network. They make the use of SNMP very easy. This is one of the factors that make this protocol widely used, including by the CosmicWeb team.
What is SNMP used for?
The SNMP protocol is used to manage various elements of telecommunications networks that communicate via IP address. These include:
- network switches, i.e. switches,
- serial port servers,
- telephone exchanges,
Using SNMP, such equipment can be remotely configured, for example, using an administrator’s workstation. In addition, the protocol allows monitoring systems operating in complex networks, consisting of dozens or hundreds of devices, for a variety of parameters. This includes, for example:
- the number of currently logged-in users,
- CPU load,
- the amount of free space on the hard disk,
- temperature of individual components,
- the speed of data transfer,
- physical status of ports.
Proactive monitoring makes it possible to quickly detect any anomalies or failures and take remedial action. As a result, there is no danger that the network will stop working for an extended period of time, which could cause negative reactions from users.
Versions and security
So far, three versions of SNMP have been created:
- SNMPv1 – under it, the exchange of data between the manager and the agent takes place via community strings, i.e. a string of characters; in this version, one of three types of access rights can be assigned, namely read-only (RO – read only), write-only (WO – write only) or read-write (RW – read and write),
- SNMPv2 – this appeared in 1993; the main changes from version one were the introduction of additional commands (Bulk and Inform), allowing more information to be read simultaneously, and the addition of support for 64-bit systems,
- SNMPv3 – a standard introduced in 1998;the main novelty was that it incorporated extensive security standards.
One of the biggest problems with using the SNMP protocol is cyber security issues. We do not recommend using the first two versions, as they authenticate transmitted packets using an unencrypted string. This makes it easy to intercept messages, risking data leakage and theft.
It is best to use the third version, where it is available:
- authentication using a username and password,
- encryption of transmitted data packets using the DES/3DES or AES algorithm.
For these reasons, it is the last version of SNMP that is eagerly used by administrators. We also use it – at CosmicWeb we always use the most secure protocols.
Advantages of the SNMP protocol
The SNMP protocol is still very popular, even though almost 35 years have passed since its inception. This is determined by the fact that:
- it is easy to use, as it requires a small amount of code,
- itgenerates a low network load, so communication runs smoothly,
- its use does not require high costs, which is due to the fact that a small number of custom commands are formulated.
Another huge advantage is that SNMP allows the administrator to control all network components through a single console, and there is no need to manage each device separately. Also of great importance is that the protocol allows the underlying structure of the system to be hidden, which is important for cyber security reasons.
Such considerations are why our team appreciates the usefulness of SNMP when managing networks, resulting in the fact that we continue to use it in the course of our services. We have extensive experience in this area, which makes our monitoring of IT systems effective and allows us to quickly eliminate threats and sources of failure.