Defining SNMP
SNMP stands for Simple Network Management Protocol. It is a networking protocol used for the management and monitoring of network connected devices in IP-networks. You find the SNMP protocol embedded in all kinds of network devices like routers, switches, hubs, wireless access points, and servers. Those devices use SNMP to provide Lansweeper with management information like device identification, changes on the network, network performance, and the status of devices. It also allows them to share device-specific information, like the toner level of printers, which Lansweeper can retrieve automatically. SNMP is based on the manager/agent model, where the manager provides the interface between the network administrator and the network management system. The agent takes care of the interface between the manager and the device.
What is SNMP MIB?
To exchange data, the agent and manager use a data tree consisting of several tables. These tables are called Management Information Bases, or MIBs. An MIB is a formatted text file that groups together all of the data objects used by a particular device. Before a new piece of equipment can communicate with the manager, you need to load the specific MIB into the SNMP manager. The MIB allows message translation, enabling communication between the device and the SNMP manager.
What are OID’s?
Every MIB is identified by a unique OID or object identifier that consists of a globally recognizable string of numbers that are each separated by a decimal point. The OID makes up the tree structure of the MIB, where every decimal point marks a new branch of that tree and every number a specific piece of information. Essentially, these numbers summarize a lot of information about the device in a comprehensible manner, including who the manufacturer is.
Lansweeper provides you with an SNMP MIB browser to browse an extensive list of existing MIBs or import your own MIB files with the MIB importer. You can use the OID library to filter and scan specific or even custom OIDs in your MIB files.
What are SNMP traps?
Usually, a manager requests an agent for information by sending an SNMP-supported request in the form of Protocol Data Units (PDU) to retrieve and change specific variables or to find variables and corresponding values available. An SNMP trap is a special type of PDU, through which an agent sends an unrequested message or notification to the manager about critical events regarding objects in the managed device.
There are two kinds of traps, generic and enterprise-specific traps. The first are six standard traps defined in RFC 1215 of Internet Engineering Task Force: coldStart, warmStart, linkDown, linkUp, authenticationFailure, and egpNeighborLoss. Enterprise-specific traps are custom traps defined to send information about various objects in a managed device. Usually, manufacturers or IT vendors define enterprise-specific traps to enable information sending about specific objects in their devices. For example, an SNMP trap can inform you of a device that is overheating or of a device that is powering up.
What ports does SNMP operate on?
SNMP sends requests and receives responses using the User Datagram Protocol (UDP) port 161. SNMP traps are received via UDP port 162. When used with Transport Layer Security or Datagram Transport Layer Security requests are received on port 10161 and traps are sent to port 10162.
For SNMP Agents that support non-default ports, alternative solutions must be implemented, such as SNMP proxies that listen at non-default ports and forward the communication to the default ports given above.
Lansweeper and SNMP monitoring
Lansweeper provides a variety of tools for SNMP monitoring. The Lansweeper MIB Browser is the essential tool for network administrators to manage SNMP-enabled network devices and applications. It allows you to walk any MIB tree and determine which MIBs are supported by a particular network device. Any of the OIDs found can be used in custom OID scanning, allowing you to retrieve specific data from any OID supported by the device. With custom OID scanning, you can define your OID scanning target before you start a scan. You can choose to scan for individual assets or entire asset groups, or even assets within a set IP range. Lansweeper will collect the OID data in an instant and present it to you in a clear and fully updated overview.
But do not forget: SNMP network management has limitations, mainly due to its focus on device specific metrics. Lansweeper has a lot more to offer and provides a complete suite for the IT professional by using a multitude of ports, protocols, and other scanning methods.