6865

Get a Live Demo

You need to see DPS gear in action. Get a live demo with our engineers.

White Paper Series

Check out our White Paper Series!

A complete library of helpful advice and survival guides for every aspect of system monitoring and control.

DPS is here to help.

1-800-693-0351

Have a specific question? Ask our team of expert engineers and get a specific answer!

Learn the Easy Way

Sign up for the next DPS Factory Training!

DPS Factory Training

Whether you're new to our equipment or you've used it for years, DPS factory training is the best way to get more from your monitoring.

Reserve Your Seat Today

SNMP - Technical Info, History, and Usage of the Simple Network Management Protocol

By Andrew Erickson

June 24, 2023

Share: 

Simple Network Management Protocol, or SNMP, is a widely adopted protocol. The protocol is great for managing and monitoring network devices like routers, switches, servers, printers, and more. It provides a convenient way for network administrators to:

When paired with a centralized network management station (NMS), SNMP maintains coordination across all devices in the network. The protocol's primary purpose is to provide network administrators with a tool for managing, monitoring, and controlling various pieces of equipment on their networks. It does this by providing the means to configure settings, poll performance data from managed devices, and receive alerts (traps) from those devices when certain conditions are met. As a whole, SNMP simplifies the process of monitoring and managing network devices by automating these critical tasks.

SNMP capabilities
SNMP uses and applications

Technical Details of SNMP

TCP vs. UDP

SNMP primarily uses the User Datagram Protocol (UDP) as its transport protocol. Unlike Transmission Control Protocol (TCP), UDP is connectionless. That means that UDP doesn't need to establish a connection with the receiver before transmitting data like TCP does.

Since SNMP is an application layer protocol, it easily operates across UDP and - when required - TCP environments. That makes UDP faster and more efficient for network management purposes. Although this isn't an absolute rule, speed and simplicity are often more important than 100% reliability.

Do remember that SNMP can also operate over TCP. This is mostly true in network environments where UDP is not reliable or permitted. In these settings, some prefer a virtual connection over UDP.

In the limited cases where it is used for SNMP, TCP provides a connection-oriented service. It ensures data delivery via acknowledgments and retransmissions if packets are lost.

Port Numbers Used For SNMP

Understanding SNMP ports is critical for anyone monitoring and managing network devices. By default, SNMP uses UDP ports 161 and 162, as follows:

  • SNMP agents listen on UDP port 161 for SNMP requests sent by managers.
  • SNMP managers to listen for SNMP trap/inform messages from agents on UDP port 162.

For example, a NetGuardian RTU (an SNMP agent), might send a trap message to an SNMP manager on port 161. Later, the manager might send a SET command to toggle one of the NetGuardian's 8 control relay outputs.

SNMP Message Types

Each version of the protocol relies on specific message types to perform its operations effectively. SNMP defines several types of protocol operations, including:

  • Trap: An asynchronous notification from agent to manager. Trap messages are the lifeblood of a typical SNMP implementation.
  • InformRequest: Similar to Trap, but expects a confirmation response from the manager. This message type was added in SNMPv2.
  • GetRequest: Retrieves the value of one or more OIDs of an SNMP device. Your SNMP manager might ask to get the reading from a temperature sensor, for example.
  • GetNextRequest: Used in iterative queries to retrieve the next object in the Management Information Base (MIB). When "walking" through all of a device's monitored values (alarm inputs, sensor readings, etc.), this message allows easy "give me the next one, give me the next one..." walking.
  • GetBulkRequest: Allows multiple iterative queries to be sent in a single request. Instead of walking multiple GetNextRequests, this message format instead requests a single message response containing many pieces of information in one bundle.
  • SetRequest: Changes the value of one or more instances of a managed object.
  • Response: This is sent in reply to a Get/Set to provide delivery confirmation (and a payload message in the case of a Get) to the manager.

By leveraging these message types, SNMP delivers precise control over network communication. This strengthens its role in monitoring and managing network devices.

SNMP protocols
Different versions of SNMP protocol

SNMPv3 Compared with Earlier Versions

The Simple Network Management Protocol has gone through several iterations over multiple decades. Each version added new features and capabilities.

SNMPv1, the first version, introduced basic network-management capabilities but had significant security deficiencies like sending data, including community strings, in plaintext.

SNMPv2 improved performance and management capabilities and introduced the InformRequest but had complicated security models that were difficult to implement.

SNMPv3, the current version of the protocol, enhances SNMP. This version does so by adding cryptographic security in terms of authentication and privacy (encryption). It has a user-based security model (USM) for message integrity and privacy, and a view-based access control model (VACM) for restricting access to MIB objects.

Enhancing Network Security with SNMPv3 in Modern Deployments

Earlier SNMP versions like SNMPv1 and SNMPv2 had their merits in simplicity and operational efficiency. However, their glaring security limitations made them impractical in hyper-connected and threat-prone environments. SNMPv3 revolutionized this protocol by integrating strong security mechanisms - making it indispensable for modern networks that demand both reliability and protection against unauthorized access.

SNMPv3 introduces three key security features:

  1. Authentication: Ensures that SNMP messages are genuinely sent from the claimed source. It uses hashing algorithms like MD5 or SHA to authenticate users.
  2. Privacy (Encryption): Encrypts SNMP data packets to prevent sensitive information (such as configuration details or system performance data) from being intercepted. You can achieve this through encryption standards like DES or AES.
  3. Access Control: SNMPv3 allows granular control over who can access what data, leveraging user-based security models (USM) and view-based access control models (VACM). Network administrators can define users, assign specific privileges, and restrict access to particular Management Information Base (MIB) objects.

For industries with critical infrastructure - such as telecommunications, utilities, and transportation - these enhancements translate to measurable gains in network security. For example, a DPS Telecom T/Mon system combined with secure SNMPv3-capable RTUs like the NetGuardian G6 series ensures comprehensive visibility and control without sacrificing data integrity. The dual authentication and encryption features mean that network data can traverse public or private networks safely, while administrators maintain tight oversight.

To emphasize SNMPv3's practicality, consider an IoT-enabled network where thousands of devices transmit operational data. Using SNMPv3 ensures that this massive influx of information remains encrypted and secure. This allows administrators to focus on uptime and efficiency without worrying about malicious attacks or breaches.

If you're managing networks today and still relying on SNMPv1 or v2, transitioning to SNMPv3 is not just recommended - it's essential. Combining SNMPv3's security capabilities with reliable monitoring tools like DPS Telecom's T/Mon and NetGuardian RTUs will help you build a network that's secure, scalable, and ready for the future of IoT and digital transformation​​.

The History of SNMP

The protocol was introduced in 1988 to meet the growing need for a standard for managing Internet Protocol (IP) networks. SNMPv1 was quickly adopted due to its simplicity, but it soon became evident that it lacked sufficient security measures.

In response, SNMPv2 was developed in the mid-90s. This provided enhancements in operational efficiency and security. However, its adoption was slowed by the complexity of its new party-based security model.

SNMPv3, standardized in 1998, addressed the deficiencies of its predecessors. The protocol did so by introducing a user-based security model. As a result, it has become the de facto standard for network management.

SNMP Usage Today

As of my knowledge cut-off in September 2021, specific data regarding the exact number of devices worldwide using SNMP is not available. However, considering SNMP's ubiquity in network management, it's safe to say that millions, if not billions, of devices globally use SNMP.

This includes an array of devices from enterprise-level network equipment like routers and switches, to consumer devices such as home routers and internet-connected appliances. Its use is expected to continue growing with the expansion of the Internet of Things (IoT).

The Role of SNMP in IoT

The Internet of Things (IoT) represents the next frontier of SNMP's applicability. The number of IoT devices are projected to reach tens of billions in the next few years. This means SNMP will play an integral role in managing these devices.

SNMP is crucial in the IoT landscape for two main reasons. First, it helps maintain an efficient and reliable network infrastructure. This allows for a holistic view of all devices connected to the network.

Secondly, it can help reduce downtime and save money. It does so by quickly detecting potential problems with devices before they result in outages.

As IoT devices are typically networked, SNMP presents a scalable and effective solution for managing and monitoring these devices' performance and reliability. Its simplicity, open standard status, and wide adoption make it a viable choice for device management in the vast landscape of IoT.

SNMP Tutorial White Paper

Call DPS to Discuss SNMP

We can help you with any SNMP-related question, whether you're dealing with dedicated remote monitoring hardware or simply gear that uses it.

Speak with an engineer today about your project. Just tell us what you're trying to accomplish.

Call 1-800-693-0351 or email sales@dpstele.com

Share: 
Andrew Erickson

Andrew Erickson

Andrew Erickson is an Application Engineer at DPS Telecom, a manufacturer of semi-custom remote alarm monitoring systems based in Fresno, California. Andrew brings more than 17 years of experience building site monitoring solutions, developing intuitive user interfaces and documentation, and opt...