Category: SNMP

SNMP: Security

SNMPv3 added security to the existing SNMPv2 and SNMPv2c specifications.  SNMPv3 added authentication and encryption.  SNMPv3 uses MD5 and Secure Hash Algorithm (SHA) to create a message digest for each SNMPv3 protocol message.  This allows SNMPv3 to prevent data modification for man in the middle attacks, and masquerade attacks.  SNMPv3 Managers and Agents can also use Digital Encryption Standard (DES) to encrypt the messages providing better privacy.

snmpsecurity.PNG

SNMP: Protocol Messages

SNMP Messages define how SNMP Managers communicate with SNMP Agents to retrieve the desired information.  SNMP uses UDP exclusively for transport, using SNMP Response messages to acknowledge receipt of other protocol messages and supply SNMP information.

snmpmessage

The three SNMP GET messages and the SNMP Response messages are typically used when there is an SNMP Manager asks for information from the Agent.  The SNMP Manager sends one of the three types of GET messages, and the Agent replies with an SNMP Response message. An Agents entire MIB can be discovered with successive GETNEXT requests or with a GETBULK request using a process called a MIB Walk.

SNMP SET messages allow managers to change something for agents.

SNMP Traps are unsolicited messages sent by SNMP Agents to their configured management station.

SNMP INFORM Messages allows two SNMP managers to exchange MIB information about agents they both manage.

SNMP

SNMP or Simple Network Management Protocol, uses network devices (SNMP Agents) that contain information management software (SNMP Manager) wants to display or report on to someone operating the network.

SNMP Agents contain a database of information called the Management Information Base (MIB), the MIB holds a large amount of information regarding the status of various components of the SNMP Agent.  The SNMP Manager collects the data from the Agent via SNMP.

Here are the four core functions of SNMP:

  • Data Definition: the syntax used for how data is defined to an agent of manager, the specifications used for these standard conventions is called the Structure of Management Information (SMI)
  • MIBs: More than 100 internet standards define MIBs, each for a different technology are with countless vender proprietary MIBs as well.  the MIB definitions conform to the appropriate SMI version.
  • Protocols: The messages used by agents and managers to exchange management data.
  • Security Administration: Definitions for how to secure the exchange of data between SNMP Agents and SNMP Managers.

SNMP has evolved over the years and with the four functional areas defined helped to promote that evolution, here is a summary of the various SNMP versions to date:

snmpversion.PNG