Is the SNMP protocol worrying?

Source: Internet
Author: User

SNMP is used for network management. This brings many benefits to the equipment maintenance of large networks. However, due to its continuous introduction, almost all devices have Default SNMP protocol settings, resulting in endless security issues. Shouldn't SNMP be used? Next we will analyze its advantages and disadvantages.

Technology and industrial standards may be the most important part in the implementation of network management concepts. Without unified industrial standards, management complexity and costs will multiply, network stability and reliability will be greatly reduced, and intelligent, secure, and open goals will not be achieved. In reality, all devices on the common network support industrial standard protocols, so that different devices can communicate smoothly, dedicated products also require additional products with high value. Based on this, mainstream network management technologies are derived from several major industrial standards, including SNMP (Simple Network Management Protocol) and RMON (remote monitoring) and rmon ii and other standards and technologies are undoubtedly the most important part.

User data networks are usually managed using the SNMP protocol. Simple Network Management Protocol (SNMP) is a widely used Network Protocol, it uses Agent software embedded in network facilities to collect network communication information and statistics on network devices. The agent continuously collects statistical data, such as the number of bytes received, and records the data to a Management Information Base, the network administrator can obtain this information by sending a query signal to the agent MIB. This process is called polling and is the most basic feature of SNMP.

SNMP is an industrial standard widely accepted and put into use. It aims to ensure that management information is transmitted at any two points, it facilitates the network administrator to retrieve information, modify, find faults, and complete fault diagnosis, capacity planning, and report generation on any node on the network. The SNMP protocol using the polling mechanism provides the most basic function set for network management, and is most suitable for small, fast, and low-cost network environments. Because SNMP only requires unconfirmed Transport Layer Protocol UDP, it is widely supported by many products.

Work Mode

SNMP replaces the complex command SET with the GET-SET method. You can use basic operations to complete all operations. At the same time, you can use the Management Information Library standard or the standard method to define your MIB. In this way, the cost of the entire network management system can be reduced by reducing the cost of many agent components in the network management system.

In SNMP, the network management site (NMS) is a network management entity. The network management software runs on the network management site, which sends various Query Packets to network devices, receive the response and Trap packets from the managed device, and display the results. A network management station is usually a workstation, a PC Server, or a PC. It is connected to a managed device through a data network, such as a LAN port, therefore, the network is usually composed of internal network management, that is, the data between the network management station and the device is the same as the common data. Of course, you can set QoS in the network device to protect the corresponding data.

A network management Agent (Agent) is a process that resides on a managed device, such as a router or vswitch. It is responsible for receiving and processing request packets from the network management site, then, the value of the property management variables such as the device interface form a Response Message and send it to NMS. In some emergency situations, such as interface status change and call success, actively notifies NMS to send Trap packets ). Network management software builds an intuitive topology based on the response data packets to Facilitate network management personnel to monitor and manage devices. SNMP is an application layer protocol that defines how NMS and Agent transmit management information.

Weaknesses cannot be ignored

However, some insiders also believe that the SNMP protocol also has some problems: it uses the agent software embedded into the network facilities to collect network communication information and statistics on network devices, the agent continuously collects statistical data and records the data in the MIB. The network administrator can obtain this information by sending a query signal round-robin to the MIB. Therefore, although the MIB counter records the sum of statistics, it cannot perform historical analysis on daily traffic. Of course, to fully view the communication traffic and change rate of a day, the Administrator must continuously poll the SNMP agent, for example, polling every minute of a day. In this way, network administrators can use SNMP to evaluate the running status of the network and reveal the communication trend, such as which network segment is close to the maximum capacity of the communication load or is causing communication errors, the advanced SNMP network management station can even program to automatically close the port or take other corrective measures to process historical network data.

Even so, there are two obvious weaknesses in SNMP Management Based on polling: in large networks, polling will generate huge network management traffic, as a result, communication congestion occurs. It adds the burden of data collection to the network management console, and the management site may be able to easily collect information of eight network segments, however, when they monitor 48 CIDR blocks, they may not be able to cope.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.