Simple network management protocol (SNMP)

If an organization has 1000 of devices then to check all devices, one by one everyday, are working properly or not is a hectic task. To ease these up, Simple Network Management Protocol (SNMP) is used.

Simple Network Management Protocol (SNMP) –

SNMP is an application layer protocol which uses UDP port number 161/162.SNMP is used to monitor network, detect network faults and sometimes even used to configure remote devices.

SNMP components –

There are 3 components of SNMP:

1. SNMP Manager –
2. It is a centralised system used to monitor network.It is also known as Network Management Station (NMS)
3. SNMP agent –
4. It is a software management software module installed on a managed device. Managed devices can be network devices like PC, router, switches, servers etc.
5. Management Information Base –
6. MIB consists of information of resources that are to be managed. These information is organised hierarchically. It consists of objects instances which are essentially variables.

SNMP messages –

Different variables are:

1. GetRequest –
2. SNMP manager sends this message to request data from SNMP agent. It is simply used to retrieve data from SNMP agent. In response to this, SNMP agent responds with requested value through response message.
3. GetNextRequest –
4. This message can be sent to discover what data is available on a SNMP agent. The SNMP manager can request for data continously until no more data is left. In this way, SNMP manager can take knowledge of all the available data on SNMP agent.
5. GetBulkRequest –
6. This message is used to retrieve large data at once by the SNMP manager from SNMP agent. It is introduced in SNMPv2c.
7. SetRequest –
8. It is used by SNMP manager to set the value of an object instance on the SNMP agent.
9. Response –
10. It is a message send from agent upon a request from manager. When sent in response to Get messages, it will contain the data requested. When sent in response to Set message, it will contain the newly set value as confirmation that the value has been set.
11. Trap –
12. These are the message send by the agent without being requested by the manager. It is sent when a fault has occurred.
13. InformRequest –
14. It was introduced in SNMPv2c, used to identify if the trap message has been received by the manager or not. The agents can be configured to set trap continuously until it receives an Inform message. It is same as trap but adds an acknowledgement that trap doesn’t provide.

SNMP security levels –

It defines the type of security algorithm performed on SNMP packets. These are used in only SNMPv3. There are 3 security levels namely:

1. noAuthNoPriv –
2. This (no authentication, no privacy) security level uses community string for authentication and no encryption for privacy.
3. authNopriv – This security level (authentication, no privacy) uses HMAC with Md5 for authentication and no encryption is used for privacy.
4. authPriv – This security level (authentication, privacy) uses HMAC with Md5 or SHA for authentication and encryption uses DES-56 algorithm.

SNMP versions –

There are 3 versions of SNMP:

1. SNMPv1 –
2. It uses community strings for authentication and use UDP only.
3. SNMPv2c –
4. It uses community strings for authentication. It uses UDP but can be configured to use TCP.
5. SNMPv3 –
6. It uses Hash based MAC with MD5 or SHA for authentication and DES-56 for privacy.This version uses TCP. Therefore, conclusion is the higher the version of SNMP, more secure it will be.