What is SNMP & How Do I Use It?
SNMP stands for Simple Network Management Protocol. It is a standard way of monitoring hardware and software from nearly any manufacturer, from Juniper, to Cisco, to Microsoft, UNIX, and everything in between. SNMP requires only a couple of basic components to work: a management station, and an agent.
First, a management station is required. The management station is simply software that collects information from your network. Most management stations will poll your network for information regularly. Management stations range from the very simple to highly complex.
Simple software is usually very feature-limited, but can be freely available and easy to configure. On the other hand, complex systems can manage your entire network. They will also do things like generate reports, perform inventory, and send email or SMS text alerts when systems fail.
Second, the hardware or software that you want to monitor must have an agent running.
The agent collects information, and then sends it to the monitoring station when polled. Agents can also send notification to the management station without being polled, for example if an error is detected.
Agents are usually built-in to your network hardware and software – they simply need to be enabled and configured.
SNMP is very simple, yet powerful. It has the ability to help you manage your network by;
- Provide Read/Write abilities – for example you could use it to reset passwords remotely, or re-configure IP addresses.
- Collect information on how much bandwidth is being used.
- Collect error reports into a log, useful for troubleshooting and identifying trends.
- Email an alert when your server is low on disk space.
- Monitor your servers’ CPU and Memory use, alert when thresholds are exceeded.
- Page or send an SMS text-message when a device fails.
- Can perform active polling, i.e. Monitoring station asks devices for status every few minutes.
- Passive SNMP – devices can send alerts to a monitoring station on error conditions.
Versions and Security
Several versions of SNMP are supported, v1, v2c, and v3. Nearly all monitoring stations support all three versions. So why not simply use the newest version all the time?
Version 1 is the simplest and most basic of the versions, and there may be times where it’s required to support older hardware. But version 2c adds several enhancements to the protocol, such as support for “Informs”. Because of this v2c has become most widely used.
However, a major weakness of v1 and v2c is security. Community strings – the equivalent of passwords – are transmitted in clear text and there is no support for authentication. This creates risk that your community strings could become compromised. This is not good, especially considering the power SNMP has to change device configuration.
SNMP v3 adds a security features that overcome the weaknesses in v1 and v2c, and it should generally be used if possible – especially if you plan to transmit information across unsecured links. However, the extra security makes it much more complex to configure.
Now that you have a good idea about how the protocol operates, you have the foundation needed to implement SNMP in your own infrastructure.