Simple Network Management Protocol
Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.
There are three SNMP version available for network management.
Simple Network Management Protocol Version 1
Simple Network Management Protocol Version 2
This is the revised protocol, which includes enhancements of SNMPv1 in the areas of protocol packet types, transport mappings, MIB structure elements but using the existing SNMPv1 administration structure ("community based" and hence SNMPv2c). It is defined in RFC 1901, RFC 1905, RFC 1906, RFC 2578.
Simple Network Management Protocol Version 3
SNMPv3 defines the secure version of the SNMP. SNMPv3 protocol also facilitates remote network monitoring configuration of the SNMP entities. It is defined by RFC 1905, RFC 1906, RFC 3411, RFC 3412, RFC 3414, RFC 3415.
SNMP v1 Community–based security
SNMP v2c Community–based security
SNMP v2u User–based security
SNMP v2 Party–based security
SNMP v3 User–based security
Component of Simple Network Management Protocol
SNMP Manager –
It is a centralized system used to monitor network. It is also known as Network Management Station (NMS)
SNMP agent –
It is a software management software module installed on a managed device. Managed devices can be network devices like PC, router, switches, servers etc.
Management Information Base –
MIB consists of information of resources that are to be managed. These information is organized hierarchically. It consists of objects instances which are essentially variables.
SNMP Message
GetRequest –
SNMP manager sends this message to request data from SNMP agent. It is simply used to retrieve data from SNMP agent. In response to this, SNMP agent responds with requested value through response message.
GetNextRequest –
This message can be sent to discover what data is available on a SNMP agent. The SNMP manager can request for data continuously until no more data is left. In this way, SNMP manager can take knowledge of all the available data on SNMP agent.
GetBulkRequest –
This message is used to retrieve large data at once by the SNMP manager from SNMP agent. It is introduced in SNMPv2c.
SetRequest –
It is used by SNMP manager to set the value of an object instance on the SNMP agent.
Response –
It is a message send from agent upon a request from manager. When sent in response to Get messages, it will contain the data requested. When sent in response to Set message, it will contain the newly set value as confirmation that the value has been set.
Trap –
These are the message send by the agent without being requested by the manager. It is sent when a fault has occurred.
InformRequest –
It was introduced in SNMPv2c, used to identify if the trap message has been received by the manager or not. The agents can be configured to set trap continuously until it receives an Inform message. It is same as trap but adds an acknowledgement that trap doesn’t provide.
SNMP Security Levels
noAuthNoPriv –
This (no authentication, no privacy) security level uses community string for authentication and no encryption for privacy.
authNopriv –
This security level (authentication, no privacy) uses HMAC with Md5 for authentication and no encryption is used for privacy.
authPriv –
This security level (authentication, privacy) uses HMAC with Md5 or SHA for authentication and encryption uses DES-56, AES algorithm.
OID Tree
SNMP OID. OIDs stands for Object Identifiers. OIDs uniquely identify managed objects in a MIB hierarchy. This can be depicted as a tree, the levels of which are assigned by different organizations. Top level MIB object IDs (OIDs) belong to different standard organizations.
SNMP ports are utilized via UDP 161 for SNMP Managers communicating with SNMP Agents and UDP 162 when agents send unsolicited Traps to the SNMP Manager.
Configuration of SNMP
1) Cisco Router SNMPv3
###SNMPv1Configuration###
Device(config)# snmp-server community public
###SNMPv3noAuthNoPriv###
Device(config)# snmp-server group group1 v3 noauth
Device(config)# snmp-server user remoteuser1 group1 remote XX.XX.XX.XX
Device(config)# snmp-server host XX.XX.XX.XX informs version 3 noauth remoteuser config
###SNMPv3authNoPriv###
Device(config)# snmp-server group group2 v3 auth
Device(config)# snmp-server user AuthUser group2 remote XX.XX.XX.XX v3 auth md5 password1
###SNMPv3authPriv###
Device(config)# snmp-server group group3 v3 priv
Device(config)# snmp-server user PrivateUser group3 remote XX.XX.XX.XX v3 auth md5 password1 priv access des56
2) Ubuntu Server SNMPv3
Step 1 : Install the package snmpd
apt-get install snmpd
Step 2 : Before SNMP configuration stop the SNMP service.
service snmpd stop
Step 3 : Configure the SNMP user on server using flowing command.
net-snmp-config --create-v3-user -ro -A my_authpass -X my_privpass -a SHA -x AES myv3user
net-snmp-config --create-v3-user [-ro] [-A authpass] [-X privpass] [-a MD5|SHA] [-x DES|AES] [username]
Note : This command will automatically add information to the /var/lib/snmp/snmpd.conf and /usr/share/snmp/snmpd.conf configuration files.
Step 4 : After the SNMP configuration start the service.
service snmpd start
chkconfig snmpd on
Network Management Server
1) Solarwinds Network Performance Monitor [Link]
2) PRTG Network Monitor from Paessler [Link]
3) ManageEngine OpManager [Link]
4) WhatsUp Gold [Link]
5) Nagios [Link]
6) Zabbix [Link]
7) Incinga [Link]
8) Datadog [Link]
9) ConnectWise Automate [Link]
10) Logic Monitor [Link]
Thanks
UConfigIt
No comments:
Post a Comment