Simple Network Management Protocol (SNMP)

(OBJ .)

An Internet protocol used for collecting information from managed devices on IP networks and modifying device behavior
Managed devices include the following
- Routers
- Switches
- Firewalls
- Printers
- Servers
- Client devices

SET
- Manager-to-agent request to change variable values
GET
- Manager-to-agent request to retrieve variable values
TRAP
- Asynchronous notifications from agents to the manager to notify significant events
- Notify the manager of events such as uptime, configuration changes, and network downtime
- May be granular or verbose
  - Granular
    - Sent TRAP messages get a unique object identifier OID to distinguish each message as a unique message being received
    - OID (Object Identifier)
      - Unique object identifier used to identify variables for reading or setting via SNMP
      - Allows the manager to distinguish individual SNMP trap messages
    - MIB (Management Information Base)
      - A hierarchical namespace containing OIDs and their descriptions
      - Describes the structure of device subsystem management data
      - Stores consolidated information received through SNMP traps
  - Verbose
    - SNMP traps may be configured to contain all of the information about a given alert or event as a payload
- Data in SNMP TRAPS are stored in a simple key-value pair configuration known as a “variable binding”

SNMP versions 1 and 2 use plain-text community strings for access, making them less secure
SNMP version 3 offers enhanced security features
- Security Enhancements in SNMP Version 3
  - Integrity
    - Hashing messages before transmission to prevent data alteration
  - Authentication
    - Validating the source of messages
  - Confidentiality
    - Adding encryption using DES, 3DES, or AES
  - Dividing SNMP components into entities with different access privileges for improved security