Embed Size (px)
Citation preview
IT Management, SimplifiedReal-time IT management solutions for the new speed of business
SNMP DemystifiedKARTHIK ANANDARAO
Sr. Product Consultant/Evangelist
ManageEngine
About ME
• Senior Product Consultant and Evangelist for ManageEngine. With Engineering and MBA degrees from reputed Indian institutions,
• With over 17 years of IT Experience, serving in different capacities including System and Network Administration, IT Management, and Consulting.
• Have travelled across the globe for implementation, consultation and training of ManageEngine products and solutions.
Agenda
• SNMP• What is it?
• Components and their functionality
• Ports and Firewall
• SNMP Versions and Security
• MIBs and OIDs
• Basic Commands
• How does a SNMP Communication happen?
• Traps
• SNMP Tools
SNMP
• Simple Network Management Protocol• Internet Standard Protocol to manage devices on IP Networks
• More precisely, the standard way of monitoring hardware and software from any manufacturer from Cisco to Juniper, from Microsoft to Unix.
• Part of Transmission Control Protocol / Internet Protocol (TCP / IP) suite
• Uses UDP as the Transport Protocol
SNMP Components
• Components• SNMP Manager
• SNMP Agent
• Managed Devices
SNMP Manager
SNMP Agent
Managed Devices
SNMP Components
• Managed Device• Could be any network device – router, switch, firewall, printer,
ups, load balancer, temperature sensor
• Could be any server – physical or virtual – be it any OS – linux, solaris, windows, HP-UX
• Could be any device with an IP and a SNMP agent
SNMP Components
• SNMP Agent• Windows – SNMP
• *UX – net-snmp
• Cisco – Cisco SNMP
Every device manufacturer configures SNMP agent on the managed device.
Collects Management Information about its local environment
Stores and retrieves information as defined in the MIB
Signals an event to the manager
SNMP Components
• SNMP Manager• NMS
• EMS
• Monitoring solutions like OpManager, Solarwinds
Ports and Firewall
• Open ports through firewall• SNMP – 161 UDP
• SNMP Trap – 162 UDP (to be covered later)
SNMP Versions and Security
• SNMP Versions• SNMPv1
Widely used, de-facto Network Management Protocol
Available since 1988
Authentication through Community String
• SNMPv2cRevises Version 1
Improvements in performance, security, and manager-to-manager communications
Introduced GetBulkRequest
Poor Security
Community String passed in Clear Text
SNMP Versions and Security
• SNMP Versions• SNMPv3
• Adds security and remote configuration enhancements
o Each SNMP entity has an identifier – SNMPEngineID
o Communication possible only if the SNMP entity knows the identity of its peer
o Specification for USM – User based Security Model
o NoAuthNoPriv
o AuthNoPriv
o AuthPriv
o Authentication Protocols – MD5, SHA
o Privacy Protocols – CBC_DES, CFB_AES_128
SNMP Versions and Security
• SNMPv3• Provides a secure environment for systems management covering
Discovery Procedure
Time synchronization procedure
SNMP Framework MIB
USM MIBs
VACM MIBs
Security goals - protection against Modification of Information, Masquerade, Message Stream Modification, Disclosure
Address issues related to large-scale deployment of SNMP, accounting, and fault management.
Focuses on Security and Administration
SNMP Versions and Security
• SNMPv3 SecurityUSM – User-based Security Model – provides authentication and
encryption functions – operates at message levelVACM – View-based Access Control Model – determines whether a
node is allowed access to a particular MIB object to perform specific functions – operates at PDU level
TSM – Transport Security Mode – provides a method for authenticating and encrypting messages over external security channels through SSH and TLS/DTLS
Confidentiality – prevents snooping from unauthorized sourceIntegrity – ensure that a packet is not tamperedAuthentication – verify message is from a valid source
MIBs and OIDs
• OID – Object Identifier• Something that can gather information about on a SNMP enabled device• Identified by a Name – Object Name• Data-Type Definition – counter, string, gauge, integer• Level of access – read/write• Range Information• Examples:
Interface – Up-Down Status / Rx-Tx Traffic / Errors / Discards Process – Path / ID / CPU / Memory / Instances CPU – Speed / Utilization Memory – Total / Used / Free Disk – Total / Used / Free
OIDs defined in MIBsOIDs Unique – specific to deviceOIDs – Scalar or TabularOID – Typically a dotted list of integers
MIBs and OIDs
• How to locate ‘sysUpTime’ from RFC-1213 MIB?
