The Simple Network Management Protocol (SNMP) is an Internet Standard protocol that is based on the manager/agent model with a simple request/response format. The network manager issues a request and the managed agents will send responses in return.
Currently, there are three major versions of SNMP: SNMPv1, SNMPv2c, and SNMPv3.
These different generations of SNMP have created a definite fracturing of what was once a simple architecture. Now, you have to consider the multi-generational SNMP versions you have in play and consider mediation devices to convert older SNMP to the newer version.
It is important that you are able to make informed decisions when it comes to your system communication methods. This is why we'll dive into these SNMP versions and learn the main differences between them.
SNMPv1 is the first version of SNMP. It's easy to set up, as it only requires a plain text community.
Although it accomplished its goal of being an open, standard protocol, it was found to be lacking in key areas for certain managing applications. For example, it only supports 32-bit counters and has poor security features - a community string is the only security method in the SNMPv1.
Later versions have addressed many of these problems. Smaller RTUs commonly support SNMPv1.
Designed in 1993, SNMPv2c (where c stands for community) is a sub-version of SNMPv2.
The Get, GetNext, and Set operations used in SNMPv1 are identical as those used in SNMPv2c. However, SNMPv2c's key advantage over previous versions is the Inform command. Unlike Traps, which are simply received by a manager, Informs are positively acknowledged with a response message. If a manager does not reply to an Inform, the SNMP agent will resend the Inform.
Other advantages include:
Improved error handling
Improved SET commands
SNMPv2 security, just like for SNMPv1, comes into the form of community strings. This is a password that your devices will need to able allowed to talk to each other and transfer information when SNMP requests occur.
Also, keep in mind that not all devices are SNMPv2c compliant, so your SNMP manager should be downward compatible with SNMPv1 devices. You can also use an SNMPv3 mediation device to ensure compatibility with earlier versions.
SNMPv3 is the newest version of SNMP. Its management framework features primarily involve enhanced security.
The SNMPv3 architecture introduces the User-based Security Model (USM) for message security and the View-based Access Control Model (VACM) for access control.
SNMPv3 supports the SNMP "Engine ID" Identifier, which uniquely identifies each SNMP entity. Conflicts can occur if two entities have duplicate EngineID's. The EngineID is used to generate the key for authenticated messages.
SNMP v3 security models come primarily in 2 forms: authentication and encrypting.
The SNMPv3 protocol also facilitates the remote configuration of the SNMP agents. It is defined by RFC 1905, RFC 1906, RFC 3411, RFC 3412, RFC 3414, RFC 3415.
The NetGuardian 832A G5 is one example of an RTU that supports SNMPv3.
If now you have to use only secure/encrypted SNMPv3, you need a way to avoid replacing all of your current v1/v2c SNMP network devices. A conversion device allows you to do that. Talk to your vendor about that, this way you can keep your older gear and add SNMPv3 security.
The Fast Track Introduction to SNMP is a quick, 12-page introduction to SNMP. You'll learn about traps, message formats, message processing, MIB objects, SNMPv3 security and administration, and other fundamental SNMP concepts.
At DPS, we're totally focused on remote monitoring, including SNMP protocol. We've worked on thousands of projects that involve SNMP in one form or another.
That experience means that we have SNMP experts on staff. Send us a quick online message (or just give us a call) and we'll answer any SNMP question you have.
Next Page: Field-Tested, Proven SNMP Mediation
Download our free SNMP White Paper. Featuring SNMP Expert Marshall DenHartog.
This guidebook has been created to give you the information you need to successfully implement SNMP-based alarm monitoring in your network.
1-800-693-0351
Have a specific question? Ask our team of expert engineers and get a specific answer!
Sign up for the next DPS Factory Training!
Whether you're new to our equipment or you've used it for years, DPS factory training is the best way to get more from your monitoring.
Reserve Your Seat Today