Introduction to SNMP
Simple Network Management Protocol (SNMP) is an application layer protocol that monitors and manages network devices through standard framework, general language and corresponding security mechanisms. SNMP can be divided into four parts: Network Management System, SNMP Agent, Network Management Protocol and Management Information Base (MIB).
- Network Management System - A system that sends packets of GetRequest and SetRequest to the Agent by executing network management applications such as adventnet, solarwinds, etc., and receives Response packets from the Agent to manage and monitor network devices.
- SNMP Agent - A network-managed software module running on a managed device. Once the Agent receives request packets from the Network Management System, it will perform Read or Write operations on variables being managed according to the type of the packets and generate a Response packet to return to the Network Management System.
- Network Management Protocol - Network Management System and SNMP Agent are communicating through the Network Management Protocol, and exchanging information in form of SNMP packets. The protocol mainly supports Get, Set and Trap. The Network Management System uses Get messages to request MIB object variables from the Agent and uses Set messages to set the variables. The Agent uses Trap messages to report the event happened to Network Management System.
- Management Information Base (MIB) - An information database maintained by SNMP Agent, which contains specific characteristics of managed network devices, comprises object variables. The object variables can be request or set by the Network Management System.
SNMP Function on Security Device
Security device is designed with a SNMP Agent, which can receive the operation request from the Network Management System and feedback corresponding information of the network and the device.
System supports SNMPv1 protocol, SNMPv2 protocol and SNMPv3 protocol. SNMPv1 protocol and SNMPv2 protocol use community-based authentication to limit the Network Management System to get device information. SNMPv3 protocol introduces an user-based security module for information security and a view-based access control module for access control.
System supports all relevant Management Information Base II (MIB II) groups defined in RFC-1213 and the Interfaces Group MIB (IF-MIB) using SMIv2 defined in RFC-2233. Besides, system offers a private MIB, which contains the system information, IPSec VPN information and statistics information of the device. You can use the private MIB by loading it into an SNMP MIB browser on the management host.
