Simple Network Management Protocol

1. In the name of ALLAH, the
most merciful and
beneficent.
1

2. Group Members
 Muhammad Imran Shareef ( GL )
 Muhammad Hassan Rasheed
 Hafiz Ali Raza
 Abdul Munam
 Awais Ghaffar
 Muhammad Kamil
2

3. SNMP
Simple Network Management Protocol
3

4. Simple Network Management Protocol
¤ SNMP is "Internet-standard protocol for managing devices on IP
networks”.
¤ Devices that support SNMP include routers, switches, Servers,
workstations, printers, modem racks, and more.
¤ SNMP is used to monitor network-attached devices.
¤ SNMP is a component of the Internet Protocol Suite as defined by
the Internet Engineering Task Force (IETF).
4

5. SNMP concept
5

6. SNMP & Network Management History
 1983 - TCP/IP replaces ARPANET at U.S. Dept. Of Defense,
effective Birth of internet.
 First model for net management – HEMS – High Level Entity
Management system ( RFCs 1021,1022,1024,1076)
 1987 – CMIP - Common Management information protocol , and
CMOT ( CMIP over TCP) for the actual network protocol for use on
the internet.
 Nov 1987- SGMP – Simple Gateway Monitoring protocol ( RFC 1028)
 Aug 1989 – Internet Standard Network Management Frame work (
RFCs 1065, 1066, 1067)
6

7. SNMP & Network Management History
 Apr 1989 – SNMP promoted to recommended status as the de fecto
TCP/IP network management frame work ( RFC 1098 )
 June 1989 – IAB committee decides to let SNMP and CMOT develop
separately
 May 1990 – IAB promotes SNMP to a standard protocol with a
recommended status ( RFC 1157 )
 Mar 1991 – Format of MIBs and traps defined ( RFCs 1212, 1215)
 TCP/IP MIB definition revised to create SNMP V1 ( RFC 1213 )
7

8. Components of network management on the Internet
8

9. SNMP Framework
Protocol: “Manager-Agent” interaction
BER: Basic Encoding Rules
MIB: Management Information Base
(Database on managed devices)


SMI: Structure of Management Information
(Rules of describing management information
9

10. SMI : Structure of Management
Information
 SMI defines the general rules for naming objects, defining object
types and showing how to encode objects and values.
 SMI does not define the number of objects an entity should manage
or name the objects to be managed
 define the association between the objects and their values.
10

11. SMI Data Types (Examples)
•
•
•
•
•
•
•
•
•
INTEGER -- signed 32-bit integer
OCTET STRING
OBJECT IDENTIFIER (OID)
NULL -- not actually data type, but data value
IpAddress -- OCTET STRING of size 4, in network byte order (B.E.)
Counter -- unsigned 32-bit integer (rolls over)
Gauge -- unsigned 32-bit integer (will top out and stay there)
TimeTicks -- unsigned 32-bit integer (rolls over after 497 days)
Opaque -- used to create new data types not in SNMPv1
• DateAndTime, DisplayString, MacAddress, PhysAddress, TimeInterval, TimeStamp, TruthValue,
VariablePointer -- textual conventions used as types
11

12. MIB : Management Information Base
 MIB creates a collection of named objects, their types, and their
relationships to each other in an entity to be managed.
 MIB is the definition of “objects” that should be provided on each
managed node by the SNMP “agent”.
 An “object” is a quantity or a field that describes one functional
aspect of a device.
 MIB objects are arranged in “groups”
 Some groups relate to “layer” of the protocol stack.
 Other groups relate to the system as a “whole”
12

13. MIB
13

14. BER – Basic Encoding Rules
 The relationship between ASN.1 and BER
 parallels that of source code and machine code.
 CCITT X.209 specifies the Basic Encoding Rules
 All SNMP messages are converted / serialized from ASN.1 notation
into smaller, binary data (BER)
14

15. Features of SNMP
¤ Its design is simple , making it easier to implement on network of
any size.
¤ Its simple design makes it easy for a user to program variables
they would like to have monitored.
¤ It is popular and extensible.
 A device manufacturer can easily add new registers for
monitoring
15

16. Key Components of SNMP
¤ An SNMP-managed network consists of three key
components.
 Managed device
 Agent — software which runs on managed devices
 Network management system (NMS) — software which
runs on the manager
16

17. Managed Device
¤ A managed device is a network node that implements an
SNMP interface.
¤ It allows unidirectional (read-only) or bidirectional access
to node-specific information.
¤ Managed devices exchange node-specific information
with the NMSs.
¤ The managed devices can be routers, servers, switches,
bridges, hubs, IP telephones, IP video cameras ,printers
etc.
17

18. SNMP Agent
¤ An agent is a network-management software module that resides on
a managed device.
¤ An agent has local knowledge of management information.
18

19. SNMP Components
19

20. Network Management System
 A network management system (NMS) executes applications that
monitor and control managed devices.
 NMSs provide the bulk of the processing And memory resources
required for network management.
 One or more NMSs may exist on any managed network
20

21. NETWORK MANAGEMENT SYSTEM
 We can say that the functions performed by a network
management system can be divided into five broad
categories:
 Configuration management
 Fault management
 Performance management
 Security management
 Accounting management
21

22. Functions of a network management system
22

23. Basic Task of NMS
 Configuration management
 Keeping track of device settings and how they function
 Fault management
 Dealing with problems and emergencies in networks
( Router stops routing , Server loses power etc)
 Performance Management
 How smoothly is the network running?
 Can it handle the work load it currently has?
23

