Network monitoring is an essential IT task continuously performed on devices on a network to identify any issues and to fix them, ideally before they can affect business operations. Network management tools usually use Simple Network Management Protocol (SNMP) and remote monitoring probes to collect network data and analyze it.
In this blog let’s take a deeper dive into what SNMP is and what it does.
What Is SNMP?
SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). SNMP is mostly used to monitor devices on a network like firewalls, routers, switches, servers, printers and so on. It facilitates the exchange of information between network devices and network management systems (NMS). Those NMS tools use a variety of SNMP messages to monitor and manage the network devices (aka network elements).
How Does SNMP Work?
As mentioned in this TechTarget article, SNMP relies on the concept of a management information base (MIB) which is a database that contains management data (variables) about the status and configuration of a network device. The MIB database is organized hierarchically and is extensible so that SNMP devices can define which variables are available and how they are organized. Every object in the device that can be queried has a unique object identifier (OID).
SNMP allows the NMS to communicate with the network devices by sending messages called protocol data units (PDUs).
There are four main components in an SNMP system.
SNMP Components
- The Manager – An SNMP manager is the network management system (NMS) that is responsible for communicating with the SNMP devices on the network. It generates commands and receives responses from the SNMP agents on the device.
- The Agent – An SNMP agent is software that is bundled with the network device. It receives SNMP requests for information and responds to the manager, and/or gets commands to perform an action, such as reseting a password.
- Network Devices – These are the devices on which the SNMP agents are configured and enabled.
- MIB – Every SNMP agent collects and maintains information about the network device. This information is stored in the MIB database and is used to supply the response to a Manager request.
SNMP Protocol Data Units
Commands or messages sent between SMNP manager and an SNMP agent are usually transported over User Datagram Protocol (UDP) or Transmission Control Protocol/Internet Protocol (TCP/IP) and are known as protocol data units (PDUs).
There are seven basic SNMP PDUs:
- GetRequest: This is a request sent by the SNMP manager to the managed device. Performing this command retrieves one or more values from the managed device.
- GetNextRequest: This request retrieves the value of the next Object Identifier (OID) in the MIB tree.
- An OID is an identifier used to name and point to an object in the MIB hierarchy. Each network device has its own MIB (that includes information such as system status, availability and performance information). Each piece of this information is known as an object and identified by a specific OID.
- GetBulkRequest: The GETBULK operation is normally used for retrieving large amount of data, particularly from large MIB tables.
- Set Request: SNMP SET operation is used by the managers to modify or assign the value of the managed device.
- Traps: TRAPS are alert messages sent to the SNMP manager by the agent when an event occurs.
- InformRequest: This feature allows SNMP agents to send inform requests to SNMP managers. While this sounds similar to SNMP TRAPS, there is no way of knowing whether an SNMP TRAP has been received by the SNMP manager. However, in this case, the inform requests are sent continuously till an acknowledgement of reception is triggered by the SNMP manager.
- Response: This request is used to carry back the values or signal of actions directed by the SNMP manager.
How Is SNMP Implemented?
SNMP is typically implemented using the User Datagram Protocol (UDP), as the transport protocol for passing data between managers and agents.
As this Oracle document on SNMP configuration explains, SNMP usually uses the following user datagram protocol (UDP) ports:
- 161 for the agent
- 162 for the manager
The basic protocol for communications between manager and agent is as follows:
- The manager can send requests from any available port to the agent at port 161. The agent then responds to that source port, to the requesting manager.
- The agent generates traps or notifications and sends them from any available port to the manager at port 162.
SNMP Versions
There are three versions of SNMP, which are SNMPv1, v2, and v3.
SNMPv1 – The first version of the SNMP provided minimum network management functions. SNMPv1 is considerably less secure than SNMPv3 as there is no control as to who on the network is allowed to perform SNMP operations and access the objects in a MIB module. The protocol operations performed through SNMPv1 were Get, GetNext, Set, and Trap.
SNMPv2 – This version failed to improve on security. New protocols included GetBulk and Inform. While this version was more powerful than SNMPv1, it was also more complex.
SNMPv3 – This version introduced enhanced security for managing IT systems and networks. Authentication, access control and encrypted data packages were some of the key components used to significantly enhance the security options in SNMPv3.
SNMPv3 supports the following set of security levels:
- Communication with no authentication and no privacy (noAuthNoPriv) – This means no security is applied to messages, usually used for monitoring
- Communication with authentication and no privacy (authNoPriv) – Messages are authenticated but have no privacy, usually used for control
- Communication with authentication and privacy (authPriv) – All messages are authenticated and encrypted.
Kaseya VSA monitors both VSA-agent-based and agentless (i.e., SNMP) devices on the network, thus allowing IT teams to identify and troubleshoot issues and keep networks and systems up and running.
As organizations grow, so does the complexity of their IT networks. Kaseya VSA enables IT technicians manage these complex networks and maintain a high level of uptime and performance.
You can learn more about Kaseya VSA here or request a demo here.