Simple Network Management Protocol (SNMP) is an application-layer protocol used to manage and monitor network devices and their functions. SNMP provides a common language for network devices to relay management information in a local area network (LAN) or wide area network (WAN).
One of the most widely used protocols, SNMP is supported on an extensive range of hardware -- from conventional network equipment like routers, switches and wireless access points to endpoints like printers, scanners and Internet of Things (IoT) devices. In addition to hardware, SNMP can be used to monitor services such as Dynamic Host Configuration Protocol (DHCP). SNMP software agents on these devices and services communicate with a network management system (NMS), also called an SNMP manager, to relay status information and configuration changes.
Using SNMP with an NMS enables a network administrator to manage and monitor network devices from a single interface, which can typically support batch commands and automatic alerts. SNMP is described in the Internet Engineering Task Force (IETF) Request for Comment (RFC) 1157 and in a number of other related RFCs. The most recent iteration of SNMP, version 3, includes security enhancements that authenticate and encrypt SNMP messages as well as protect packets during transit.
Components of SNMP
There are four main components in an SNMP-managed network:
SNMP agent: This software runs on the hardware or service being monitored, collecting data about disk space, bandwidth use and other important network performance metrics. When queried by the SNMP manager, the agent sends the requested information back to the management system. An agent may also proactively notify the NMS if an error occurs. Most devices come with an SNMP agent pre-installed but it typically needs to be turned on and configured.
SNMP-managed network nodes: These are the network devices and services upon which the agents run.
SNMP manager: The network management system (NMS) is a software platform that functions as a centralized console to which agents feed information. The NMS will actively request agents to send updates at regular intervals, and what a network manager can do with that information depends heavily on how feature-rich the NMS is. There are several free SNMP managers available, but they are typically limited in their capabilities or the number of nodes they can support. At the other end of the spectrum, enterprise-grade platforms offer advanced features for more complex networks, with some products supporting up to tens of thousands of network nodes.
Management information base (MIB): This database is a text file (.mib) that itemizes and describes all objects on a particular device that can be queried or controlled using SNMP. Each MIB item is assigned an object identifier (OID).
How SNMP works
SNMP can perform a multitude of functions, using a blend of push and pull communications between network devices and the management system. It can issue read or write commands, such as resetting a password or changing a configuration setting. It can also report back how much bandwidth, CPU and memory are in use, with some SNMP managers automatically sending the administrator an email or text message alert if a predefined threshold is exceeded.
Most of the time, SNMP functions in a synchronous model, with communication initiated by the SNMP manager and the agent sending a response. These commands and messages, typically transported over User Datagram Protocol (UDP) or Transmission Control Protocol/Internet Protocol (TCP/IP), are known as protocol data units (PDUs):
- GET: Generated by the SNMP manager and sent to an agent to obtain the value of a variable, identified by its OID, in
- RESPONSE: Sent by the agent to the SNMP manager, issued in reply to a GET request. Contains the values of the requested variables.
- GETNEXT: Sent by the SNMP manager to agent to retrieve the values of the next OID in the MIB's hierarchy.
- GETBULK: Sent by the SNMP manager to the agent to obtain large tables of data by performing multiple GETNEXT commands.
- SET: Sent by the SNMP manager to the agent to issue configurations or commands.
- TRAP: An asynchronous alert sent by the agent to the SNMP manager to indicate a significant event, such as an error or failure, has occurred.