sysUpTime - .1.3.6.1.2.1.3
• iso• dod
• internet• mgmt-2
• mib-2• system
• sysDescr• sysObjectID• sysUpTime• sysContact• sysName• sysLocation• sysServices
MIBs and OIDs
• OID Example – Let us look at sysUpTime
MIBs and OIDs
• MIB – Management Information BaseCollection of OIDs
SNMP Agent maintains an information database describing managed device parameters
SNMP Agent retrieves the value of the requested information from the MIB when the SNMP Manager requests
Defines Managed Objects that an SNMP Manager requests from the SNMP Agent
In short, MIB files are the set of questions that a SNMP Manager can ask the agent.
MIBs and OIDs
• MIB – Management Information Base• Comprises of Managed Objects identified by OID
• MIBs can be• Standard – RFCs
• Custom / Private – provided by device manufacturers – Example : Cisco, Huawei, Nortel
MIBs and OIDs
• MIB Tree Diagram
Basic SNMP Commands
• SNMP CommandsGET – Retrieve one value from the managed device
Example – sysName, sysUptimeGET NEXT – Retrieve the value of next OID
Used mostly by monitoring toolsGET BULK – Retrieve voluminous data
Example - ifTableSET – Modify or assign value to a parameter
Example – Temperature Threshold on a serverTRAPS – Initiated by the agent to the SNMP Manager on occurrence of
an eventExample – linkUp, Fan Status
INFORM – Like TRAP, also includes confirmation from SNMP ManagerRESPONSE – Command used to carry back the value(s) or signal of
actions directed by the SNMP Manager
SNMP Communication
• SNMP Communication Diagram
SNMP Trap
• Trap• Asynchronous notification from agent to Manager
• Includes• Current sysUpTime
• An OID identifying the type of trap
• Optional Variable bindings
• Destination address for traps to be collected
• MIB contains Trap Configuration Variables
• Traps listen on 162 – UDP
• Trap Versions – SNMPv1, SNMPv2c, SNMPv3
• Example :• 1999-11-13 08:31:33 localhost [127.0.0.1]: SNMPv2-MIB::sysUpTime.0 = Timeticks: (13917129) 1 day, 14:39:31.29
SNMPv2-MIB::snmpTrapOID.0 = OID: NOTIFICATION-TEST-MIB::demo-notif SNMPv2-MIB::sysLocation.0 = "just here"
SNMP Tools
• SNMP Tools• Tools aplenty to retrieve/set SNMP messages / Traps
• Tool from ManageEngine• ManageEngine SNMP MIB Browser
Available for Free
Trap Viewer
Get / Get Next / Get Bulk Operations
Set SNMP Variable Value
Load MIBs
Easy to Use
ManageEngine SNMP MIB Browser
ManageEngine SNMP MIB Browser
• Website http://www.manageengine.com/products/mibbrowser-free-tool/
• Download http://www.manageengine.com/products/mibbrowser-free-
tool/download.html
• Features http://www.manageengine.com/products/mibbrowser-free-
tool/features.html
• FAQ http://www.manageengine.com/products/mibbrowser-free-
tool/faq.html
• Feedback http://www.manageengine.com/products/mibbrowser-free-
tool/feedback.html
ManageEngine SNMP Community
• Join us @ SNMP Nuts & Bolts• https://connect.manageengine.com/groups/snmp-nuts-and-
bolts• An online community
• Share SNMP MIBs
• Upload MIBs to the community to fix errors
• Share your thoughts on SNMP
• Accept the group invite
• ManageEngine’s MIB Database• Short URL - http://bit.ly/1mgRTb9
Q&A
Thank You
