Simple network management protocol (SNMP)
If an organization has 1000 of devices then to check all devices, one by one everyday, are working properly or not is a hectic task. To ease these up, Simple Network Management Protocol (SNMP) is used.
Simple Network Management Protocol (SNMP)
SNMP is an application layer protocol which uses UDP port number 161/162.SNMP
is used to monitor network, detect network faults and sometimes even used to
configure remote devices.
SNMP components
There are 3 components of SNMP:
1.
SNMP Manager
It is a centralised system used to monitor network.It is also known as Network
Management Station (NMS)
2.
SNMP agent
It is a software management software module installed on a managed device.
Managed devices can be network devices like PC, router, switches, servers etc.
3.
Management Information Base
MIB consists of information of resources that are to be managed. These information
is organised hierarchically. It consists of objects instances which are
essentially variables.
SNMP messages
Different variables are:
1.
GetRequest
SNMP manager sends this message to request data from SNMP agent. It is simply
used to retrieve data from SNMP agent. In response to this, SNMP agent responds
with requested value through response message.
2.
GetNextRequest
This message can be sent to discover what data is available on a SNMP agent.
The SNMP manager can request for data continously until no more data is left.
In this way, SNMP manager can take knowledge of all the available data on SNMP
agent.
3.
GetBulkRequest
This message is used to retrieve large data at once by the SNMP manager from
SNMP agent. It is introduced in SNMPv2c.
4.
SetRequest
It is used by SNMP manager to set the value of an object instance on the SNMP
agent.
5.
Response
It is a message send from agent upon a request from manager. When sent in
response to Get messages, it will contain the data requested. When sent in
response to Set message, it will contain the newly set value as confirmation
that the value has been set.
6.
Trap
These are the message send by the agent without being requested by the manager.
It is sent when a fault has occurred.
7.
InformRequest
It was introduced in SNMPv2c, used to identify if the trap message has been
received by the manager or not. The agents can be configured to set trap
continuously until it receives an Inform message. It is same as trap but adds
an acknowledgement that trap doesnt provide.
SNMP security levels
It
defines the type of security algorithm performed on SNMP packets. These are
used in only SNMPv3. There are 3 security levels namely:
1.
noAuthNoPriv
This (no authentication, no privacy) security level uses community string for
authentication and no encryption for privacy.
2. authNopriv This security level (authentication, no privacy) uses HMAC with Md5 for authentication and no encryption is used for privacy.
3. authPriv This security level (authentication, privacy) uses HMAC with Md5 or SHA for authentication and encryption uses DES-56 algorithm.
SNMP versions
There are 3 versions of SNMP:
1.
SNMPv1
It uses community strings for authentication and use UDP only.
2.
SNMPv2c
It uses community strings for authentication. It uses UDP but can be configured
to use TCP.
3.
SNMPv3
It uses Hash based MAC with MD5 or SHA for authentication and DES-56 for
privacy.This version uses TCP. Therefore, conclusion is the higher the version
of SNMP, more secure it will be.