{"id":497,"date":"2012-02-23T01:46:52","date_gmt":"2012-02-23T01:46:52","guid":{"rendered":"http:\/\/microsoftgeek.com\/?p=497"},"modified":"2012-02-23T01:46:52","modified_gmt":"2012-02-23T01:46:52","slug":"introduction-to-the-simple-network-management-protocol-snmp","status":"publish","type":"post","link":"https:\/\/microsoftgeek.com\/?p=497","title":{"rendered":"Introduction to the Simple Network Management Protocol (SNMP)"},"content":{"rendered":"<p>About maybe 2yrs ago I had to install and configure Dell IT Assistant Manager, which is a dell software product that allows you to manage workstations, servers, network devices&#8230;.etc that are on your LAN\/WAN\/VPN (VPN site to site)\u00a0 This cool product allowed me to view the health status of all our field servers, I managed the OS, applications, and hardware all via SNMP.<\/p>\n<p>In this article we will look at how to use SNMP, the Simple Network Management  Protocol,<\/p>\n<p>SNMP is a popular protocol for network management. It is used for  collecting information from, and configuring, network devices, such as  servers, printers, hubs, switches, and routers on an Internet Protocol  (IP) network. SNMP can collect information such as a server\u2019s CPU level,  Server chassis Temperature\u2026 the list is nearly endless of what you can  do with SNMP if configured properly.<\/p>\n<p>Microsoft Windows Server 2003 provides SNMP agent software that works  with third-party SNMP management software to monitor the status of  managed devices and applications. Many SNMP based network management  software applications come with \u2018client\u2019 software that will install on  your Windows Server 2003 system, some do not. Some network management  suites do not include a client portion of the software and this is where  you may need to install and configure a Server\u2019s SNMP Service.<\/p>\n<h2>Introduction to the Simple Network Management Protocol (SNMP)<\/h2>\n<p>SNMP  was made with one design in mind\u2026 to be simple. SNMP is a simple  protocol that can be used on just about any networking device in use  today. In some environments it\u2019s used heavily, in others it\u2019s scarce.  Some view it as a security threat; others see it as a way to efficiently  manage some of their key systems. However you decide to see it, SNMP is  a easy to use, easy to set up and not very difficult to understand.<\/p>\n<p>The SNMP protocol was designed to provide a &#8220;simple&#8221; method of  centralizing the management of TCP\/IP-based networks \u2013 plain and simple.  If you want to manage devices from a central location, the SNMP  protocol is what facilitates the transfer of data from the client  portion of the equation (the device you are monitoring) to the server  portion where the data is centralized in logs for centralized viewing  and analysis. Many application vendors supply network management  software: IBM\u2019s Tivoli, Microsoft\u2019s MOM and HP Openview are three of  over 100+ applications available today to manage just about anything  imaginable. The protocol is what makes this happen. The goals of the  original SNMP protocols revolved around one main factor that is still in  use today: Remote Management of Devices. SNMP is commonly used to  manage devices on a network.<\/p>\n<h2>SNMP uses UDP<\/h2>\n<p>UDP stands for User Datagram Protocol and is  the opposite of TCP, Transmission Control Protocol which is a very  reliable and high overhead protocol.<\/p>\n<p>User Datagram Protocol is very low overhead, fast and unreliable. It  is defined by RFC 768. UDP is easier to implement and use than a more  complex protocol such as TCP. It does however provide plenty of  functionality to allow a central manager station to communicate with a  remote agent that resides on any managed device that it can communicate  with. The unreliability comes in the form of checks and balances whereas  if TCP sends something, it waits for an acknowledgment and if it  doesn\u2019t hear back, it will resend. Since logging of devices usually  happens within a time period that is cyclic in nature, then it\u2019s common  sense that you missed the event and you\u2019ll catch it next time\u2026 the  tradeoff being that the low overhead protocol is simple to use and  doesn\u2019t eat up all your bandwidth like TCP based applications going  across your WAN.<\/p>\n<h2>SNMP Operation<\/h2>\n<p>SNMP design is pretty simple. There are two  main players in SNMP. The manager and the agent. The manager is  generally the \u2018main\u2019 station such as <em>HP Openview<\/em> and <em>Dell IT Assistant<\/em>. The agent would be the  SNMP software running on a client system you are trying to monitor such as <em>Dell Server Manager <\/em>(this was the agent that was on our field servers).<\/p>\n<p><img decoding=\"async\" src=\"http:\/\/www.windowsnetworking.com\/img\/upl\/11116421307703.gif\" border=\"0\" alt=\"\" hspace=\"0\" align=\"bottom\" \/><\/p>\n<p>The manager is usually a software program running on a workstation or  larger computer that communicates with agent processes that run on each  device being monitored. Agents can be found on switches, firewalls,  servers, wireless access points, routers, hubs, and even users&#8217;  workstations \u2013 the list goes on and on. As seen in the illustration, the  manager polls the agents making requests for information, and the  agents respond when asked with the information requested.