24. 24

25. Proxy Agents
¤ Proxy Agents extend the capabilities of SNMP by allowing it:






Manage a device that cannot support an SNMP agent
Manage a device that supports a non-SNMP management agent
Allow a non-SNMP management system to access an SNMP agent
Provide firewall-type security to other SNMP agents
Translate between different formats of SNMP messages
Consolidate multiple managed nodes into a single network address
25

26. SNMP Messages
 Get-Request
 Sent by manager requesting specific data from agent
 Get-Next-Request
 Sent by manager requesting data on the next MO to the one specified
 Set-Request
 Initializes or changes the value of network element
 Get-Response
 Agent responds with data for get and set requests from the manager
 Trap
 Alarm generated by an agent
26

27. 27

28. SNMP Operation
 SNMP operates in the Application Layer of the OSI model.
 The SNMP agent receives requests on UDP port 161.
 The manager may send requests from any available source port to port
161 in the agent.
 The agent response will be sent back to the source port on the manager.
 The manager receives Traps and InformRequests on port 162.
 The agent may generate notifications from any available port.
 When used with Transport Layer Security or Datagram Transport Layer
Security requests are received on port 10161 and traps are sent to port
10162.[3]
28

29. SNMP Versions
¤ Two major versions SNMPV1, SNMPV2
¤SNMPV1 is the recommended standard
¤SNMPV2 has become split into:
 SNMPV2U – SNMP with user based security
 SNMPV2* - SNMP with user based security and additional features
 SNMPV2C – SNMPV2 Without security
29

30. SNMP Versions
 SNMPv1 specifies five core protocol data units (PDUs). Two other
PDUs, GetBulkRequest and InformRequest were added in SNMPv2 and
carried over to SNMPv3.
 All SNMP PDUs are constructed as follows:
Ip
Header
UDP
Header
Version
Community
PDUType
Request id
Error
Status
Error Index
Variable
bindings
30

31. SNMP V1
 Version 1 :
 SNMP version 1 is the initial implementation of the SNMP protocol.
 SNMPv1 operates over protocols such as User Datagram Protocol (UDP), Internet
Protocol
 SNMPv1 is widely used and is the de facto network-management protocol in the Internet
community
 The first RFCs for SNMP, now known as SNMPv1, appeared in 1988:
 Version 1 has been criticized for its poor security.
 Authentication of clients is performed only by a "community string", in effect a type of
password, which is transmitted in clear text.
 '80s design of SNMP V1 was done by a group of collaborators who viewed the officially
sponsored OSI/IETF/NSF (National Science Foundation) effort (HEMS/CMIS/CMIP) as
both implementable in the computing platforms of the time as well as potentially
unworkable.
31

32. SNMP V2
 SNMPv2 (RFC 1441–RFC 1452), revises version 1
 Improvements in the areas of performance, security, confidentiality,
and manager-to-manager communications.
 It introduced Get Bulk Request, an alternative of Get Nex Requests for
retrieving large amounts of management data in a single request.
 The new party-based security system in SNMPv2, viewed by many as
overly complex, was not widely accepted.
32

33. SNMP V3
 Version 3 :
 Although SNMPv3 makes no changes to the protocol aside from the addition of cryptographic
security
 it looks much different due to new textual conventions, concepts, and terminology.
 SNMPv3 primarily added security and remote configuration enhancements to SNMP.
 Security has been the biggest weakness of SNMP since the beginning.
 Authentication in SNMP Versions 1 and 2 amounts to nothing more than a password (community
string) sent in clear text between a manager and agent.
 Each SNMPv3 message contains security parameters which are encoded as an octet string.
 The meaning of these security parameters depends on the security model being used.
 In practice, SNMP implementations often support multiple versions: typically SNMPv1, SNMPv2c,
and SNMPv3.
33

34. Advantages of using SNMP
¤ Standardized
¤ Universally supported
¤ Extendible
¤ Portable
¤ Allows distributed management access
¤ Light weighted protocol
34

35. Disadvantages of SNMP
 Reducing network bandwidth
 some large security gaps
 largest security problems
 privacy of data
 authentication
 access control
 so simple that the information it deals with is neither detailed nor
well-organized enough to deal with the expanding networks
35

36. SNMP Architecture and model
Network management
Organization Model
Information Model
Communication Model
Functional Model
36

37. SNMP & The OSI Model
7 Application Layer Management and Agent APIs
SNMP
6 Presentation Layer
ASN.1 and BER
5
Session Layer
RPC and NetBIOS
4 Transport Layer
TCP and UDP
3
Network Layer
IP and IPX
2 Data Link Layer
Ethernet, Token Ring, FDDI
1
Physical Layer
37

38. Ports & UDP
¤ SNMP uses User Datagram protocol (UDP) as the transport
mechanism for SNMP message
Ethernet
Frame
IP packet
UDP datagram
SNMP Message
¤ Like FTP, SNMP uses two well-known ports to operate
 UDP Port 161 – SNMP Message
 UDP Port 162– SNMP Trap Message
38

39. Languages of SNMP
¤ Structure of Management Information ( SMI)
Specifies the format used for defining managed objects that are accessed via the SNMP
protocol
¤ Abstract Syntax Notation ( ASN .1)
Used to define the format of SNMP message and managed objects( MIB modules
¤ Basic Encoding Rules ( BER )
Used to encode the SNMP message into format suitable for transmission across a network
39

40. THANK YOU
40