Simple Network Management Protocol (SNMP) is set of communications specifications for managing network devices, such as bridges, routers, and hubs over a TCP/IP network.
In the SNMP management architecture, one or more computers on the network act as a network management station (NMS) and poll the managed devices to gather information about their performance and status. Each managed device has a software module, known as an agent, which communicates with the NMS.
On the agents, information is organized in the form of objects; each object is essentially data about a particular aspect of the managed device, such as the number of packets received or memory utilization statistics. The objects are grouped into a Management Information Base (MIB). By modifying the contents of an MIB, an NMS can change the settings of a managed device and perform actions on the device, such as a reboot.
The NMS is not the only side that can initiate communication. The managed devices can send notifications, known as traps, to the NMS when certain events occur, such as a shutdown or authentication error.
Communication between the NMS and the agent take place through the following basic commands:
Get– NMS reads data from the agent MIB
Set– NMS writes data to the agent MIB
Trap– agent notifies NMS when important events occur
Advanced versions of SNMP include variations of these commands to perform functions that are more specific.
Managed devices can protect their MIBs by granting only specific network management stations access. One way of doing this is through authentication. Managed devices can require that all NMSs belong to a community, the name of which acts as a password that the managed devices use to authenticate management stations attempting to gain access. Additionally, the settings for a community can include access privileges, such as READ-ONLY and READ-WRITE, that are granted to network management stations.
Network VirusWall supports SNMP with the following specifications:
SNMP Agent
Version
v2
Access privileges
READ ONLY (the GET command)
Management Information Base (MIB)
MIB II, with the following standard objects:
System group
Interfaces group
Enterprise group, including system status and memory utilization
Accepted community names
Community names with the following characteristics:
Default name- public
Access privileges- READ ONLY (the get command)
Maximum number of community names- 5
Maximum length of community name- 31 alphanumeric characters
Trusted Network Management Stations (NMS)
Allows up to 255 specific network management station IP addresses to access the agent
SNMP Traps
Community names
One community name allowed
Destination Network Management Station(NMS) IP addresses
One NMS IP address allowed per community name
Generic and Normal Traps
Includes the following:
ID Number
Trap Name
Trap Description*
0
Coldstart
Enable SNMP agent
2
Linkdown
Network connection is broken
3
Linkup
Network connection is established
4
Authentication-failure
Wrong user name or password when logging on the terminal interface
none
NotifyShutdown
SNMP agent disabled
* Event that triggers Network VirusWall to send the trap