Configuring SNMP. 2012 Cisco and/or its affiliates. All rights reserved. 1

Similar documents
A Guide to Understanding SNMP

Simple Network Management Protocol

Comparison of SNMP. Versions 1, 2 and 3

SNMP Simple Network Management Protocol

Simple Network Management Protocol

Simple Network Management Protocol

ECView Pro Network Management System. Installation Guide.

SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)

SNMP Extensions for a Self Healing Network

Network Monitoring with SNMP

TELE 301 Network Management

SNMP -overview. Based on: W.Stallings Data and Computer Communications

Simple Network Management Protocol

Top-Down Network Design

Network Monitoring with SNMP

SNMP SECURITY A CLOSER LOOK JEFFERY E. HAMMONDS EAST CAROLINA UNIVERSITY ICTN 6865

Simulation of an SNMP Agent: Operations, Analysis and Results

ITEC310 Computer Networks II

Network Monitoring. By: Delbert Thompson Network & Network Security Supervisor Basin Electric Power Cooperative

Configuring Simple Network Management Protocol (SNMP)

How To Understand Network Performance Monitoring And Performance Monitoring Tools

WhatsUp Gold v11 Features Overview

Simple Network Management Protocol (SNMP) Primer

Management, Logging and Troubleshooting

Simple Network Management Protocol

Active Management Services

Network Management. Jaakko Kotimäki. Department of Computer Science Aalto University, School of Science. 21. maaliskuuta 2016

Brocade Product Training

These options allow you to define baseline settings for how scanning will occur on your network

A Brief. Introduction. of MG-SOFT s SNMP Network Management Products. Document Version 1.3, published in June, 2008

Cisco CMTS Router MIB Overview

Introduction to Simple Network Management Protocol (SNMP)

Simple Network Management Protocol (SNMP) Amar J. Desai Graduate Student University of Southern California Computer Science

Know the signs of potential problems. Prevent problems before they occur. This unit contains the following three lessons:

PANDORA FMS NETWORK DEVICE MONITORING

PANDORA FMS NETWORK DEVICES MONITORING

Configuring SNMP Monitoring

NMS300 Network Management System

SNMP Network Management Concepts

MANAGING NETWORK COMPONENTS USING SNMP

Technical Notes P/N Rev 01

Tech Note Cisco IOS SNMP Traps Supported and How to Conf

Network Monitoring & Management Introduction to SNMP

WhatsUpGold. v3.0. WhatsConnected User Guide

NNMi120 Network Node Manager i Software 9.x Essentials

RUGGEDCOM NMS. Monitor Availability Quick detection of network failures at the port and

Alternatives to SNMP and Challenges in Management Protocols. Communication Systems Seminar Talk 10 Francesco Luminati

SNMP Basics BUPT/QMUL

Print Audit Facilities Manager Technical Overview

Title: Standards-based Secure Management of Networks, Systems, Applications and Services using SNMPv3 and HP OpenView Session #: 325 Speaker: David

SNMP SNMP Overview CHAPTER

Tk20 Network Infrastructure

SolarWinds Certified Professional. Exam Preparation Guide

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

The Discovery Wizard now provides the ability to create SNMP Setups that can be selected for individual discoveries. An SNMP Setup specifies:

Network Management and Monitoring Software

Simple Network Management Pwnd. Information Data Leakage Attacks Against SNMP

NetCrunch 6. AdRem. Network Monitoring Server. Document. Monitor. Manage

Study of Network Performance Monitoring Tools-SNMP

This watermark does not appear in the registered version - SNMP and OpenNMS. Part 1 SNMP.

AdRem NetCrunch. Network Monitoring Guide. Version 6.x. Network Monitoring & Management System

How To Understand and Configure Your Network for IntraVUE

Using SolarWinds Orion for Cisco Assessments

Network Management & Monitoring Introduction to SNMP

The ABCs of SNMP. Info Sheet. The ABC of SNMP INTRODUCTION. SNMP Versions

How To Create A Distributed Virtual Network Control System

Application Notes for Configuring Dorado Software Redcell Enterprise Bundle using SNMP with Avaya Communication Manager - Issue 1.

