🌐

SNMP Network Management

Jun 12, 2025

Overview

This lecture explains how SNMP (Simple Network Management Protocol) is used for network device monitoring and management, detailing its components, operation, versions, and security features.

SNMP Overview and Operation

  • SNMP provides a standard protocol to manage network devices like switches, routers, and firewalls, regardless of manufacturer.
  • A central network management console queries devices using SNMP to collect performance and error data.
  • Devices store monitoring data in a Management Information Base (MIB), a structured database.
  • SNMP accesses specific data points in the MIB using Object Identifiers (OIDs).
  • SNMP polling occurs over UDP port 161, allowing regular collection of device status and statistics.

SNMP Versions and Security

  • SNMP version 1 sends data in clear text with no encryption.
  • SNMP version 2 (or 2c) is more efficient but still lacks encryption.
  • SNMP version 3 adds encryption, message integrity, and user authentication for secure communication.

SNMP Structure: MIBs and OIDs

  • MIBs are databases of device status and performance metrics.
  • OIDs are unique numerical identifiers for each variable in the MIB, structured hierarchically.
  • Standardized MIBs (like MIB2) provide common OIDs across devices, while manufacturers can define custom OIDs.
  • MIB documentation may be provided for network management stations to interpret custom OIDs.

SNMP Tools and Data Collection

  • MIB Walkers (e.g., MIB Browser) automate querying all possible OIDs on a device.
  • Retrieved SNMP data can include system ID, contact info, and device statistics.
  • Regular SNMP polling enables building performance graphs and identifying network trends.

SNMP Traps and Alerts

  • SNMP traps are unsolicited alerts sent from a device to the management station (using UDP port 162).
  • Traps notify of specific issues (e.g., excessive CRC errors) immediately, without waiting for the next poll.

SNMP Authentication

  • Community strings (e.g., "public" for read-only, "private" for read-write) act as passwords in SNMP v1/v2c.
  • Multiple community strings can be set for different access levels or trap usage.
  • SNMP v3 uses usernames and hashed passwords for stronger authentication and security.

Key Terms & Definitions

  • SNMP — Simple Network Management Protocol for monitoring and managing network devices.
  • MIB (Management Information Base) — Database holding network device management data.
  • OID (Object Identifier) — Unique numerical identifier for a variable in the MIB.
  • SNMP Trap — Unsolicited alert message sent from a device to the management station.
  • Community String — Password-like value for SNMP v1/v2c device access.
  • MIB Walker — Software tool that retrieves all MIB variables from a device.

Action Items / Next Steps

  • Review device documentation for supported SNMP versions and OID lists.
  • Set up or update SNMP on network management stations, prioritizing SNMP v3 for security.
  • Configure and test SNMP polling intervals and trap settings on key devices.

Full transcript