ads

SNMP







 SNMP is still the most popular way to monitor the performance of network devices, including Cisco routers and switches. With an SNMP management station, you can graph the performance of network devices. In addition, Cisco devices can send alerts (called traps) to the management station, which you can configure to alert you.

SNMP consists of 3 items:

+ SNMP Manager (sometimes called Network Management System – NMS): a software runs on the device of the network administrator (in most case, a computer) to monitor the network.

+ SNMP Agent: a software runs on network devices that we want to monitor (router, switch, server…)

+ Management Information Base (MIB): is the collection of managed objects. This component makes sure that the data exchange between the manager and the agent remains structured. In other words, MIB contains a set of questions that the SNMP Manager can ask the Agent (and the Agent can understand them). MIB is commonly shared between the Agent and Manager


 A SNMP client program known as the SNMP manager runs on a remote machine and queries these objects, through SNMP Get requests, to know the status of the network device. Similarly, the manager can control some of the network device parameters by doing an SNMP Set request which is equivalent to a write operation ( e.g. to reset a router or shutting down an interface of a router).
 Apart from the manager sending SNMP GET/SET requests to the agent, the agent too can proactively notify the manager of critical/significant events on the network devices through SNMP TRAP messages.
Thus, SNMP manages the device by reading and writing values to different SNMP objects, with each object representing a specific network parameter.





For example, in the topology above you want to monitor a router, servers, switches and a firewall. You can run SNMP Agent on all of them.
 Then on a PC you install a SNMP Manager software to receive monitoring information. SNMP is the protocol running between the Manager and Agent. SNMP communication between Manager and Agent takes place in form of messages. The monitoring process must be done via a MIB which is a standardized database and it contains parameters/objects to describe these networking devices (like IP addresses, interfaces, CPU utilization, …).






 There are three versions of SNMP — v1, v2, and v3. Each has more features than the next. Most network admins today use v2, but v3 offers many more security features.V3 has both authentication and encryption capability; the earlier versions do not. Try to use V3 whenever is possible and the other versions should be restricted to allowing read-only access via the use of community strings.

  The SNMP Read-Only Community String is like a password. It is sent along with each SNMP Get-Request and allows (or denies) access to device. Most network vendors ship their equipment with a default password of "public". (This is the so-called "default public community string")

 For example, in the topology above you want to monitor a router, a server and a Multilayer Switch. You can run SNMP Agent on all of them. Then on a PC you install a SNMP Manager software to receive monitoring information. SNMP is the protocol running between the Manager and Agent. SNMP communication between Manager and Agent takes place in form of messages. The monitoring process must be done via a MIB which is a standardized database and it contains parameters/objects to describe these networking devices (like IP addresses, interfaces, CPU utilization, …). Therefore the monitoring process now becomes the process of GET and SET the information from the MIB.

Benefits of SNMP:

  •  Page or send an SMS text message when a device fails.
  • Provide Read/Write abilities – for example, you could use it to reset passwords remotely or re-configure IP addresses.
  • Collect information on how much bandwidth is being used.
  • Collect error reports into a log, useful for troubleshooting and identifying trends.
  • Email an alert when your server is low on disk space.
  • Monitor your servers’ CPU and Memory use, alert when thresholds are exceeded.
  • Can perform active polling, i.e. Monitoring station asks devices for status every few minutes.
  • Passive SNMP – devices can send alerts to a monitoring station on error conditions.
 Lab

We are going to make a very simple lab here so you would understand SNMP configuration, so you will see authentication, encryption and community string in action.
 Let's check the community string: we will going to call this community string Cisco and will set the string of read-only access

This configuration would allow hosts identified by ACL 12 to have read-only access to all SNMP objects specified by the community string.
With SNMP V3 things are getting harder and more secured, so now we will create  an SNMP group called MiamiHeat ( yes, I am a fan of this team !) and assigning a user to that group
Now you are aware of how simple it is to configure SNMP version 3 with authentication and encryption capability.

If you have any questions, please feel free to ask.

If you understood and liked this simple  SNMP explanation, please feel free to share.

 

 

SNMP SNMP Reviewed by ohhhvictor on 4:47:00 PM Rating: 5

No comments:

 photo imagen120.jpg
Theme images by 5ugarless. Powered by Blogger.