Simple Network Management Protocol (SNMP) is an internet protocol of the OSI Application layer 7. It collects and organizes information about managed devices on IP networks and modifies that information to change device behavior.
SNMP is widely used for network management and network monitoring. It provides information about network resources such as cable modems, routers, switches, servers, workstations, printers, hosts, devices, shares, etc. and network information such as ARP tables, routing tables, traffic, etc.
SNMP consists of a manager and an agent; agents are embedded on every network device, and the manager is installed on a separate computer.
SNMP holds two passwords to access and configure the SNMP agent from the management station:
- Read community string: It is public by default; allows viewing of device/system configuration
- Read/write community string: It is private by default; allows remote editing of configuration
SNMP Authentication and Encryption
One of the main problems with using SNMP v1 and v2 is the cleartext “community string” that it uses to authenticate. It is easy to sniff and reuse. Most times, the SNMP community string is shared throughout the organization’s servers and routers, making this authentication problem a serious threat to security.
SNMP version 3 (SNMPv3) provides secure authentication and encryption features.
It supports authentication using HMAC-SHA (Hashed Message Authentication Code with Secure Hash Algorithm) and encryption using AES (Advanced Encryption Standard).
You might be interested in…
- Wikipedia community; “Simple Network Management Protocol“; Wikipedia
- ISACA; “CISM Review QA&E Manual 9th Edtion”, S3-215; ISACA