Explanation of SNMP protocol and Management proxy

The SNMP protocol can be developed quickly in the target system. It is easy to appear in new products or upgraded old products. Although the SNMP Protocol lacks some advantages of other network management protocols, it is simple in design, flexible in expansion, and easy to use. These features greatly make up for other shortcomings in the SNMP Protocol application.

Because the SNMP protocol is simple in design, flexible in expansion, and easy to use, it has been considered as the preferred management protocol for network equipment vendors, application software developers and end users.

SNMP is a connectionless protocol, which means that it does not support dedicated connections such as TELNET or FTP. SNMP transmits information between the management proxy and the Administrator by sending request messages and returning responses.

This mechanism reduces the burden on the Management proxy, and does not have to support other protocols and connection-based processing processes. Therefore, the SNMP Protocol provides a unique mechanism to handle reliability and fault detection problems.
 
In addition, the network management system is usually installed in a relatively large network environment, including a large number of different types of network and network devices.

Therefore, in order to divide management responsibilities, the entire network should be divided into several user partitions, which can classify network devices meeting the following conditions into the same SNMP partition: they can provide a line for implementing the security required by a partition.

The SNMP protocol supports this security model based on the partition name community string). You can physically add it to each network device in the selected partition. Currently, the partition-based authentication model in SNMP is very insecure and has a serious security problem.

The main reason is that the SNMP Protocol does not provide encryption, nor does it guarantee that partition information cannot be directly copied from the network during SNMP packet exchange. Only one data packet capture tool can be used to decrypt the entire SNMP data packet, so that the partition name is exposed.

For this reason, most sites are prohibited from managing proxy device settings. However, this method has a side effect. In this way, you can only monitor the values of data objects without modifying them, which limits the availability of the SNMP protocol.