SNMP

Today I am going to talk about SNMP which stands for Simple Network Management Protocol. This is an application-layer protocol that is used to monitor, configure, and manage network devices on an IP network. This protocol is an agent-manager model, where both the agent and the manager communicate to each other exchanging information that is able to be collected on a network device. The devices that are usually  monitored via SNMP are routers, switches, servers, printers, APs, firewalls and more. This is a very structured protocol in how it works so in the next few paragraphs I will be breaking down what is an agent, manager, objects and more.

Agent/Manager- SNMP uses an agent-manager model, an agent is a software module that is installed on a network device (also called managed devices in SNMP) that collects local management information and communicates it back to the manager. The manager, which is usually called “Network Management Station,” is a centralized platform usually running on a PC, that is responsible for monitoring and managing the health and performance of the network devices that are being managed. Popular SNMP softwares which perform duties of an SNMP manager are SolarWinds, Zabbix, PRTG, and many more. In order for a network device to be managed, an agent must be installed or enabled on the device or the manager will have no way of retrieving this information. 

 Objects- The specific kinds of information that can be collected on a network device are called “objects.” An object in the context of SNMP can be:

1. Interface Status (up/down)
2. Interface Bandwidth
3. Interface Errors (Input and Output Errors)
4. CPU Utilization
5. IP Addresses
6. Device Hostname
7. Memory Usage
8. Device Temperatures

All of these statistics or health indicators can be collected and monitored from multiple devices from one NMS. These objects are identified with an OID (Object Identifier.) OID is a dotted decimal string that is globally unique to represent a specific object. It works kind of like an IP address in the way it identifies a specific object instead of a network interface. These OIDs are vital as the agent needs the OID to know which specific object the manager is requesting. 

MIB- One more thing about SNMP is that all of these managed objects are all inside something called an “MIB.” An MIB is a structured definition (often stored as a file) maintained by the SNMP Agent, to define and organize what kind of information is able to be monitored, managed or configured. This database will be a list full of OIDs that are able to be collected. An example would be an OID of 1.3.6.1.2.1.2.2.1.8 and the name of the object like interface status. If the manager were to request that OID, the agent would look in its MIB, see what it’s requesting, and return the value of that OID to the manager. The value represents that state or configuration. So for interface status, when the agent retrieves the value, it would be either “up” or “down.” It is important to know that the MIB just defines what can be retrieved and does not actually store the value themselves. The agent gathers the value from the actual network device.