How To Set Up Foglight Nms For A Proof Of Concept

CCT vs. CCENT Skill Set Comparison

Network Discovery Preparing for Installation

MIB Explorer Feature Matrix

Features Overview Guide About new features in WhatsUp Gold v12

Assignment One. ITN534 Network Management. Title: Report on an Integrated Network Management Product (Solar winds 2001 Engineer s Edition)

SNMP Protocol for Easy Network Management

Minimal network traffic is the result of SiteAudit s design. The information below explains why network traffic is minimized.

Network Management Deployment Guide

(In)Security in Network Management

Running custom scripts which allow you to remotely and securely run a script you wrote on Windows, Mac, Linux, and Unix devices.

Smart Business Architecture for Midsize Networks Network Management Deployment Guide

Network Monitoring Comparison

How To Get Started With Whatsup Gold

SNMP JManager: An Open Source Didactic Application for Teaching and Learning SNMP v1/2c/3 with Support for IPv4 and IPv6

School of Information Technology and Engineering (SITE) CEG 4395: Computer Network Management. Lab 4: Remote Monitoring (RMON) Operations

Cisco.Selftestengine v by.Amy.32q

CompTIA Network+ (Exam N10-005)

SNMP and Network Management

Security in Network Management

Network Management & Monitoring Overview

Cisco Change Management: Best Practices White Paper

Network Management System (NMS) FAQ

E- SPIN's IPSwitch WhatsUp Gold Network Management System System Administration Advanced Training (5 Day)

COMPUTER NETWORK TECHNOLOGY (300)

Chapter 6.2: Network Management

SolarWinds Network Performance Monitor powerful network fault & availabilty management

Edu. Network Management Framework: A Distributed Virtual NOC Architecture. DVNOC Model. Octavian RUSU octavian@iasi.roedu.net

Operations Manager: Network Monitoring

A SURVEY ON AUTOMATED SERVER MONITORING

Chapter 18. Network Management Basics

Using WhatsUp IP Address Manager 1.0

Pre-Installation Checks Installation Creating Users and Quick Setup Usage Examples and Settings Appendix

Transcription:

Configuring SNMP 2012 Cisco and/or its affiliates. All rights reserved. 1

The Simple Network Management Protocol (SNMP) is part of TCP/IP as defined by the IETF. It is used by network management systems to monitor networkattached devices for conditions that warrant administrative attention. It consists of a set of standards for network management, including an Application Layer protocol, a database schema, and a set of data objects. 2012 Cisco and/or its affiliates. All rights reserved. 2

Managers: In any configuration, at least one manager node runs SNMP management software. Agents: Network devices that need to be managed, such as switches, routers, servers, and workstations, are equipped with an agent software module. Management Information Base (MIB): The agent is responsible for providing access to a local MIB of objects that reflects the resources and activity at the agent s node. 2012 Cisco and/or its affiliates. All rights reserved. 3

Network Management System (NMS) Agents MIB Managed devices 2012 Cisco and/or its affiliates. All rights reserved. 4

An NMS executes applications that monitor (and possibly control) managed devices. The NMS provides the bulk of the processing and memory resources required for network management. One or more NMSs must exist on any SNMP network. 2012 Cisco and/or its affiliates. All rights reserved. 5

