The Simple Network Management Protocol (SNMP) is an Internet Standard protocol that is based on the manager/agent model with a simple request/response format. The network manager issues a request and the managed agents will send responses in return.
Currently, there are three major versions of SNMP: SNMPv1, SNMPv2c, and SNMPv3.
These different generations of SNMP have created a definite fracturing of what was once a simple architecture. Now, you have to consider the multi-generational SNMP versions you have in play and consider mediation devices to convert older SNMP to the newer version.
It is important that you are able to make informed decisions when it comes to your system communication methods. This is why we’ll dive into these SNMP versions and learn the main differences between them.
V1, v2c, and v3 are the principal SNMP protocol versions. Understanding the basic differences between them is key if you have monitoring equipment that supports SNMP.
SNMPv1 is the first version of SNMP. It’s easy to set up, as it only requires a plain text community.
Although it accomplished its goal of being an open, standard protocol, it was found to be lacking in key areas for certain managing applications. For example, it only supports 32-bit counters and has poor security features – a community string is the only security method in the SNMPv1.
Later versions have addressed many of these problems. Smaller RTUs commonly support SNMPv1.
Now, Let’s Take a Look at the SNMPv2c
Designed in 1993, SNMPv2c (where c stands for community) is a sub-version of SNMPv2.
The Get, GetNext, and Set operations used in SNMPv1 are identical as those used in SNMPv2c. However, SNMPv2c’s key advantage over previous versions is the Inform command. Unlike Traps, which are simply received by a manager, Informs are positively acknowledged with a response message. If a manager does not reply to an Inform, the SNMP agent will resend the Inform.
Other advantages include:
* Improved error handling
* Improved SET commands
SNMPv2 security, just like for SNMPv1, comes into the form of community strings. This is a password that your devices will need to able allowed to talk to each other and transfer information when SNMP requests occur.
Also, keep in mind that not all devices are SNMPv2c compliant, so your SNMP manager should be downward compatible with SNMPv1 devices. You can also use an SNMPv3 mediation device to ensure compatibility with earlier versions.
SNMPv3 is the newest version of SNMP. Its management framework features primarily involve enhanced security.
The SNMPv3 architecture introduces the User-based Security Model (USM) for message security and the View-based Access Control Model (VACM) for access control.
SNMPv3 supports the SNMP “Engine ID” Identifier, which uniquely identifies each SNMP entity. Conflicts can occur if two entities have duplicate EngineID’s. The EngineID is used to generate the key for authenticated messages.
SNMP v3 security models come primarily in 2 forms: authentication and encrypting.
Authentication is used to ensure that traps are read by only the intended recipient. As messages are created, they are given a special key that is based on the EngineID of the entity. The key is shared with the intended recipient and used to receive the message.
Privacy encrypts the payload of the SNMP message to ensure that it cannot be read by unauthorized users. Any intercepted traps will be filled with garbled characters and will be unreadable. Privacy is especially useful in applications where SNMP messages must be routed over the Internet.
The SNMPv3 protocol also facilitates the remote configuration of the SNMP agents. It is defined by RFC 1905, RFC 1906, RFC 3411, RFC 3412, RFC 3414, RFC 3415.
The NetGuardian 832A G5 is one example of an RTU that supports SNMPv3.
Are you Struggling through an SNMPv3 Transition?
If now you have to use only secure/encrypted SNMPv3, you need a way to avoid replacing all of your current v1/v2c SNMP network devices. A conversion device allows you to do that. Talk to us about that, this way you can keep your older gear and add SNMPv3 security.
Do You Want to Know More About SNMP?
The Fast Track Introduction to SNMP is a quick, 12-page introduction to SNMP. You’ll learn about traps, message formats, message processing, MIB objects, SNMPv3 security and administration, and other fundamental SNMP concepts.
Download SNMP Tutorial PDF
Get Answers to All of Your SNMP Questions
At DPS, we’re totally focused on remote monitoring, including SNMP protocol. We’ve worked on thousands of projects that involve SNMP in one form or another.
That experience means that we have SNMP experts on staff. Send us a quick online message (or just give us a call) and we’ll answer any SNMP question you have.
Next Page: Field-Tested, Proven SNMP Mediation