ND&M Assignment on SNMP 05180234

History of SNMP
Managing all devices in a network is a tough job for a single administrator or even for a group
because simply making sure they are up and running doesn’t mean the network is working
good but they also have to study the performance and optimize the network accordingly. Due
to this inconvenience, SNMP, which stands for Simple Network Management Protocol was
introduced in 1988 to meet the growing need for a standard for managing IP devices.
SNMP, is a protocol that lets us manage and monitor managed network devices including
routers, switches, servers, printers and other devices that are in an IP based network with the
help of management system or software. This runs on Application layer when it is referred
from OSI layer.
What SNMP actually do?
✓ Monitor inbound and outbound traffic flowing through the network devices.
✓ Fault detection in a network device along with alert or notifications.
✓ Analyzing data collected from network devices to identify bottlenecks and performance
issues (Baselining).
✓ Has the ability to allow administrators to remotely access, control and configure
compatible devices connected via SNMP.

Basics about SNMP

Components that allow SNMP to work correctly are:
✓ SNMP Manager (Network Management System)
The Manager component is simply a piece of software that is installed on a machine that
polls devices on your network.
The Manager has the correct credentials to access information stored by Agents and then
compiles them in a readable format for the admin to monitor or diagnose for problems or
bottleneck.
✓ SNMP Agents
The Agent is a piece of software that is bundled with the network device that, when
enabled and configured, does all the job for the manager by compiling and gathering all
the data into MIB.
✓ SNMP port
The manager software polls the agent at regular interval over UDP Port 161
Traps allow Agents to send system and device information to the manager over UDP
Port 162
Secure SNMP uses UDP Ports 10161 and 10162 (traps).
Note: UDP is common protocol used by SNMP but TCP ports can also be used.

1
ND&M Assignment on SNMP 05180234

✓ Managed devices (includes server, switches, routers, etc.)

All the network devices have agent software built into them that needed to be either
enabled and configured in order to be polled by the NMS.
✓ MIB (Management Information Database)
MIB files are the set of Questions that a manager is allowed to ask the agents.
The Agent just collects these questions and stores them locally and serves them to the
NMS when requested.
The managed device’s agent then responds with an answer to the question asked by the
manager.

Manager asks question

Agent answers the Question with some value

Agent
Manager

✓ OID (Object Identifier)

OID is simply a number made up of MIB, Object of interest and the Instance. Each
identifier is unique to the device, and when queried will provide information on what OID
has been requested.
✓ Traps
Traps are used when the device need to alert the Network Management Software of an
event without being polled. It ensures that the NMD gets the information if a certain event
occurs on the device that needs to be recorded without being polled by the NMS first.

Different versions of SNMP

SNMPv1. (1988)
✓ This is the initial version of SNMP protocol.
✓ It’s defined in RFCi (Request for Comment) 1157 and is a historical
IETFii (Internet Engineering Task Force) standard.
✓ The security in this version is based communities which are nothing but
passwords which are plain-text strings.
✓ The communities include read-only, read-write and trapiii.

2
ND&M Assignment on SNMP 05180234

SNMPv2. (1993)
✓ Often referred to as community-string-based and technically called
SNMPv2c.
✓ Improvement over v1 which includes transport mapping, MIB structure
elements and most importantly, improved authentication and security
updates.
✓ However, it still used community strings like the v1 which was still
under security risks.

SNMPv3. (1998)
✓ This is the latest version which contributes mainly in the field of
security.
✓ This version adds support for strong authentication and private
communication between managed entitiesiv.
✓ 3 levels of authentication were implemented:
• NoAuthNoPriv: Data sent over this mode had no user
authentication and encryption of data.
• AuthNoPriv: User authentication is used but not encryption
over the data sent.
• AuthPriv: This is the most secure mode as it uses both user
authentication as well as data encryption.

3
ND&M Assignment on SNMP 05180234

Reference
O’Reilly. Chapter 1. Introduction to SNMP and Network Management. Retrieved from
https://www.oreilly.com/library/view/essential-snmp-2nd/0596008406/ch01.html
Parker, J. (2020). What is SNMP? Basic Tutorial on NMS, MIBs, OIDs, Traps & Agents.
Retrieved from
https://www.pcwdld.com/what -is-snmp-and-tutorial/

i
RFCs are specifications for many protocols that exist in the IP world.
ii
IETF is responsible for defining the standard protocols that govern the internet traffic, including the SNMP.
iii
Trap is a way for the agent to tell the network management system that something has happened.
iv
Entities include managers and agents: Managers are simply the server running some kind of software that
handles the network management task and agents are piece of software that runs on the network device that you
are managing.