SNMP

SNMP stands for simple network management protocol. It is used to monitor the state of the network. SNMP collects information two ways:

The devices on the network are polled by management stations.
Devices send alerts to SNMP management stations. The public community may be added to the alert list so all management stations will receive the alert.

SNMP must be installed on the devices to do this. SNMP terms:

Baseline - A report outlining the state of the network.
Trap - An alert that is sent to a management station by agents.
Agent - A program at devices that can be set to watch for some event and send a trap message to a management station if the event occurs.

The network manager can set the threshold of the monitored event that will trigger the sending of the trap message. SNMP enables counters for monitoring the performance of the network used in conjunction with Performance Monitor.

SNMP Name Resolution

SNMP supports the use of DNS, WINS, HOSTS file, and LMHOSTS file for name resolution.

SNMP Communities

An SNMP community is the group that devices and management stations running SNMP belong to. It helps define where information is sent. The community name is used to identify the group. A SNMP device or agent may belong to more than one SNMP community. It will not respond to requests from management stations that do not belong to one of its communities. SNMP default communities are:

Write = private
Read = public

SNMP Security

SNMP should be protected from the internet with a firewall. Beyond the SNMP community structure, there is one trap that adds some security to SNMP.

Send Authentication Trap - When a device receives an authentication that fails, a trap is sent to a management station.

Other configuration parameters that affect security are:

Accepted Community Names - Only requests from computers in the list of community names will be accepted.
Accept SNMP Packets from Any Host - This is checked by default. Setting specific hosts will increase security.
Only Accept SNMP Packets from These Hosts - Only requests from hosts on the list of IP addresses are accepted. Use IP, or IPX address or host name to identify the host.

SNMP Installation

SNMP is installed from the control panel network applet services tab. The service is called "SNMP Service". Two parameters are specified at installation:

Send Trap with Community Names - The name of the community that traps are sent to.
Trap Destination - The name or IP address of hosts traps are to be sent to.

SNMP Configuration

Clicking "SNMP Properties" brings up a menu with the following three parts:

Agent - The contact for where traps are sent is configured here. This is an e-mail address. Service checkboxes include:
- Physical
- Applications
- Datalink/Subnetwork
- Internet
- End-to-End
Traps - The community name(s) where traps are sent are specified here. Trap destinations are specified by host name or IP address.
Security - Includes:
- Send Authentication Trap checkbox is checked by default.
- Accepted Community Names box from where requests are accepted from.
- Accept SNMP Packets from Any Host radio button.
- Only Accept SNMP Packets from These Hosts.

SNMP Use

NT Server cannot be an SNMP manager by default without special software. SNMP errors are viewed from the system log of Event Viewer.

SNMP Commands

GetRequest - The manager requests information from the agent.
GetNextRequest - This is used to get information that is contained by an array.
GetResponse - Used by the agent to satisfy a request sent by the manager.
SetRequest - The manager changes the value of an agent's parameter.
Trap - A command or message used by the agent to inform the manager of a certain event.

Information collection methods:

The agent will send trap message alerts to the SNMP manager.
The SNMP manager will poll the network devices.