2012 Cisco and/or its affiliates. All rights reserved. 6

2012 Cisco and/or its affiliates. All rights reserved. 7

Nagios: Is an open source management system with many features, aimed primarily at host and service monitoring. It can, however, be used to fill the role of a full-blown SNMPbased management system by setting it up to receive SNMP traps. Nagios can then generate alerts based on traps received from hosts and network devices. Nagios is suited to service monitoring, with its ability to connect to SMTP, POP3, HTTP, NNTP, PING, etc. Nagios even allows advanced monitoring of host statistics, such as disk usage, temperature, load, etc. Nagios has the ability to produce availability charts and graphs as well. It focuses on NOC operations by allowing you to schedule downtimes (i.e. suppress notifications) and track problem resolutions. Being open source and having a decent API also means that there are hundreds of plug-ins for Nagios. Nagios does lack discovery capabilities, however. Netdisco: Is another NMS Suite designed for Linux-only that has a specific focus. As the name implies, the focus is on network discovery. If this is most important to you, Netdisco is definitely worth a look. Netdisco provides layer 2 discovery. It creates mappings from IP and MAC addresses to switch ports, and provides a good interface for searching the discovered information. Netdisco provides many useful reports as well, including: a clickable graph of the network topology, statistics about the number of nodes connected, and a great listing of security concerns such as rogue wireless access points and hosts using IP addresses that aren't in DNS. 2012 Cisco and/or its affiliates. All rights reserved. 8

WhatsUp: Is a very popular monitoring system that runs on Windows only. WhatsUp is a fairly complete NMS, implementing: monitoring, discovery, and reporting. It can even catch SNMP traps and provide information about devices using its SNMP Viewer. The intuitive interface, world-class maps and diagrams, and ease of use make WhatsUP preferred by many. It is a very popular monitoring system that runs on Windows only. Big Brother's: Focus is purely on monitoring. Big Brother is a customizable monitoring system that is easy to set up. It works on both Unix and Windows servers and clients. The web interface shows a statistics page with simple "red = bad, green = good" scheme. Big Brother can monitor services, as well as act simply as a ping tool. Cricket: Is a one-feature piece of software, but it deserves mention here. Cricket graphs important data based on SNMP data collected from routers and switches. Most common uses include data rate of every port and temperature/cou usage. Virtually every site uses this package in conjunction with other NMS tools, since it excels at gathering and displaying this important information. http://www.unix.com.ua/orelly/networking_2nded/snmp/ch05_02.htm 2012 Cisco and/or its affiliates. All rights reserved. 9

An agent is a network-management software module that resides in a managed device. An agent has local knowledge of management information and translates that information into a form compatible with SNMP. 2012 Cisco and/or its affiliates. All rights reserved. 11

2012 Cisco and/or its affiliates. All rights reserved. 12

A managed device is a network node that contains an SNMP agent and that resides on a managed network. Managed devices can be routers and access servers, switches and bridges, hubs, computer hosts, or printers. Managed devices collect and store management information and make this information available to NMSs using SNMP. 2012 Cisco and/or its affiliates. All rights reserved. 13

SNMP asks agents for information or tells the agents to do something. In SNMPv1, asynchronous event reports are called traps while in later versions they are called notifications. The actions GET and SET are the vulnerabilities that open SNMP to an attack. 2012 Cisco and/or its affiliates. All rights reserved. 14

GetRequest GetNextRequest SNMP Manager GetBulkRequest SetRequest Response SNMP Agent Trap InformRequest Report To another Manager 2012 Cisco and/or its affiliates. All rights reserved. 15

GET REQUEST Used to retrieve a piece of management information. GETNEXT REQUEST Used interactively to retrieve sequences of management information. GET RESPONSE Agent responds with data to get and sends requests from the manager. SET REQUEST Used to initialize and make a change to a value of the network element. TRAP Used to report an alert or other asynchronous event about a managed subsystem. 2012 Cisco and/or its affiliates. All rights reserved. 16

Other PDUs were added in later versions, including: GETBULK REQUEST - a faster iterator used to retrieve sequences of management information. INFORM - an acknowledged trap. 2012 Cisco and/or its affiliates. All rights reserved. 17

