SNMP stands for Simple Network Management Protocol.
What is SNMP used for?
SNMP is used by IT Asset Management applications, such as SmartCenter™, and network monitoring and management solutions to gather data about network devices. These network devices include things such as, network-connected printers and copiers, switches, routers, firewalls, PC’s, Mac’s, Windows Servers, Linux Servers, Network Attached Storage (NAS) devices, Storage Area Networks (SAN) devices, VoIP phones, security cameras, CCTV systems, mobile phones, all the way down to IoT devices like a Raspberry Pi.
A 2020 report from Juniper Research showed that the total number of IoT connections will reach 83 billion by 2024, rising from 35 billion connections in 2020. So what is SNMP used for, the monitoring and management of pretty much everything that connects to a network.
SNMP is ubiquitous within the realm of network management. Without SNMP some of the largest networks, the internet, and telecommunications systems would simply grind to a halt.
As networks have evolved from a few Unix systems in universities to the complexities of the World Wide Web (the Internet) the nature of network management has also changed, SNMP has had to adapt and evolve to meet these changes.
What is SNMP v1?
The original version of SNMP, v1, appeared in 1988 and was simple to configure. It used a clear text ‘community string’ as a way of identifying the type of action you wanted to achieve.
Disadvantages of SNMP v1
- Little, or no, security
- Limited to 32-bit counters
SNMP v1 is pretty much obsolete these days.
What is SNMP v2?
SNMP v2 builds on the initial groundwork of SNMP v1. It was enhanced, with 64-bit counters, to accommodate the growing scale of networks and to improve security.
What most people refer to as SNMP v2 is actually SNMP V2c. The initial release of SNMP v2 had a more complex security structure, which lead to it not being widely adopted. SNMP v2c was introduced to simplify security and widen adoption using the older ‘Community String’ approach to security.
SNMP v2c offers 2 types of community string:-
- A Read Only (r/o) string. Often referred to as the ‘public’ string as the default value set by a large number of vendors was public
- A Read Write (r/w) string. Often referred to as the ‘private’ string as the default value set by a large number of vendors was private
These default values can be changed to whatever you want. They need to be ‘quoted’ along with the SNMP request you are making to the device.
With a lot of devices, you can also restrict the IP Address that they will respond to. i.e. Rather than leave this setting at its default of ‘responding to everyone’ you tie it down to the IP address of your Network Management Solution. (NMS)
SNMP V2c is still the most widely used version and is used to manage very large and complex internal networks. These networks often run into tens of thousands of devices.
What is SNMP v3
SNMP V3 was launched 10 years after the initial introduction of v1, in 1998. SNMP v3 brings authentication, role-based access control, and encryption to the world of SNMP.
- SNMP view so that admins can define exactly what information users can access
- SNMP groups, to make it easier to create categories for bulk actions
- SNMP users who can be added to groups with a pre-defined level of security and access
So, working from the ground up, if you onboard a new member of staff, you can make them an SNMP user, giving them a username and a password, add them to an SNMP group that has pre-customized policies for the SNMP view this group is allowed to have.
SNMP v3 no longer uses, clear text, community strings. Data leakage or tampering is a lot harder because encryption is used for authenticated devices.
Full details of the SNMP Protocols can be found on Wikipedia
Ready to do more for your company? Get in touch with the Almaden team of experts!