SNMP Tutorial Part 2B: Selecting A System

Before you buy... make sure you avoid these 7 common mistakes.

Relying on off-the-shelf SNMP systems for mission-critical telemetry is a major mistake. What if you're switching from traditional telemetry or integrating non-SNMP monitoring with an SNMP-based system? An off-the-shelf SNMP manager will not provide what you need and expect. You won't get detailed alarm data. Before you commit to an SNMP monitoring solution, you need to make sure it supports key network alarm monitoring functions.

There are seven common mistakes network managers typically make when integrating SNMP and non-SNMP monitoring. Your SNMP implementation will be successfully only if you can avoid them.

  1. Selecting a system that doesn't provide complete, precise alarm descriptions.
    A basic SNMP manager doesn't record the location, time, severity, or a precise description of alarm events. To adapt an off-the-shelf SNMP manager to monitor these factors, you must create and maintain a master alarm list. This list represents all the monitored points in your network. Then you must also create and maintain a database. That database will associate all the traps that may be sent to the SNMP manager with the alarms on that list.
  2. Settling for a system that can't identify cleared alarms.
    Even more database work is required to identify whether a trap matches to an alarm condition or a clear condition. Creating this addition to the trap association database often requires analyzing a lot of variable bindings within the trap packet.
  3. Not maintaining a history of standing alarms.
    Relying solely on a basic SNMP manager for network alarm monitoring is not wise. That can potentially result in completely losing visibility of threats to your network. A basic SNMP manager doesn't maintain a list of standing alarms. Instead, the typical SNMP manager maintains an event log of newly reported traps and a history log of acknowledged traps. As soon as a trap is acknowledged, it is considered cleared. Imagine what might happen to your network if a system operator acknowledges an alarm. Then, for whatever reason, that operator fails to correct the alarm condition. Who would know the alarm is still standing?
  4. Not identifying system operators.
    Basic SNMP managers do not record the identity of the system operator who acknowledges an alarm. In the example of the negligent system operator, it would be impossible to determine who had made the mistake. You couldn't assign responsibility for the resulting problems.
  5. Trusting a system that's insecure for a lot of users.
    Out of the box, the typical SNMP manager is not designed for multi-user security. All traps are posted to one alarm list; all users may view all alarms, and all users may acknowledge all alarms.
  6. Broadcasting all alarms to all system users.
    Basic SNMP managers have no built-in functions for organizing alarms by logical group. The can't post the same alarm to multiple logical categories. They can't sort which alarms the user wants to see. Let's say that Jones is in charge of all gear for the Western region. Smith is in charge of power plants. Both need to know about a generator failure in Tucson. Neither one needs to know about all the alarms in the network. And if one manager corrects the alarm condition and acknowledges the alarm, the other manager needs to know it was acknowledged and by whom. Unfortunately, standard SNMP managers will not support these functions.
  7. Allowing yourself to be bombarded by nuisance alarms.
    No SNMP manager supports the advanced features needed for best quality telemetry monitoring. These features include notifications escalation, legacy protocol mediation, and nuisance alarm silencing. They also include automatic control relay operation and automatic alerts by pager and e-mail.

Requirements for Extensive Customization Reduce the Advantages of an Open Standard.

It is true that many, but not all, of these functions can be added to standard SNMP managers. Don't forget that implementing network alarm monitoring in a basic SNMP manager isn't easy. It usually involves a substantial amount of custom software module development. Even when pre-built software modules are available, they usually require custom tweaking to perform exactly as you want them to.

The need for extensive customization eliminates the advantage of using a simple open standard. It is difficult to justify significant development costs after purchasing an already expensive SNMP manager. Why take the time, trouble, and expense to recreate capabilities? These functions are already present in a high-quality, SNMP-capable network alarm management system?

The Right Role for Your SNMP manager.

Relying on an SNMP manager for critical network monitoring just doesn't make sense. It doesn't take into account the tons of legacy and non-SNMP equipment that is functioning perfectly fine out in networks all over the world. That gear works. Don't throw it away. The role of an SNMP manager is best used for inventorying network devices. You can also use it for drilling down into equipment details. This is mostly done after your network monitoring system notifies you of a problem.

SNMP can be an effective tool. Still, it's only one item in your network alarm monitoring toolkit. It can be used more effectively when it is part of a total network monitoring solution.

The T/Mon Network Alarm Monitoring Solution.

If you are looking to avoid these 7 mistakes, then the T/Mon network alarm monitoring system is for you. It is specifically designed to avoid them. What about Network managers who rely on T/Mon for their network alarm monitoring, notification, and control? What do they say? "Looking at one map and knowing it represents every piece of equipment you're monitoring in the field... that's pretty good peace of mind."

SNMP Tutorial Part 2A: The Management Information Base (MIB)

SNMP Tutorial Part 3: Protocol Packet Types and Structure