Simple Network Management Protocol

Application layer protocol, Simple Network Management Protocol (SNMP), is used to manage IP devices. SNMP is part of the TCP/IP application layer suite. SNMP allows network administrators the ability to view and change network parameters and monitor connections locally and remotely. Managing network performance over a period of time is one of the major functions that SNMP provides.

There are three version of SNMP:

Both SNMPv1 and SNMPv2 use a community-based form of security. The community string allows access to the SNMP agent and can also be defined by an IP address access control list and password.

To set up the community access strings to permit access to the Simple Network Management Protocol (SNMP) on a Cisco IOS router, use the snmp-server community global configuration command:

snmp-server community string [view view-name] [ro I rw] [number]

Table 3-1 describes this syntax. Table 3-1 snmp-server community Command Syntax Description

Syntax

Description

string

Case-sensitive community string that acts like a password and permits access to the SNMP protocol.

view view-name

(Optional) Name of a previously defined view. The view defines the objects available to the community.

ro

(Optional) Specifies read-only access. Authorized management stations are able to retrieve only MIB objects.

rw

(Optional) Specifies read-write access. Authorized management stations are able to retrieve and modify MIB objects.

number

(Optional) Integer from 1 to 99 that specifies an access list of IP addresses that are allowed to use the community string to gain access to the SNMP agent.

SNMP servers collect information from remote devices known as SNMP agents. SNMP packets are sent and received by devices on UDP ports 161 (SNMP servers) and 162 (SNMP agents).

The Management Information Base (MIB) is a virtual information storage area for network management information consisting of collections of managed objects. Within the MIB are collections of related objects, defined in MIB modules. MIB modules are written in the SNMP MIB module language, as defined in STD 58, RFC 2578, RFC 2579, and RFC 2580. SNMP port 161 is used to query SNMP devices, and SNMP port 162 is used to send SNMP traps. SNMP runs over UDP and is secured by a well-known, case-sensitive community string.

0 0

Post a comment