6709

Get a Live Demo

You need to see DPS gear in action. Get a live demo with our engineers.

White Paper Series

Check out our White Paper Series!

A complete library of helpful advice and survival guides for every aspect of system monitoring and control.

DPS is here to help.

1-800-693-0351

Have a specific question? Ask our team of expert engineers and get a specific answer!

Learn the Easy Way

Sign up for the next DPS Factory Training!

DPS Factory Training

Whether you're new to our equipment or you've used it for years, DPS factory training is the best way to get more from your monitoring.

Reserve Your Seat Today

How to Use SNMP Protocol for Remote Device Management

By Andrew Erickson

March 12, 2023

Share: 

The Simple Network Management Protocol (SNMP) is a widely used protocol for managing, monitoring, and maintaining network-connected devices. Its primary purpose is to allow IT administrators and outside-plant (OSP) managers to monitor various components of the network remotely and take corrective action when needed.

SNMP enables remote monitoring and management of network devices by collecting data through Object Identifiers (OIDs). Monitoring tools can be configured to send alerts based on the values obtained from these OIDs.

Many monitoring tools offer pre-configured templates which automatically recognize and begin monitoring SNMP variables on various devices. By leveraging SNMP with a capable monitoring tool, IT administrators can ensure proactive network management, responding promptly to issues and optimizing operational efficiency.

Why has SNMP become such a popular protocol?

SNMP is a widely used protocol because it is very efficient, cost-effective, and easy to manage.

It's also an "open" protocol, meaning that all of the rules and parameters are published for use by any manufacturer. That creates a thriving ecosystem of devices that support SNMP. As its popularity increased, users became more and more interested in buying devices that use SNMP. Manufacturers adapted to meet this demand, and this reinforcing cycle continued until SNMP became a global standard.

SNMP manager-agent model
SNMP allows communication between many remote "agents" and your central "manager". There are a variety of message types, which I'll walk you through.

This stands in contrast to how things used to be, with each manufacturer producing their own secret "proprietary" protocol. The goal in those days, for some equipment manufacturers at least, was to create their own protocol as a means to trap you within their "walled garden" of a product ecosystem. Once your organization built up an investment in one particular brand of equipment, it was difficult to justify throwing it all away and starting over.

DPS was an early player in unwinding this problem. Much of our business was built on engineering compatibility for proprietary and legacy protocols into our SNMP master station. Virtually all of our alarm remotes (RTUs) support SNMP to be compatible with any SNMP manager that you care to use.

What is the basic structure of the SNMP protocol for machine-to-machine (M2M) communication?

There are two classes of devices in any SNMP-based system:

  1. SNMP agents: individual devices that communicate their status back to a central monitoring server)
  2. SNMP manager(s): The central monitoring server that collects messages from your individual SNMP agents. You might have more than one for redundancy in mission-critical networks and/or for load distribution in very large networks.

SNMP works by sending out "GET" requests to devices that are connected to the network. The device can then response back with an acknowledgement of the request or a "TRAP" message (an unusual name, but it simply means "message") that details what has changed on the device.

This process is done automatically ("asynchronously") when important events occur.

That's how SNMP supports management of fault detection and correction. By sending a trap message when a problem is detected on a network-connected device, administrators can quickly take corrective action before any further issues occur.

For some devices, trap messages can also be scheduled to occur at specific intervals. This can be useful for "heartbeat"/"keep-alive" functions or to, for example, allow your SNMP manager to record the reading from a temperature sensor at regular intervals.

The "community string" is another SNMP concept that supports segmentation of SNMP messaging in complex networks. The default for nearly every device is "public". If you assign

The Management Information Base (MIB) is an integral part of the basic structure of the SNMP Protocol and is critical for machine-to-machine communication. The MIB acts as a structured database or a hierarchical collection of information. It defines the structure of the data that can be retrieved or managed on a device.

On more recent devices, SNMP also allows for the automatic configuration of devices on the network. By sending out a "SET" request, an administrator can quickly configure a device, such as setting up a port address or changing security settings. SNMP can also be used to query device information, such as the amount of memory available, or the current temperature, using a "GET" request.

SNMP device topology
The SNMPv3 Responder software module allows T/Mon to forward alarms as SNMPv3 traps to a higher-level SNMP manager.

Set Up SNMP Monitoring to Protect Your System

Setting up SNMP monitoring is needed for maintaining the performance and security of your network. To get started, set up your SNMP monitoring by following these steps:

  1. Plan Your Monitoring: Identify devices and choose the SNMP version (v1, v2c, v3).
  2. Enable SNMP on Devices: Access device settings, enable SNMP, and configure community strings or credentials.
  3. Configure SNMP Traps: Set traps on devices to send alerts to your SNMP management server.
  4. Install and Configure Monitoring Software: Install SNMP software, add devices, and set polling intervals and alert thresholds.
  5. Test the Setup: Verify communication and ensure traps are received correctly.
  6. Review and Optimize: Regularly review data and adjust settings for optimal monitoring.

By following these steps, you can efficiently set up SNMP monitoring and verify that your network's performance and security are always under control. Regular adjustments will keep your monitoring system effective.

Select the Right SNMP Version for Your Network

When deciding which SNMP (Simple Network Management Protocol) version to use for your network, the choice largely depends on your security needs and the existing infrastructure.

Use SNMP v1 or v2c if your network devices are older or you prioritize simplicity and compatibility over security. These versions are easier to configure but offer minimal security features- SNMP v1 sends data in plain text, and while v2c provides slightly better performance, it still lacks strong security.

