SNMP Simple Network Management Protocol Team Matrix CMPE208
- Slides: 29
SNMP Simple Network Management Protocol Team: Matrix CMPE-208 Fall 2006
What is Network Management? Maintenance and administration of networks at the top level • Configuration Management – Keeping track of network device settings • Fault Management – Detect, isolate and correct problems in the network (alerts) • Performance Management – Provide data for statistic and network performance • Security Management - protect network against unauthorized access • Bandwidth Management -measuring and controlling communications on a network
What is SNMP? • SNMP (Simple Network Management protocol): A protocol that enables a management station to configure, monitor, and receive trap (alarm) messages from network devices
SNMP & Network Management History • 1983 - TCP/IP replaces ARPANET at U. S. Do. D, effective birth of Internet • 1987 - CMIP - Common Management Information Protocol CMOT - CMIP over TCP SGMP - Simple Gateway Monitoring protocol (RFC 1028) • 1989 - SNMP working group formed • 1990 – SNMP promoted to a recommended status (RFC 1157) • 1991 – SNMPv 1 defined with format of MIBs and traps (RFCs 1212, 1215)
SNMP Characteristics • Widespread adoption -de facto standard for inter-network management. • Simple -requires little code to implement -vendors can easily build SNMP agents to their products • Extensible -easy for vendors to add network management functions to products. • Clean architecture -separates management architecture from hardware devices’ architecture -broadens the base of multi-vendor support
Major Components of SNMP Comprised of mainly agents and managers • Agent - process (software) running on each managed device collecting information about the device it is running on. • Manager - process (software) running on a management workstation that requests information about devices on the network.
SNMP Architectural Model
SNMP: Inside the Agents SNMP network managed devices are dictated by: • Management Information Base (MIB) • A map of the hierarchical order of all managed objects • Leaves represent individual data items • Structure of Management Information (SMI) • Rules specifying the format used to define objects managed on the network that the SNMP protocol accesses • Abstract Syntax Notation One (ASN. 1) • Dictates how MIB variables must be defined and referenced
MIBs and Object Identifiers Let’s have a detailed look at MIBs. . . • MIBS • An abstract tree with an unnamed root, individual data items make up the leaves of the tree • Tree is extensible by virtue of experimental and private branches (Vendors can define their own private branches to include instances of their own products) • Object Identifiers (Ids) • Uniquely identify or named the MIB objects • Like telephone number--they are organized hierarchically with specific digits assigned by different organizations
MIB Sample Tree BEA Object ID =1. 3. 6. 1. 4. 1. 140
Four Basic Commands • Get Retrieves the value of a MIB variable stored on the agent machine • Get. Next Retrieves the next value of the next lexical MIB variable • Set Changes the value of a MIB variable • Trap An Event/Alarm notification sent by an agent to a management application
• SNMP Operations managing entity request response agent data Managed device Request/Response Mode managing entity trap agent data Managed device Trap Mode
SNMP Transport Messages • SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages Ethernet Frame IP Packet UDP Datagram SNMP Message CRC • Like FTP, SNMP uses two well-known ports to operate: • UDP Port 161 - SNMP Messages • UDP Port 162 - SNMP Trap Messages
SNMP Basic Message Format • Community names are used to define where an SNMP message is destined for. Message Length Message Version Community String Message Preamble PDU Header PDU Body SNMP Protocol Data Unit
SNMP Message Formats Message Length Message Version Community String PDU Type Message Length SNMP Message Preamble PDU Length Request ID Error Status Error Index PDU Header Message Version Community String PDU Type PDU Length Enterprises MIB OID Agent IP Address Standard Trap Type Specific Trap Type Time Stamp Length of Variable Bindings Length of First Binding OID of First Binding Type of First Binding Value of First Binding Length of Second Binding OID of Second Binding Type of Second Binding Value of Second Binding Additional Variable Bindings PDU Body Length of Second Binding OID of Second Binding Type of Second Binding Value of Second Binding Additional Variable Bindings
VARIABLE BINDINGS SNMP PDU SNMP MESSAGE
SNMP Versions • SNMP v 1: RFC 1155 and RFC 1157. • SNMP v 2 c: RFC 1901, RFC 1905, and RFC 1906 • SNMP v 3: RFC 1905, RFC 1906, RFC 2571, RFC 2572, RFC 2574, and RFC 2575.
SNMP v 1 • Most widely used of all versions • Support GETNEXT SET TRAP • Security based on Read-only and Read-Write community strings • Defined in RFC 1157
SNMP v 2 c • Same PDU structure for Trap and Get/Set request • Updated protocol operations: Getbulk, Inform • Updated data types: Counter 32, Counter 64, … • Used the same community-based security from v 1 • Support Get, Get next, Get bulk, set, trap, inform • Defined in RFCs 1901, 1905, and 1906
New Commands in SNMPv 2 c • Get Bulk Request – Retrieve N objects with simple get-next operation • Inform – Enable manager to send some information to another manger
SNMP v 3 • SNMPv 2 protocol operations and data types • Proxy support • User-based security • Defined in RFCs 2571, 2572, 2573, 2574, and 2575
SNMP v 3 Protocol Operations • Get, Get. Next, Set • v 2 Trap Same as a v 1 notification, except the PDU has the same structure as Get, Get. Next, and Set • Inform Used by a manager to send an alert to another manager • Get. Bulk Retrieves a potentially large amount MIB values without having the manager to send successive Get. Next requests • Report Contain Security information from Agent to Manager for connection establishment.
SNMP v 3 User-Based Security User Security Model (USM) is designed to secure against the following principle threats: • Modification of Information • Masquerade • Message Stream Modification • Disclosure
SNMP v 3 User-Based Security USM Message Processing
SNMP v 3 User-Based Security USM authentication protocols: • HMAC-MD 5 -96 • HMAC-SHA-96 USM encryption: • Cipher Block Chaining (CBC) mode of the Data Encryption Standard (DES)
SNMP RFC’s
SNMP References ______________________________ • WEBSITES: • “Simple Network Management Protocol (SNMP)” • http: //www. cisco. com/warp/public/535/3. html • “The Simple Times” Volume 5, Number 1; December, 1997 • http: //www. simple-times. org/pub/simple-times/issues/5 -1. html#alternative • “SNMPv 3: A Security Enhancement for SNMP”, William Stallings • http: //www. comsoc. org/pubs/surveys/4 q 98 issue/stallings. html • BOOKS: • . ”Understanding SNMP MIBs”, David Perkins Evan Mc. Ginnis • “SNMP, SNMPv 2, and RMON”, William Stallings, 1996, ISBN#0 -201 -63479 -1 • “Internetworking with TCP/IP”, 4 th edition, Douglas E. Comer, 2000, ISBN#0 -13 -018380 -6
Thank You
SUGGESTIONS and QUESTIONS
- Snmp adalah
- Simple network management protocol ppt
- Snmp supports which formatted protocol
- Simple ntp
- Going native project management
- Team spirit becomes team infatuation
- The white team cheers for the blue team, just like
- Network protocol architecture
- Telecommunications network architecture
- Define communication protocols
- Network protocol architecture
- Carrier comfort network protocol
- Usenet message vanessa
- Network protocol vulnerabilities
- Network software protocol hierarchies
- Snmp vs cmip
- Udp 161
- Snmp mib2
- Snmp protokoll
- Php snmpget
- Snmp
- Snmp traffic grapher
- Lulu tsai md
- Smtp vs snmp
- Snmp stands for
- Snmp port number
- Snmp meaning
- Cacti snmp trap
- I mani
- Mikrotik snmp