SNMP (Simple Network Management Protocol) is a network management protocol that allows monitoring of managed network devices, including routers, switches, servers, printers, and other devices that are enabled over IP through a single management system/software.
What is SNMP used for?
If a network device supports SNMP, you can enable and configure it to start collecting information and monitoring the number of network devices from a single point.
- Monitoring incoming and outgoing traffic passing through the device
- Detection of network device failures
- Analysis of data collected from devices to identify performance issues
- Remote configuring of compliant devices
- Managing devices remotely connected via SNMP.
SNMP consists of three components:
Network Management Station (NMS) – part of the software that is installed on a PC and checks the devices on the network and how often you specify the information. The built-in NMS manager is responsible for communicating with agents.
The master agent is a program connecting network managers and subagents. It analyzes incoming NMS network manager requests and forwards those to subagents, receives the data, creates a response, and sends it to the manager. The master agent notifies the manager if the request is incorrect, or the requested information is unavailable.
A subagent is a program supplied by the vendor; it is used in a specific management information base (MIB). The subagent collects master agent information, configures master agent parameters, and responds to manager requests. Each component has a corresponding subagent.
Managed Component – network-connected computers or software with a built-in subagent. Such devices include routers, switches, servers, IP video cameras, and telephones. Software with subagents also includes anti-virus and backup systems.
SNMP also includes MIB and OID:
MIB (Management Information Base) is a formatted text file in SNMP Manager that is designed to collect information and organize it in a hierarchical format. The SNMP manager uses the information from the MIB to translate and interpret messages before sending them to the end user.
OID (object ID). The MIB provides its own unique ID that enables identify the device. The OID is the numeric equivalent of a file path; the OID portion contains hardware vendor data, allowing you to get some information about the device.
SNMP – Types of messages
Get: this message the manager sends to the agent to request the value of a certain OID. This request receives a Response message containing all the necessary data.
GetNext: this message allows the manager to request the next sequential object in the MIB. This allows passing through the MIB structure without using OIDs in the queries.
Set: this is the message the manager sends to the agent to change the value of a variable. With Set, you can manage configuration information or otherwise change the state of remote hosts. This is the only write operation that the protocol supports.
GetBulk: this request works like several GetNext queries. The manager will get a response of the mass of the data from the large MIB table.
Response: the agent sends this message to the manager to send the requested data. If the requested data cannot be transmitted, a response will contain an error with additional information. The response message is sent to any of the above requests, as well as the Inform message.
Trap: this message is usually sent by the agent to the manager to provide information about events that occur on managed devices.
Inform: this is the message the manager sends to the agent in response to the trap. If the agent does not receive such a message, it will retry sending trap messages.
SNMP is a simple protocol for sharing information between devices. It helps to set up connections between equipment made by different vendors and using different software. SNMP monitoring remains one of the best solutions for network monitoring today.