Simple Network Management Protocol (SNMP) is a set of protocols for managing complex networks. SNMP protocols are application layer protocols. Using SNMP, devices within a network send messages, called protocol data units (PDUs), to different parts of a network. Network management using SNMP requires three components:
The SNMP Manager can communicate to the devices within a network using SNMP. Typically, the SNMP Manager is a network management system (NMS) that manages networks by monitoring the network parameters, and optionally, setting parameters in managed devices. Normally, the SNMP Manager sends read requests to the devices that host the SNMP Agent, to which the SNMP Agent responds with the requested data. In some cases, the managed devices can initiate the communication, and send data to the SNMP Manager using asynchronous events called traps.
The SNMP Agent is a software that resides in the managed devices in the network, and collects data from these devices. Each device hosts an SNMP Agent. The SNMP Agent stores the data, and sends the data when requested by an SNMP Manager. In addition, the SNMP Agent can asynchronously alert the SNMP Manager about events by using special PDUs called traps.
SNMP Agents in the managed devices store the data about these devices in a database called the management information base (MIB). The MIB is a hierarchical database, which is structured on the standard specified in RFC 2578 (Structure of Management Information Version 2 [SMIv2]).
The MIB is a database of objects that can be used by a network management system to manage and monitor devices on the network. The MIB can be retrieved by a network management system that uses SNMP. The MIB structure determines the scope of management access allowed by a device. By using SNMP, a manager application can issue read or write operations within the scope of the MIB.
The following table provides information on ports that the device uses. When configuring the switch for various policies, take into consideration firewalls and other devices that may sit between device and your network or between the managers and the device.
Port | Type | Common use | Comment |
---|---|---|---|
161 | UDP |
SNMP GET/SET/GETNEXT/ BULK |
Disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port. |
162 | UDP |
SNMP TRAPS/INFORMS |
Sends traps/informs. Uses CLI command “no snmp-server enable trap" to disable the SNMP trap service. For outgoing source port, the available port number is picked in the port range. |