SNMP remains one of, if not the most powerful protocols for monitoring network and infrastructure components. Defined in 1990 in RFC 1157, it is a layer 7 protocol using UDP port 161 for requests & responses, and UDP port 162 for notifications. There are three main versions (SNMPv1, SNMPv2c, SNMPv3), however v1 and v2c have severe security vulnerabilities and should be disabled in favour of v3.
Author Michael W Lucas describes it in his book “The Networknomicon, or SNMP Mastery” as “dark magic”.
Link to book: Amazon
SNMP features 3 components:
- SNMP Manager – This listens for notifications from, and sends requests to, the SNMP agent.
- SNMP Agent – This runs on a network device such as a switch, router, firewall, UPS, printer, and so on, and communicates with the SNMP Manager.
- MIB – The “Management Information Base” defines the dictionary and structure of data communicated between the manager and agent.
The following communication flows are exist within SNMP
A SNMP Trap Message is just an alert that informs the remote end (SNMP Manager) that a condition that was previously set has been met, Such as informing the SNMP manager that a filesystem has reached a certain threshold.