Opt for SNMP v3 if security is a priority. SNMP v3 offers significant improvements, including message integrity, authentication, and encryption, making it the best choice for modern, secure networks. SNMP v3 can be more complex to configure and manage, which might be seen as a disadvantage in environments where simplicity is key. Despite this, the advantages of SNMP v3- namely the protection of sensitive network data from unauthorized access- far outweigh the added complexity, especially in networks where data security is critical​​.

SNMP is powerful - as long as you make the correct purchase decisions

SNMP is a powerful protocol that can help keep networks running smoothly. By allowing administrators to monitor, configure and manage devices remotely, SNMP allows for greater efficiency and control over the network. It is also easy to use and cost-effective, making it the ideal choice for many IT departments.

When implemented correctly, the SNMP protocol can provide tremendous value for an organization. If you are considering using SNMP to manage your network, be sure to do research and find the right solution that meets your needs. With the right implementation, SNMP can save time, save money, and help keep networks running smoothly.

Perform Basic Checks for SNMP Availability

Regardless of the devices in your network, regular checks and inspections of network devices help maintain the health and efficiency of the system. An important area to inspect is the SNMP availability of a taret device. To perform a basic check for SNMP availability on a target device:

  • Ping the Device: Ensure the device is reachable over the network by pinging its IP address.
  • SNMP Walk: Use an SNMP walk command to retrieve data from the device, confirming SNMP is enabled and responding.
  • Check SNMP Port (161): Verify that the SNMP service is running by checking if port 161 is open using a tool like telnet or nmap.
  • Test SNMP GET Request: Send an SNMP GET request to query a specific OID (Object Identifier) to ensure you can retrieve data.
  • Review SNMP Responses: Confirm the device's SNMP agent responds correctly with the expected data.

These steps provide a quick way to check the SNMP availability and functionality of a device on your network​​​. By scanning for uptime, you can quickly determine whether SNMP is active and accessible on your target device. SNMP accessibility makes sure that your network monitoring tools can reliably gather performance metrics and alert you to any issues. This minimizes the risk of unnoticed system failures.

There are Multiple Ways to Handle SNMP Overload Issues

Handling SNMP overload problems involves optimizing the frequency and volume of data collected to prevent excessive network traffic and performance degradation. Start by increasing the polling intervals to reduce the number of SNMP queries being sent. This adjustment makes sure that your network devices are not overwhelmed by constant data requests.

You should also filter out non-essential SNMP data, focusing only on critical metrics that are necessary for effective monitoring. Filtering out non-essential SNMP data reduces network traffic and processing load which allows for more efficient monitoring and quicker response times to critical issues. This not only helps maintain optimal network performance, but also prevents SNMP overload.

Another approach is to distribute the SNMP load by spreading queries across multiple servers or using load balancers to avoid overloading a single SNMP manager. Implementing SNMPv3 can also help by allowing more granular control over the data collected and improving efficiency.

Consider relying more on SNMP traps for critical alerts, which are event-driven and can significantly reduce the need for constant polling. Polling reduction alleviates network strain. Regular monitoring and adjustment of your SNMP settings will help maintain balance and prevent overload issues.

SNMP device topology

Example SNMP agent device: The NetGuardian 832A RTU

In my work with DPS clients on remote monitoring projects involving SNMP, I find that sharing specific examples brings people up to speed a lot faster that just endlessly discussing concepts like a textbook.

The NetGuardian 832A is an example of an SNMP-capable RTU (remote telemetry unit). It supports the SNMP protocol for remote control, monitoring, and configuration. With up to 32 discrete alarms and 8 analog alarms, it can be used to monitor a variety of different systems.

Like a lot of modern SNMP-based devices, the SNMP protocol isn't the only way to communicate with the NetGuardian. The device also includes an embedded webserver for access to runtime data, configuration, and an event log. The G6 version includes TLS 1.2 encryption for HTTPS.

This web interface means that NetGuardian has an Ethernet connection for remote access, allowing administrators to manage the device from anywhere in the world.

The NetGuardian 832A is also compatible with SNMP management software. This includes any standard SNMP manager or DPS Telecom's "T/Mon" alarm management platform.

Understand the benefits of polling vs. asynchronous SNMP trap messaging

As I described above, SNMP protocol is (at least by default) asynchronous. That means that your SNMP manager simply waits for incoming SNMP traps from all of its connected agents.

Imagine what that means if one of those SNMP agents goes offline. It obviously won't be sending any traps, and your SNMP manager will have no choice but to happily assume that all is good. For mission-critical remote monitoring, this is clearly far from ideal.

This contrasts strongly with polled architectures. In this model, your central manager does not simply to wait to receive alarm messages form individual devices. Instead, it actively "polls" each device in an orderly loop. If no response is received, your manager knows that something is wrong. That speeds your discovery of the problem before it is allowed to grow.

That's precisely why the T/Mon alarm management platform polls its connected NetGuardian RTUs instead of simply waiting to hear from them. NetGuardians are capable of both this method and, for maximum compatibility, standard SNMP trap reporting.

Some more recent implementations of SNMP use GET messages as a method of polling for precisely the same reason that I described above.

Call DPS for help with the SNMP protocol

At DPS, we're experts in remote monitoring. This necessarily includes a lot of experience with SNMP protocol.

If you've got a question, we can help you get started with your project. Just call 1-800-693-0351 or email sales@dpstele.com

Share: 
Andrew Erickson

Andrew Erickson

Andrew Erickson is an Application Engineer at DPS Telecom, a manufacturer of semi-custom remote alarm monitoring systems based in Fresno, California. Andrew brings more than 17 years of experience building site monitoring solutions, developing intuitive user interfaces and documentation, and opt...