SNMP stands for simple network management protocol. It is used to monitor the state of the network. SNMP collects information two ways:
- The devices on the network are polled by management stations.
- Devices send alerts to SNMP management stations. The public community may be added to the alert list so all management stations will receive the alert.
SNMP must be installed on the devices to do this. SNMP terms:
- Baseline - A report outlining the state of the network.
- Trap - An alert that is sent to a management station by agents.
- Agent - A program at devices that can be set to watch for some event and send a trap message to a management station if the event occurs.
The network manager can set the threshold of the monitored event that will trigger the sending of the trap message. SNMP enables counters for monitoring the performance of the network used in conjunction with Performance Monitor.
SNMP Name Resolution
SNMP supports the use of DNS, WINS, HOSTS file, and LMHOSTS file for name resolution.
An SNMP community is the group that devices and management stations running SNMP belong to. It helps define where information is sent. The community name is used to identify the group. A SNMP device or agent may belong to more than one SNMP community. It will not respond to requests from management stations that do not belong to one of its communities. SNMP default communities are:
- Write = private
- Read = public
SNMP should be protected from the internet with a firewall. Beyond the SNMP community structure, there is one trap that adds some security to SNMP.
- Send Authentication Trap - When a device receives an authentication that fails, a trap is sent to a management station.
Other configuration parameters that affect security are: