7943

Get a Live Demo

You need to see DPS gear in action. Get a live demo with our engineers.

White Paper Series

Check out our White Paper Series!

A complete library of helpful advice and survival guides for every aspect of system monitoring and control.

DPS is here to help.

1-800-693-0351

Have a specific question? Ask our team of expert engineers and get a specific answer!

Learn the Easy Way

Sign up for the next DPS Factory Training!

DPS Factory Training

Whether you're new to our equipment or you've used it for years, DPS factory training is the best way to get more from your monitoring.

Reserve Your Seat Today

NetGuardian RTU SNMP Inputs, Outputs, & Cybersecurity

By Andrew Erickson

June 18, 2023

Share: 

Let's look at some specific examples to really clarify how NetGuardians support SNMP.

DPS Telecom uses Simple Network Management Protocol (SNMP) extensively in our remote monitoring devices.

These devices are designed to provide robust, reliable, and comprehensive monitoring of critical infrastructure for telecom companies, utilities, and transportation networks, among others.

One necessary aspect of "robustness" is being compatible with existing monitoring infrastructure. Unless our T/Mon master station is directly monitoring our NetGuardians, 95% of our third-party integrations happen via SNMP protocol.

SNMP in NetGuardian Devices

DPS Telecom's devices, like the NetGuardian series of RTUs, can function as both SNMP managers and agents.

Most commonly, as SNMP agents, they can report system events, alarms, and other key performance metrics to the central SNMP manager using SNMP traps. This can include anything from changes in temperature, low battery levels, low propane/LPG/diesel fuel levels power fluctuations, equipment failure, or unauthorized access through secure doors.

As a lightweight SNMP manager, NetGuardians can also collect and manage data from other SNMP-enabled devices.

Within a single site, this creates a centralized system for network monitoring. There will still be a central manager of some kind involved, which may or may not be an SNMP manager.

As one example, I've sold some NetGuardian G6 832A units that are primarily being used to collect alarms from site devices using SNMP and MODBUS. This varies heavily from the traditional RTU inputs of contact closures and analog voltages/current.

This data is then forwarded to the central SNMP manager overseeing all sites. The aggregation step to the NetGuardian grants visibility via the web interface and provides compartmentalization for easier system management.

With the help of SNMP whenever appropriate (the majority of the time), NetGuardian users have a real-time view of their network's status. They can quickly detect, diagnose, and resolve any arising issues.

SNMP Adds Interoperability and Standardization

We built DPS largely based on the promise of standardization and interoperability. Rather than trapping you into a "walled garden" of a product ecosystem, we've instead built devices that convert and mediate to get you out of the traps set by companies.

This is particularly valuable in complex, multi-vendor network environments where interoperability is key to maintaining network integrity and performance.

Since SNMP is an open protocol, it allows DPS devices to integrate seamlessly with other devices and systems in a network that also support SNMP, regardless of the manufacturer.

SNMPv3 has Superior Cybersecurity

With the growing usage of SNMP in diverse applications, security concerns have also increased. As we have already discussed in prior articles, SNMPv1 and SNMPv2c lacked sufficient security measures. They relied on 'community strings,' as a type of password. Unfortunately, they're of limited use because they're sent in plaintext. This has the potential to expose sensitive network information to malicious intruders.

SNMPv3, however, addresses these concerns by providing both authentication and encryption. SNMPv3's User-Based Security Model (USM) provides message integrity, authentication, and encryption. Message integrity ensures that a packet has not been tampered with in transit, authentication verifies that the message is from a valid source, and encryption scrambles the packet contents to prevent it from being seen by unauthorized entities.

Despite these measures, SNMPv3 implementation still requires careful security considerations. For instance, using strong, unique passwords and regularly updating them can further enhance SNMPv3's built-in security.

I can't tell you how many times I've encountered default passwords being used for years at a time in "highly secure" corporate and government facilities. Your security chain is only as strong as its weakest link.

Network administrators should also ensure that SNMP traffic is restricted to necessary devices only. Appropriate access control policies should also be in place to minimize potential exposure to threats.

Enhancing NetGuardian Security with SNMPv3

Given the importance of network security, especially in critical infrastructure, DPS supports SNMPv3 across all of our modern device to leverage superior security features.

SNMPv3's authentication and encryption capabilities are critical in preventing unauthorized access and ensuring data integrity and privacy. Many of our larger corporate, government, and utility clients have rules forbidding earlier versions of SNMP in critical infrastructure.

Integration with Alarm Monitoring Systems

DPS devices can also convert SNMP traps to standard alarm information for alarm monitoring systems. This means the rich data collected via SNMP can be seamlessly integrated into broader network management strategies, ensuring swift response to any network issues.

One excellent example of this is the "TrapRelay" series of devices. These are effectively "reversed RTUs" that take in SNMP traps and render the data northbound as contact closures. As unusual as that may sound, this is the reality of having multiple different eras of remote monitoring equipment all coexisting in one network.

SNMP's Future Applicability

The future will continue to heavily involve SNMP. This standard protocol continues to be an essential tool in network management.

Its simplicity, wide vendor adoption, and suitability for managing a diverse range of devices make it among the top choices for use. As with any battle between competing ecosystems, the popularity of SNMP reinforces a virtuous cycle.

Even though it has some quirks, SNMP's main strength is that so many other devices already use it. Don't you want your new device to be compatible with your existing devices? The upcoming exponential growth of IoT will likely further solidify SNMP's #1 ranking.

We'll eventually see SNMPv4, which will carry modifications and enhancements to meet the evolving network management needs.

Despite the evolution of other management protocols, SNMP's universal adoption, simplicity, and applicability to both small-scale and enterprise-level networks ensure its continuing relevance in the realm of network management.

Call DPS to Discuss SNMP and RTUs

We can help you with any SNMP-related question, particularly if it also involves RTUs.

Speak with an engineer today about your project. Just tell us what you're trying to accomplish.

Call 1-800-693-0351 or email sales@dpstele.com

Share: 
Andrew Erickson

Andrew Erickson

Andrew Erickson is an Application Engineer at DPS Telecom, a manufacturer of semi-custom remote alarm monitoring systems based in Fresno, California. Andrew brings more than 17 years of experience building site monitoring solutions, developing intuitive user interfaces and documentation, and opt...