<\/p>\n<h2>Network Management Station (NMS)<\/h2>\n<p>The manager is also called a  Network Management Station or NMS for short. The software used to  create the NMS varies in functionality as well as expense. You can get  cheaper applications with lesser functionality or pay through the nose  and get the Lamborghini of NMS systems. Other functionalities of the NMS  include reporting features, network topology mapping and documenting,  tools to allow you to monitor the traffic on your network, and so on.  Some management consoles can also produce trend analysis reports. These  types of reports can help you do capacity planning and set long-range  goals.<\/p>\n<h2>SNMP Primitives<\/h2>\n<p>SNMP has three control primitives that  initiate data flow from the requester which is usually the Manager.  These would be get, get-next and set. The manager uses the <em>get<\/em> primitive to get a single piece of information from an agent. You would  use get-next if you had more than one item. When the data the manager  needs to get from the agent consists of more than one item, this  primitive is used to sequentially retrieve data; for example, a table of  values. You can use set when you want to set a particular value. The  manager can use this primitive to request that the agent running on the  remote device set a particular variable to a certain value. There are  two control primitives the responder (manager) uses to reply and that is  get-response and trap. One is used in response to the requester&#8217;s  direct query (get-response) and the other is an asynchronous response to  obtain the requester&#8217;s attention (trap). As I mentioned earlier, I  alluded to the fact that the manager doesn\u2019t always initiate \u2013 sometimes  the agent can as well. Although SNMP exchanges are usually initiated by  the manager software, this primitive can also be used when the agent  needs to inform the manager of some important event. This is commonly  known and heard of as a \u2018trap\u2019 sent by the agent to the NMS.<\/p>\n<h2>The Management Information Base (MIB)<\/h2>\n<p>We just learned what  primitives were\u2026 the agent and the manager, exchanging data. The data  they exchange also has a name. The types of data the agent and manager  exchange are defined by a database called the management information  base (MIB).The MIB is a virtual information store. Remember, it is a  small database of information and it resides on the agent. Information  collected by the agent is stored in the MIB. The MIB is precisely  defined; the current Internet standard MIB contains more than a thousand  objects. Each object in the MIB represents some specific entity on the  managed device.<\/p>\n<h2>SNMPv2 and SNMPv3<\/h2>\n<p>With all TCP\/IP related protocols, it\u2019s a  well known fact that anything dating before the creation of IPv6 (or  IPng) has security weaknesses such as passwords sent in cleartext. SNMP  in its original form is very susceptible to attack if not secured  properly, messages sent in cleartext exposing community string  passwords, or default passwords of public and private being \u2018guessed\u2019 by  anyone who knew how to exploit SNMP\u2026 beyond its inherent weaknesses  SNMP in its original implementation\u00a0is still very simple to use and has  been widely used throughout the industry. SNMP in its first version  lacked encryption or authentication mechanisms. So, now that SNMP in its  first version was good enough, work began to make it better with SNMPv2  in 1994. Besides for some minor enhancements, the main updates to this  protocol come from the two new types of functionality, where traps can  be sent from one NMS to another NMS as well as a \u2018get-bulk\u2019 operation  that allows larger amounts of information to be retrieved from one  request. SNMPv3 still being worked on and is incorporating the best of  both versions and enhanced security as well. SNMPv3 provides secure  access to devices by a combination of authenticating and encrypting  packets over the network. The security features provided in SNMPv3 are  message integrity which ensures that a packet has not been tampered with  while in transit, authentication which is determining the message is  from a valid source and encryption, which is the securing of the packet  by scrambling its contents.<\/p>\n<h2>Summary<\/h2>\n<p>In this article we covered the basics of SNMP, the Simple Network  Management Protocol, versions 1, 2 and 3. We also covered some of the  terminology used such as MIBs, traps and so on.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>About maybe 2yrs ago I had to install and configure Dell IT Assistant Manager, which is a dell software product that allows you to manage workstations, servers, network devices&#8230;.etc that are on your LAN\/WAN\/VPN (VPN site to site)\u00a0 This cool product allowed me to view the health status of all our field servers, I managed [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-497","post","type-post","status-publish","format-standard","hentry","category-networking-stuff"],"_links":{"self":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/497","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=497"}],"version-history":[{"count":1,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/497\/revisions"}],"predecessor-version":[{"id":498,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/497\/revisions\/498"}],"wp:attachment":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=497"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}