1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Content</title>
<base target="_self">
</head>
<body background="../../images/bg.gif" topmargin="0" leftmargin="0" marginheight="0" marginwidth="0" onLoad="window.focus();" link="#808080" vlink="#808080" alink="#808080">
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td bgcolor="#336666" width="18" valign="top">
<img border="0" src="../../images/content_lines.gif" width="16" height="25">
<img border="0" src="../../images/transdot.gif" width="2" height="1"></td>
<td bgcolor="#336666"><b><font face="Arial" size="2" color="#FFFFFF">6.2</b></font></td>
<td bgcolor="#336666"><img border="0" src="../../images/transdot.gif" width="10" height="1"></td>
<td bgcolor="#336666" width="100%"><strong><font size="2" color="#FFFFFF">
<span style="font-family: Arial">Network Management</span></font></strong></td>
<td width="9" bgcolor="#336666"> </td>
</tr>
<tr>
<td bgcolor="#669999" height="25" width="18"> </td>
<td bgcolor="#669999" height="25"><b>
<font face="Arial" size="2" color="#FFFFFF">6.2.6</font></b></td>
<td bgcolor="#669999"><img border="0" src="../../images/transdot.gif" width="10" height="1"></td>
<td bgcolor="#669999" height="25" width="100%"><strong>
<font face="Arial" size="2" color="#FFFFFF">SNMP protocol</font></strong></td>
<td bgcolor="#669999" height="25" width="9"> </td>
</tr></table>
<table border="0" cellpadding="0" cellspacing="0" width="95%" bordercolor="#111111">
<tr>
<td width="15"></td>
<td>
<font face="Arial" size="2">The agent is a software function embedded
in most networked devices, such as routers, switches, managed hubs,
printers, and servers.
<img border="0" src="../../images/1.gif" align="absmiddle" width="12" height="12">
It is responsible for processing SNMP requests from the manager. It is
also responsible for the execution of routines that maintain variables
as defined in the various supported MIBs.</font><p>
<font face="Arial" size="2"> Interaction between the manager and the
agent is facilitated by the Simple Network Management Protocol (SNMP).
The term simple comes from the restricted number of message types that
are part of the initial protocol specification. The strategy was
designed to make it easier for developers to build management
capabilities into network devices. The initial protocol specification
is referred to as SNMPv1 (version 1).</font></p>
<p>
<font size="2" face="Arial">There are three types of SNMP messages
issued on behalf of an NMS. They are GetRequest, GetNextRequest and
SetRequest.
<img border="0" src="../../images/2.gif" align="absmiddle" width="12" height="12">
All three messages are acknowledged by the agent in the form of a
GetResponse message. An agent may issue a Trap message in
response to an event that affects the MIB and the underlying
resources.</font></p>
<p>
<font face="Arial" size="2">The development of SNMPv2c addressed
limitations in SNMPv1. The most noticeable enhancements were the
introduction of the GetBulkRequest message type and the addition of
64-bit counters to the MIB. Retrieving information with GetRequest and
GetNextRequest was an inefficient method of collecting information.
Only one variable at a time could be solicited with SNMPv1. The
GetBulkRequest addresses this weakness by receiving more information
with a single request. Secondly, the 64-bit counters addressed the
issue of counters rolling over too quickly, especially with higher
speed links like Gigabit Ethernet.</font></p>
<p>
<font face="Arial" size="2">The management entity is also referred to
as the manager or network management station (NMS).
<img border="0" src="../../images/3.gif" align="absmiddle" width="12" height="12">
It is responsible for soliciting information from the agent. The
solicitations are based on very specific requests. The manager
processes the retrieved information in a number of ways. The retrieved
information can be logged for later analysis, displayed using a
graphing utility, or compared with preconfigured values to test if a
particular condition has been met.</font></p>
<p>
<font face="Arial" size="2"> Not all manager functions are based on
data retrieval. There is also the ability to issue changes of a value
in the managed device. This feature enables an administrator to
configure a managed device using SNMP.</font></p>
<p>
<font face="Arial" size="2">The interaction between the manager and
the managed device does introduce traffic to the network. Caution
should be taken when introducing managers on to the network.
Aggressive monitoring strategies can negatively affect network
performance. Bandwidth utilizations will go up, which may be an issue
for WAN environments. Also, monitoring has a performance impact on the
devices being monitored, since they are required to process the
manager requests. This
processing should not take precedence over production services.</font></p>
<p>
<font face="Arial" size="2"> A general rule is that a minimum amount
of information should be polled as infrequently as possible.
Determine which devices and links are most critical and
what type of data is required.</font></p>
<p>
<font face="Arial" size="2"> SNMP uses UDP as a transport protocol.
Since UDP is connectionless and unreliable, it is possible for SNMP to
lose messages. SNMP itself has no provision for guarantee of delivery,
so it is up to the application using SNMP to cope with lost messages.</font></p>
<p>
<font face="Arial" size="2">Each SNMP message contains a cleartext
string, called a community string. The community string is used like a
password to restrict access to managed devices.
<img border="0" src="../../images/4.gif" align="absmiddle" width="12" height="12"> SNMPv3
has addressed the security concerns raised by tranmitting
the community string in cleartext.</font></p>
<p>
<font face="Arial" size="2"> An example of what the SNMPv2c message
looks like is illustrated in Figure
<img border="0" src="../../images/5.gif" align="absmiddle" width="12" height="12">. A
detailed presentation of the protocol can be found in the Internet
standard RFC1905.</font></p>
<p>
<font face="Arial" size="2"> The fact that the community string is
cleartext is no surprise to anyone who has studied the Internet
Protocol (IP) protocol suite. All fields specified in the protocol
suite are cleartext, except for security authentication and encryption
specifications.</font></p>
<p>
<font face="Arial" size="2"> The community string was essentially a security placeholder until the
SNMPv2 working group could ratify security mechanisms. The efforts
were referred to the SNMPv3 working group. All SNMP-based management applications need to be configured to use the
appropriate community strings. Some organizations
frequently change the community string values to reduce the risk of
malicious activity from the unauthorized use of the SNMP service.</font></p>
<p>
<font face="Arial" size="2"> In spite of the weakness associated with
community-based authentication, management strategies are still based
on SNMPv1. Cisco devices do support SNMPv3 message types and
the increased security capabilities, but most management
software applications do not support SNMPv3.
<img border="0" src="../../images/6.gif" align="absmiddle" width="12" height="12"></font></p>
<p>
<font face="Arial" size="2"> SNMPv3 supports the concurrent existence
of multiple security models.
<img border="0" src="../../images/7.gif" align="absmiddle" width="12" height="12"></font></p>
<p>
<font face="Arial" size="2"> </font>
</td>
</tr>
</table>
</body>
</html>
|
