SNMP is the protocol that give you the ability to monitor your network devices. It is a clear text open source protocol and not cisco proprietary.

SNMP is an application layer protocol that provides a message format for communication between what we call “managers” and “agents”.

An SNMP manager is a network management application running on a PC or server, while the host is called a Network Management Station (NMS).

What SNMP does is that, it picks a value associated with each of the different components on a device, say cisco device on the network.

For example:

  • the router, the CPU give its value of 1.9.2..2.1.2.1.2.1.2.9,
  • the memory will have its own,
  • each of the FastEthernet,
  • IOS version, can get how many bytes have been transferred out fa0/5 over the last 5 seconds and other thousands of components that are in the device.

The value is known as an OID (Object identifier).

So, if you ask SNMP what the OID value of x is, it will provide you with an answer. If the CPU utilization is at 75%, when you ask for the value, SNMP will tell you 75% and you can do that for the other OIDs. Also, instead of you asking every time what the value of a component is, like the CPU utilization, you can simply configure SNMP to tell you the CPU utilization every 5 seconds and then it checks and output the result and over a period of time, the result comes as a graph that we see on the screen as output. 

MIB-Management information base:  This is provided by vendors that manufacture those devices. This is the book of all the OIDs that exist on the device.

SNMP Versions

  1. Version 1: only support 32 bits’ counters
  2. Version 2: Supports 64 bit counters
  • Version 1&2 are community string based, meaning their security is entirely in a read only and read write string (ro & rw). It is a weak security. In the real world, don’t even enable this on your devices because everything in the cisco world has an OID (Interfaces have, Ip addresses have, enable secret have) so, someone could come in and change the value of a OID because of the RW string.
  • Version 3: This is all about security and here you can add authentication and encryption
    • Message integrity: This mechanism, applied to all SNMPv3 messages, confirms whether or not each message has been changed during transit.
    • Authentication: This optional feature adds authentication with both a username and password, with the password never sent as clear text. Instead, it uses a hashing method like many other modern authentication processes.
    • Encryption (privacy): This optional feature encrypts the contents of SNMPv3 messages so that attackers who intercept the messages cannot read their contents.