Simple Network Management Protocol (SNMP)

Simple Network Management Protocol (SNMP) is an internet protocol of the OSI Application layer 7. It collects and organizes information about managed devices on IP networks and modifies that information to change device behavior.

SNMP is widely used for network management and network monitoring. It provides information about network resources such as cable modems, routers, switches, servers, workstations, printers, hosts, devices, shares, etc. and network information such as ARP tables, routing tables, traffic, etc.

SNMP consists of a manager and an agent; agents are embedded on every network device, and the manager is installed on a separate computer.

SNMP holds two passwords to access and configure the SNMP agent from the management station:

  • Read community string: It is public by default; allows viewing of device/system configuration
  • Read/write community string: It is private by default; allows remote editing of configuration

There has been different SNMP versions:

  • SNMPv1
  • SNMPv2
  • SNVMPv3

SNMP Messages

Featurev1v2v3
GetYesYesYes
GetNextYesYesYes
GetBulkNoYesYes
SetYesYesYes
TrapYesYesYes
InformNoYesYes
Community stringsYesYesNo
User based securityNoNoYes
Message authenticationNoNoYes
Message encryptionNoNoYes

SNMP Authentication and Encryption

One of the main problems with using SNMP v1 and v2 is the cleartext “community string” that it uses to authenticate. It is easy to sniff and reuse. Most times, the SNMP community string is shared throughout the organization’s servers and routers, making this authentication problem a serious threat to security.

SNMP version 3 (SNMPv3) provides secure authentication and encryption features.

It supports authentication using HMAC-SHA (Hashed Message Authentication Code with Secure Hash Algorithm) and encryption using AES (Advanced Encryption Standard).

You might be interested in…

External References

Leave a Reply

Your email address will not be published. Required fields are marked *