SNMP

SNMP (Simple Network Management Protocol) is the system used on the Internet to "manage" all the equipment that makes up the Internet.

The equipment that makes up the Internet consists of devices call "routers" that are interconnected via high speed phone lines. The most common use of SNMP is when an application sends queries at those routers requesting performance information on those lines. The goal is to detect which lines are congested (due to high traffic volume) in order to upgrade them to higher speed lines.

Management

SNMP allows a "console" to remotely "manage" a device. The word "manage" means lots of things, which is broken down in the following matrix. In the example above, we described how an application could "monitor" the "performance" of phone lines.

	Control	Monitor	Report/Alert
Performance
Fault
Security
Configuration
Accounting

What this means is that there are essentially three things you can do with a managed device:

• Control, configure, and setup the device. For example, you might want to turn it on or off, remotely configure user accounts, set security passwords, and so forth.
• Monitor, read its status, and so forth. In fact, roughly 90% of SNMP activity is monitor the performance of a device in order to track long term trends in network usage.
• Receive reports or alerts of important events. Another of the most common usages of SNMP is to receive fault reports indicating that some error has occurred on the network that needs fixing.

You can Control/Monitor/Report on 5 general areas of activity:

• Performance management is concerned with monitoring ongoing performance trends, reconfiguring devices to perform better, and receiving reports or performance bottlenecks.
• Fault management is concerned with monitoring equipement for long term problems (such as temperature rising out of bounds), reconfiguring devices to route around failures, and most importantly, receiving real-time alerts when faults occur.
• Security managment is concerned with such things as logging important security events (such as when users log on/off), configuring information such as passwords, and recieving alerts resulting from hacker intrusions on the network.
• Configuration management is concerned with monitoring the current configuration of the network (such as which networking lines are up), setting the configuration of devices, and receiving reports of automatic configuration changes that have occurred.
• Accounting is concerned with billing users for their time on line, setting user quotas (so they can't use more than their fair share), and

Entities

SNMP consists primarily of two objects: a "manager" and an "agent". A "agent" consists of a piece of software embedded in a machine. For example, on Windows NT, you can install an "SNMP Service". SNMP agents exist for almost any piece of equipment.

However, the installed agent doesn't do anything for the machine until queried by the "manager". This is separate program that a network manager runs on their own computer that queries the agent (across the network) for information. A set of information is called a "MIB" (Management Information Base). Almost every agent has a minimal MIB that allows the manager to view the packets going into/out of the system. Beyond this basic MIB, each agent supports a different MIB that contains information about its particular purpose. For example, the Windows NT MIB will report on the current users on the machine, which drives are shared, and so forth.

RESOURCES Books FAQs Intro News Lists Notes SEARCH this section advICE