SNMP

Simple Network Management Protocol (SNMP) is set of communications specifications for managing network devices, such as bridges, routers, and hubs over a TCP/IP network.

In the SNMP management architecture, one or more computers on the network act as a network management station (NMS) and poll the managed devices to gather information about their performance and status. Each managed device has a software module, known as an agent, which communicates with the NMS.

MIBs

On the agents, information is organized in the form of objects; each object is essentially data about a particular aspect of the managed device, such as the number of packets received or memory utilization statistics. The objects are grouped into a Management Information Base (MIB). By modifying the contents of an MIB, an NMS can change the settings of a managed device and perform actions on the device, such as a reboot.

Traps

The NMS is not the only side that can initiate communication. The managed devices can send notifications, known as traps, to the NMS when certain events occur, such as a shutdown or authentication error.

Communication

Communication between the NMS and the agent take place through the following basic commands:

• Get– NMS reads data from the agent MIB

• Set– NMS writes data to the agent MIB

• Trap– agent notifies NMS when important events occur

• Advanced versions of SNMP include variations of these commands to perform functions that are more specific.

Security

Managed devices can protect their MIBs by granting only specific network management stations access. One way of doing this is through authentication. Managed devices can require that all NMSs belong to a community, the name of which acts as a password that the managed devices use to authenticate management stations attempting to gain access. Additionally, the settings for a community can include access privileges, such as READ-ONLY and READ-WRITE, that are granted to network management stations.

Specifications

Network VirusWall supports SNMP with the following specifications:

• SNMP Agent

  Version	v2
  Access privileges	READ ONLY (the GET command)
  Management Information Base (MIB)	MIB II, with the following standard objects: System group Interfaces group Enterprise group, including system status and memory utilization
  Accepted community names	Community names with the following characteristics: Default name- public Access privileges- READ ONLY (the get command) Maximum number of community names- 5 Maximum length of community name- 31 alphanumeric characters
  Trusted Network Management Stations (NMS)	Allows up to 255 specific network management station IP addresses to access the agent

• SNMP Traps

  Community names	One community name allowed
  Destination Network Management Station (NMS) IP addresses	One NMS IP address allowed per community name
  Generic and Normal Traps	Includes the following: ID Number Trap Name Trap Description* 0 Coldstart Enable SNMP agent 2 Linkdown Network connection is broken 3 Linkup Network connection is established 4 Authentication-failure Wrong user name or password when logging on the terminal interface none NotifyShutdown SNMP agent disabled * Event that triggers Network VirusWall to send the trap