As we query the device, we do this on a regular interval, this is called polling,, what this gives us over time is a baseline, so we know when things become weird.
SNMPv3 offers encryption and authentication
UDP 161 for management
UDP 162 for notifications (TRAP)
SET is reaching out to the device to make a change
GET is when I say "Hey router, how is your CPU doing?"
TRAP - unsolicited notification
CPU levels at 82%, triggers TRAP when a threshold is met.
SNMP Components
SNMP Client
SNMP Server
SNMP Management Information Base
Server is NMS - Network Management Station
SolarWinds is a good example of this.
SNMP clients could be swithces, routers, APs
When a servers talks to the client and sends a query, it needs to references its OID
A unique identifier for different things that you can ask for. That all live inside of this Management Information Base.
SNMP Object ID
"Polling"
Community String
Is simply a password for SNMP
There is what we call the Public, and the Private
Public is Read Only (RO)
Private is Read Write (RW)
By default network devices have SNMP enable and their community string is set as public
Useful for verifying authorized devices in a network.
SNMP Read Only example
Tell the NMS who the router is
Specify IP, Key, RO or RW on the router
Specify IP, Key, RO or RW on the server
We call this a community string
Store results in a Data Base
SNMP Read Write example
You can make changes
Admin logins to NMS and it can push the changes to the device, maybe is a router
/CAP/Network+/Visual%20Aids/Pasted%20image%2020250122154025.png)