The Simple Network Management Protocol (SNMP) is designed to assist in the monitoring and control of large networks with many devices. This overview briefly summarizes several key aspects of SNMP.
SNMP’s primary goal is to provide centralized management of networks. It does this via the Manager/Agent model in which the Manager, the central server from which all network operations are coordinated, exchanges UDP packets with monitored agents. Acting as an interface between the network and one or more human operators, the manager maintains logs, dispatches alerts, and creates a variety of reports about network topology and usage. While UDP itself is not a reliable protocol in the same sense that TCP is, UDP is lighter on network resources. Also, since SNMP traffic consists of a large number of events, it is thought that missing a single packet is not as critical, as further requests can be sent to compensate for losses, or that subsequent related events will trigger whatever behavior was desired as a result of the dropped packet.
Any resource which is to be monitored or controlled in an SNMP setup is referred to as an agent. Such resources might include firewalls, switches, wireless access points, and workstations. Each runs an SNMP client that communicates with the central manager.
This communication happens via five SNMP primitives. A manager retrieves information from an agent by either “get” or “get-next,” the difference being that the latter is used in scenarios where multiple values are expected. Managers can also use “set” to, as its name implies, set a value, or behavior on the agent.
Agents respond with only two primitives. “get-response” is used to return some value in response to a manager’s “get” or “get-next.” “trap” immediately grabs the manager’s attention about an alert condition. In this manner, agents can pro-actively alert managers about problems without requiring that the manager take notice first.
These five primitives are the ways in which the manager and agents exchange data. The content of that data is defined in something called the Management Information Base (MIB). Residing on the agent, the content of this database is defined as an internet standard and contains over a thousand distinct objects. The MIB, as such, acts as a dictionary that maps information bundled in the various calls to characteristics of the agent’s hardware.
The MIB is structured as a tree, with its leaves referred to via numeric tags. Structured as long strings of numbers delimited by decimals, these tags are mapped to readable labels in the MIB, and are displayed accordingly in whatever interface is provided by the manager.
Designed in 1988, SNMP inherits a number of weaknesses inherent to most protocols defined at that time. As a result, further versions built upon this basic functionality to provide more secure, robust communication. Introduced in 1994, SNMPv2 added a sixth primitive, “get-bulk,” for retrieving multiple packets without the need for a new command for each. SNMPv3, released in 2004, adds additional functionality to support packet encryption and integrity checks, as well as various enhancements related to remote configuration.
Numerous network management applications are available to control SNMP networks. There are likewise many devices and clients that support the protocol. As such, SNMP represents a simple yet powerful addition to any IT toolkit.