2012 Cisco and/or its affiliates. All rights reserved. 18

SNMP uses: UDP port 161 for the agent UDP port 162 for the manager. The Manager may send Requests from any available ports (source port) to port 161. The agent response will be given back to the source port. The Manager will receive traps on port 162. The agent may generate traps from any available port. 2012 Cisco and/or its affiliates. All rights reserved. 19

SNMPv1 and SNMPv2 use a community string to access router SNMP agents SNMP community strings act like passwords An SNMP community string is a text string used to authenticate messages between a management station and an SNMP engine Read Only Community String: Community strings can obtain information but cannot set information in an agent. Read-Write Community Strings: Community strings can obtain and set information in an agent. 2012 Cisco and/or its affiliates. All rights reserved. 20

SNMP agents accept commands and requests only from SNMP systems that use the correct community string. In effect, having read-write access is equivalent to having the enable password! By default, most SNMP systems use a community string of public This is a security problem! If the router SNMP agent is configured to public, anyone with an NMS system is able to read the router MIB. Router MIB variables can point to entities like routing tables and other security-critical components of a router configuration. It is very important that custom SNMP community strings are created! 2012 Cisco and/or its affiliates. All rights reserved. 21

A security model is an authentication strategy that is set up for a user and the group that the user resides in. Currently, Cisco IOS software supports three security models: SNMPv1 SNMPv2 (variations - SNMPv2p, SNMPv2c, SNMPv2 (SNMPv2u, and SNMPv2*) SNMPv3. SNMPv1 and v2 are considered obsolete, and are extremely insecure. It is recommended they NOT be used on a publicly attached network. SNMP3 adds administration and security features. 2012 Cisco and/or its affiliates. All rights reserved. 22

1 2 No No It uses cleartext authentication strings. Sends strings repeatedly as part of periodic polling. Easily spoofable, datagram-based transaction protocol. Uses the same PDUs as version 1 Add two new PDUs called GetBulk and Inform. Different variations developed to address security issues 3 Yes Username match for authentication Increased message integrity Authentication based on HMAC-MD5 or HMAC- SHA Encryption based on CBC-DES 2012 Cisco and/or its affiliates. All rights reserved. 23

SNMPv3 is an interoperable standards-based protocol for network management. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. There are three security features that SNMPv3 provides: Authentication Message integrity Encryption 2012 Cisco and/or its affiliates. All rights reserved. 24

2012 Cisco and/or its affiliates. All rights reserved. 25

SNMP is typically used to ease troubleshooting and configuration. However, SNMP in a production network introduces a potential vulnerability. If SNMP is required, consider: Providing read-only access to devices via SNMP Treat the SNMP community string with the same care that you might use for a root password on a critical UNIX host. Use SNMPv3 authentication and encryption features. 2012 Cisco and/or its affiliates. All rights reserved. 51

If SNMP is not required, disable it. If SNMP is absolutely required, use it only in the read-only mode. Don t use obvious read/write strings. Log the authentication failures. For SNMP remote access, create a basic ACL for trusted subnets to control which hosts can access the managed device. 2012 Cisco and/or its affiliates. All rights reserved. 52

2012 Cisco and/or its affiliates. All rights reserved. 53

2012 Cisco and/or its affiliates. All rights reserved. 54

SNMP Tutorial http://video.google.ca/videoplay?docid=5629617213275193770&ei=bllssj- NBKC4-wGgt728Ag&q=snmp&vt=lf&hl=en Essential SNMP http://www.unix.com.ua/orelly/networking_2nded/snmp/index.htm Configuring SNMP http://www.cisco.com/en/us/docs/ios/netmgmt/configuration/guide/nm_cfg_sn mp_sup_ps6441_tsd_products_configuration_guide_chapter.html SNMP Server SNMP Trap Watcher http://www.bttsoftware.co.uk/snmptrap.html Kiwi Enterprises http://www.kiwisyslog.com/products.htm#syslog 2012 Cisco and/or its affiliates. All rights reserved. 55

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information