Internet Protocol (IP) networks use managing devices such as Simple Network Management Protocol (SNMP) to monitor network attached devices. In a computer network, a group of devices are attached, and they are managed and monitored by a manager. An agent, which is a software module in a managed device, reports information through the SNMP to the manager which has a Network Management System (NMS) that executes the applications that monitor and control managed devices.
There are seven SNMP protocol data units (PDU)
There are three versions of SNMP
SNMPv1: which is the network management protocol being used by the Internet.
SNMPv2: which is a revised version of the SNMPv1. It contains improvements in performance, confidentiality, security, and communications between managers. Its party-based security system is very complex, though, and has to be revised in order to be able to use it with the SNMPv1.
SNMPv3: which has added cryptographic security and new concepts, terminology, remote configuration enhancements, and textual conventions.
The main difference between SNMPv3 and v2 (or v1) is that the v3 version addresses the security and privacy issues. For example, in SNMPv2, passwords are transmitted in plain text, whereas v3 uses encryption.
1. Authentication
2. Privacy
3. Authorization and Access Control
4. Remote configuration and administration capabilities
SNMPv1 and SNMPv2c use a community string that is used as the password and there's no authentication or encryption.
The security features provided in SNMPv3 are as follows:
SNMPv3 is a security model in which an authentication strategy is set up for a user and the group in which the user resides.
SNMPv1 was the first version of SNMP. Although it accomplished its goal of being an open, standard protocol, it was found to be lacking in key areas like security, and flexibility.
SNMPv2 is essentially same as SNMPv1 in practical terms, except it adds support for 64 bit counters.
SNMPv2 did not include communities, and it was added to SNMPv2c on demand from users.
SNMPv3 is the latest version of SNMP. Its primary feature is enhanced security.
SNMPv3 security comes primarily in 2 forms:
1. User-based Authentication Mechanism is based on the following:
2. User-based Privacy Mechanism is based on the following:
The following security levels and encryption are available in SNMPv3:
1. NoAuthNoPriv - Communication without authentication and privacy. Uses only User Name for authentication and no encryption or privacy.
2. AuthNoPriv - Communication with authentication and without privacy. The protocols used for Authentication are MD5 and SHA (Secure Hash Algorithm).Provides authentication based on the Hashed Message Authentication Code (HMAC)-MD5 or HMAC-SHA algorithms
3. AuthPriv - Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. Communication with authentication and without privacy. The protocols used for Authentication are MD5 and SHA (Secure Hash Algorithm).
In addition to authentication, provides DES 56-bit encryption based on the Cipher Block Chaining (CBC)-DES (DES-56) standard.
The following is the set of security levels as defined in the USM MIB (RFC 2574) :
| Security Model | Security Level | Authentication | Encryption Type |
|---|---|---|---|
| SNMPv1 | noAuthNoPriv | Community string | None |
| SNMPv2c | noAuthNoPriv | Community string | None |
| SNMPv3 | noAuthNoPriv | User name | None |
| AuthNoPriv | MD5 or SHA | None | |
| authPriv | MD5 or SHA | CBC-DES (DES-56) |
