What is SNMP?
The Simple Network Management Protocol (SNMP) was initially designed to manage switches and routers, but its use has expanded so much in recent years that it is now used to monitor or supervise almost any electronic device that can be imagined. It is a protocol primarily intended for controlling network devices from one central location. Today, SNMP monitors and controls various systems, including emergency radio networks, energy distribution systems, automated fare collection systems, military (raised, flat supporting surfaces), television broadcast studios (carried by air), and much more. Microsoft Windows Server 2003 includes SNMP agent software that works with third-party SNMP management software to monitor the status of managed devices and computer programmes (for changes, unusual behaviour, and so on).
SNMP Architecture
Since SNMP is a client/server protocol, SNMP nodes are clients (SNMP managers) or servers (SNMP agents). Network management systems, also known as SNMP managers, play a more critical role in the network. It will actively query and collect messages from the network’s SNMP agents. The agent also has access controls for the agent’s Management Information Base (MIB). MIBs are nothing more than text files, and the values of MIB data objects are the subject of discussion between Managers and Agents. MIBs describe the structure of a device subsystem’s management data; they employ a (related to certain things being ranked above or below others) namespace containing object identifiers (OID). Each MIB object definition has a unique OID; the concept of an OID is similar to the Modbus Register in Modbus Protocol. An OID is a dotted list of integers. For instance, the OID for a data object within the MIB of a specific UPS.
An example of an OID is “upsThreePhaseInputFrequency” is “.1.3.6.1.4.1.935.1.1.1.8.2.1”.
Managers and Agents use OIDs to refer to MIB data objects when communicating.
The act of sending an OID along with a corresponding value (OID, Value) is known as “binding.”
Since SNMP agents are standalone SNMP processes that run on a host, multiple SNMP agents can run simultaneously on a single network node. The SNMP agent acts as a bridge between the manager and the physical device(s) under management.
Various Commands in SNMP protocol
Because of its highly specific commands, SNMP has gained widespread acceptance around the world. Additionally, there are a few commands to keep in mind that are still effective. Here is a list of some SNMP commands:
- GET: These instructions are sent from a Manager to an Agent in order to obtain data values specified by a MIB. The Agent will provide the requested values. It is carried out in order to obtain one or more values from the managed device.
- GET BULK: This operation is used to retrieve a significant amount of information from a substantial MIB table.
- GET NEXT: This is a similar operation to GET. The key distinction is that the GET NEXT operation retrieves the value for the subsequent OID in the MIB tree.
- SET: When an alarm remote is used to operate a relay, a manager can use a SET message to request that the value of a particular variable be changed. Managers use this operation to change or assign the value of a Managed device. The agent will then respond with a GET-RESPONSE message indicating whether or not the change was successful.
- TRAPS: All of the aforementioned commands are started by the SNMP Manager, but TRAPS are started by the agents. When an event occurs, the Agent sends a signal to the SNMP Manager. It is an impromptu command given to the manager regarding a significant event.
- INFORM: Like the TRAP command, INFORM includes confirmation from the SNMP manager that the message has been received.
- RESPONSE: This is the command used to return the value(s) or signal of the SNMP Manager’s actions.
How does communication take place in SNMP?
Since SNMP is a TCP/IP protocol suite component, SNMP messages are first wrapped in the User Datagram Protocol (UDP) and then wrapped and transmitted over the Internet Protocol.
Commands obtain GET/GET NEXT/GET BULK/SET to communicate as shown below.
Various SNMP Versions
- SNMPv1 was the first to be introduced and is still widely used in many areas. It employs the “get,” “getnext,” “getresponse,” “set,” and “trap” operations. Security for SNMPv1 is based on the “community string,” which is sent with every message and serves as a password. The agent will respond only if the Manager includes the correct password in a request to an agent. As a result, the security it offers is inadequate. The community string is not secret or unreadable.
- SNMPv2c: It added the ability to send SMIv2 MIB definitions of type “Counter64” to the protocol. SNMPv2c also adds new messaging operations, such as “getbulk,” “inform,” and “report,” as well as a new “v2trap” operation (which does the same things as the v1 “trap”). It also significantly improved Agents’ error responses. The same community string security is used by SNMPv2c as SNMPv1.
- SNMPv3 is the most recent addition and represents a significant security advancement. One is user authentication, which involves confirming the sender’s identity, whether it’s a manager or agent for an SNMP thing or business. Managers and Agents share information about valid users, and each user is assigned a shared secret key. Another feature is (converting messages to secret code), which allows the message payload to be optionally (converted to secret code) using a second shared key. View Access Control Model (VACM) is an additional security feature. Agents can now be configured to control who has access to which MIB Objects under agent management. For example, User = “Operations Chief” can access critical read-write control data, whereas User = “Plant Monitor” can only access read-only status data.
Each version had the following security aspects:
SNMP v1 – Community–based security
SNMP v2c – Community–based security
SNMP v2u – User-based security
SNMP v2 – Party–based security
SNMP v3 – User-based security
Advantages of SNMP
- The protocol’s reputation is widespread.
- Agents do not interfere with the processing of the supervised system in any way.
- Many standard MIBs are freely available.
- There are numerous products available that support SNMP.
- The protocol is ideal for remote monitoring and control.
Applications
- Device performance monitoring
- Detecting and recovering from device flaws
- Data collection for long-term performance
- Device configuration via remote access
- Remote device control