SNMP
Last updated
Last updated
Simple Network Management Protocol (SNMP) is an application layer protocol designed specifically for managing and monitoring network devices. Simple Network Management Protocol (SNMP) is a popular protocol for network management. It is used for collecting information from and configuring network devices such as servers, printers, hubs, switches, and routers on an Internet Protocol (IP) network. SNMP is used to exchange management information between a network management system (NMS) and a network device. A manager station can manage and monitor the switch through their network via SNMPv1, v2c and v3. An SNMP managed network consists of two components: agents and a manager.
An agent translates the local management information from the managed switch into a form that is compatible with SNMP. SNMP allows a manager and agents to communicate with each other for the purpose of accessing Management Information Bases (MIBs). SNMP uses an extensible design, where the available information is defined by MIBs. MIBs describe the structure of the management data of a device subsystem; they use a hierarchical namespace containing Object Identifiers (OID). Each OID identifies a variable that can be read or set via SNMP.
The manager is the console through which network administrators perform network management functions.
Several versions of SNMP are supported. They are v1, v2c, and v3. SNMPv1, which is defined in RFC 1157. "A Simple Network Management Protocol (SNMP)" is a standard that defines how communication occurs between SNMP-capable devices and specifies the SNMP message types. Version 1 is the simplest and most basic of versions. There may be times when it's required to support older hardware. SNMPv2c is defined in RFC 1901 "Introduction to Community-Based SNMPv2," RFC 1905 "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", and RFC 1906 "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)." SNMPv2c updates protocol operations by introducing a GetBulk request and authentication based on community names. Version 2c adds several enhancements to the protocol such as support for "Informs." Because of this, v2c has become the most widely used version. Unfortunately, a major weakness of v1 and v2c is security. To combat this, SNMP v3 adds security features that overcome the weaknesses in v1 and v2c. If possible, it is recommended that you use v3, especially if you plan to transmit sensitive information across unsecured links. However, the extra security feature makes configuration a little more complex.
In SNMPv3, User-based Security Model (USM) authentication is implemented along with encryption, allowing you to configure a secure SNMP environment. The SNMPv3 protocol uses different terminology than SNMPv1 and SNMPv2c as well. In the SNMPv1 and SNMPv2c protocols, the terms agent and manager are used. In the SNMPv3 protocol, agents, and managers are renamed to entities. With the SNMPv3 protocol, you create users and determine the protocol used for message authentication as well as if data transmitted between two SNMP entities is encrypted.
The SNMPv3 protocol supports two authentication protocols: HMAC-MD5-96 (MD5) and HMAC-SHA-96 (SHA). Both MD5 and SHA use an algorithm to generate a message digest. Each authentication protocol authenticates a user by checking the message digest. In addition, both protocols use keys to perform authentication. The keys for both protocols are generated locally using the Engine ID and the user password to provide even more security.
In SNMPv1 and SNMPv2c, user authentication is accomplished using types of passwords called community strings, which are transmitted in clear text and not supported by authentication. Users can assign views to community strings that specify which MIB objects can be accessed by a remote SNMP manager.
The default community strings for the switch used for SNMPv1 and SNMPv2c management access for the switch are public, which allows authorized management stations to retrieve MIB objects, and private, which allows authorized management stations to retrieve and modify MIB objects.
Simple Network Management Protocol (SNMP) is an OSI Layer 7 (application layer) protocol designed specifically for managing and monitoring network devices. The SNMP agents maintain a list of variables that are used to manage the device. The variables are defined in the Management Information Base (MIB), which provides a standard presentation of the information controlled by the on-board SNMP agent.
Status: Choose "Enabled" or "Disabled" for this option.
Engine ID: SNMP engine ID is used to uniquely identify an SNMPv3 entity in a management domain. The length of the Engine ID should be even, allowing 10~64 hex letters; by default, an SNMP engine ID consists of an enterprise number and individual device information.
Click the Apply button to apply the changes or the Reset button to discard them.
Click the Add button to add an user.
Click the Add button to add an entry in the list:
Click the Add button to add an entry in the list:
Click the Add button to add an entry in the list:
Click the Edit button to edit the entry:
Click the Delete button to remove the entry:
Click the Add button to add an entry in the list:
Click the Add button to add an entry in the list:
Click the Add button to add an entry in the list:
Click the Add button to add an entry in the list:
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Item
Description
User Name
Shows SNMP user names.
Privilege Mode
Shows corresponding privilege mode for the user.
Authentication Protocol
Shows corresponding authentication protocol used by the user.
Encryption Protocol
Shows corresponding encryption protocol used by the user.
Item
Description
Community Name
Shows SNMP community name.
Security Name
Shows corresponding security method/name for the community.
Transport Tag
Shows corresponding transport tag for the community.
Item
Description
Group Name
Shows SNMP group name.
Security Mode
Shows corresponding security mode for the group.
Security Name
Shows corresponding security method/name for the group.
Item
Description
Group Name
Shows SNMP group name.
Security Mode
Shows corresponding security mode for the group.
Privilege Mode
Shows corresponding privilege mode for the group.
Read View
Shows permission mode for read view.
Write View
Shows permission mode for write view.
Notify View
Shows permission mode for notify view.
Item
Description
View Name
Shows SNMP view name.
Subtree OID
Shows corresponding subtree OID.
Subtree Mask
Shows corresponding subtree mask.
View Type
Shows corresponding view type to be included/excluded.
Item
Description
Target Parameter Name
Shows target parameter name.
Message Processing Model
Shows corresponding message processing model. (v1, v2c, or v3)
Security Mode
Shows corresponding security mode (v1, v2c, or v3).
Security Name
Shows corresponding security name.
Privilege Mode
Shows corresponding privilege mode.
Item
Description
Target Address Name
Shows target address name.
IP Address
Shows corresponding IP address.
UDP Port
Shows corresponding UDP port.
Timeout
Shows corresponding timeout value.
Retry
Shows corresponding retry times.
Tag Identifier
Shows corresponding tag identifier.
Target Parameter
Shows corresponding target parameter.
Item
Description
Notify Name
Shows corresponding Notify name.
Tag Identifier
Shows corresponding Tag Identifier; a tag is used to define a set of target addresses to receive the notification.
Notify Type
Shows corresponding Notify type (Traps or Infroms)
