What is SNMP? Let’s start with what it’s not.
Simple Network Management Protocol (SNMP) is not just another protocol. Far from it. SNMP is a powerful way for different devices on a network to exchange information, regardless of their hardware or software. And here’s the best part: SNMP is here to stay, despite any rumors you might hear.
Imagine a world without SNMP. Network management tools would struggle to identify devices, monitor network performance, track changes, or provide real-time status updates. SNMP is like the secret sauce that makes it all possible.
But let’s be real: SNMP is not without its quirks. Some versions have more drawbacks than others. Yet, it remains an indispensable tool for effective network management. Flaws and all, SNMP is one of the best solutions out there.
Curious to learn more?
In this article, we’ll explore SNMP’s role in network management, delve into different versions of SNMP, and discover how you can effectively and securely use SNMP on your network. So, stick around and let’s unravel the wonders of SNMP together.
🔥 Pro Tip: Looking for a deeper dive? Don’t miss out on our Ultimate Guide to SNMP! 📚😄
SNMP has a simple architecture based on a client-server model.
- The servers, called managers, collect and process information about devices on the network.
- The clients, called agents, are any type of device or device component connected to the network. They can include not just computers, but also network switches, phones, printers, and so on.
Some devices may have multiple device components. For example, a laptop typically contains a wired as well as a wireless network interface.
SNMP data hierarchy
While the SNMP architecture is simple, the data hierarchy the protocol uses can seem complicated if you’re not familiar with it. Fortunately, it’s relatively simple once you understand the philosophy behind it.
To provide flexibility and extensibility, SNMP doesn’t require network devices to exchange data in a rigid format of fixed size. Instead, it uses a tree-like format, under which data is always available for managers to collect.
Multiple tables, referred to as Management Information Bases or MIBs, make up the data tree (or branches, if we stick with the tree metaphor). Each MIB groups together specific types of devices or device components. They have a unique identifying number and string, which can be used interchangeably, similar to how IP addresses and hostnames are used.
Management Information Bases (MIBs)
Each MIB consists of one or more nodes, which represent individual devices or device components on the network. In turn, each node has a unique Object Identifier, or OID. The OID for a given node is determined by the identifier of the MIB on which it exists combined with the node’s identifier within its MIB.
This means OIDs take the form of a set of numbers or strings (again, you can use these interchangeably). An example is:
Written with strings, that OID would translate to:
Using the OID, a manager can query an agent to find information about a device on the network. For example, if the manager wants to know whether an interface is up, it would first query the interface MIB (called the IF-MIB), then check the OID value that reflects operational status to determine whether the interface is up.
Why use OIDs?
The MIB and OID data hierarchy may seem confusing, but there are several important advantages to a system like this. First off, information can be pulled by the manager without having to send an explicit request for the agent to collect it. That reduces overhead and ensures information about the network’s status is always readily available.
Secondly, the system also provides an easy, flexible way to organize many devices across a network. It works no matter how large or small the network is, or what kind of devices are on it.
Thirdly, SNMP also makes it possible to collect large amounts of information quickly without clogging the network with traffic. Information about device status is always available in a simple format and is updated in real-time. This means managers can pull it without waiting for the data to be collected or requiring large data transfers.
Last but not least, it’s worth noting that some OID values are vendor-specific, which makes it easy to gain some information about a device based simply on its OID (Auvik now includes extended OID monitor history!). For example, if an OID starts with 126.96.36.199.4.1.9, it applies to a Cisco device. Other vendors have their own OID specifications. (Wireshark, the open-source network scanner, offers a handy OID lookup tool.) The standard OID prefix, which can be used for almost any device that supports SNMP, is 188.8.131.52.2.
The final important thing to understand about SNMP is that the features available in different versions of the protocol vary widely, especially when it comes to security.
The first version of SNMP—SNMPv1—offers weak security features. Under SNMPv1, managers can authenticate to agents without encryption when requesting information. That means anyone with access to the network could run “sniffing” software to intercept information about the network. It also means an unauthorized device can easily pretend to be a legitimate manager when controlling the network.
As well, SNMPv1 uses certain default credentials, which admins don’t always update, making it easy for unauthorized parties to gain access to sensitive information about the network. Unfortunately, SNMPv1 is still used on a relatively wide basis today because some networks haven’t yet been updated.
SNMPv2, which appeared in 1993, offered some security enhancements, but it was supplanted in 1998 by SNMPv3. Version three remains the most recent version of the protocol and the most secure.
SNMPv3 makes data encryption possible. It also allows admins to specify different authentication requirements on a granular basis for managers and agents. This prevents unauthorized authentication and can optionally be used to require encryption for data transfers.
The bottom line is that, while the security issues in SNMPv1 earned SNMP a bad name in some circles, SNMPv2 and especially SNMPv3 solved those problems. The newer versions of SNMP provide an up-to-date, secure way to monitor the network.
If the poor security in SNMPv1 has you worried, fret not. SNMP is not normally enabled by default on devices. That means that, in most cases, admins have to log in and turn it on in order to make SNMP data available. This requirement reduces the risk of running an insecure SNMP version without realizing it.
This also means that to use SNMP to manage your network, you usually have to enable it first.
Back that up!
And once you’ve enabled and taken the time to properly configure SNMP, don’t forget to back it up! Backups are a routine part of any network maintenance checklist—never miss this step! Automation of backups can not only add peace of mind, but will ensure you’ve always got multiple restore points to choose from.
To test Auvik’s remote management features for yourself, sign up for a free 14-day trial and get full access to your network from the comfort of your desk.
Thanks for such easy explanation.very helpful
Very well explained article. Good one
very nice article. THX
Excellent write-up. I wonder how many networking infrastructures are set up using older versions of SNMP
Very simple explanation and comprehendible. Bravo!
Very clearly explain and helpful. Thanks.
Excellent clear description of a potentially confusing topic. Thank you
This was super, helped me give a straight forward answer to my SNCO lol and I learned something. Thank you
Now o know what SNMP do and why it exists. Thank you !
Thank you very much!
Thank you. I didn’t realize that my HP Network Configuration SNMP Version was v1 and was therefor at risk.