The SNMP protocol is based on the manager/agent model, and it has three major versions: SNMPv1, SNMPv2c and SNMPv3.
These different generations of SNMP have created a definite fracturing of what was once a simple architecture. Now, you have to consider the multi-generational SNMP versions you have in play and consider mediation devices to convert older SNMP to the newer version. This is why we'll dive into these SNMP versions and learn the main differences between them.
SNMPv1 was the first version of SNMP. Although it accomplished its goal of being an open, standard protocol, it was found to be lacking in key areas for certain applications. Later versions have addressed many of these problems. Smaller RTUs commonly support SNMPv1.
SNMPv2c is a sub-version of SNMPv2. Its key advantage over previous versions is the Inform command. Unlike Traps, which are simply received by a manager, Informs are positively acknowledged with a response message. If a manager does not reply to an Inform, the SNMP agent will resend the Inform.
Other advantages include:
Improved error handling
Improved SET commands
Keep in mind that not all devices are SNMPv2c compliant, so your SNMP manager should be downward compatible with SNMPv1 devices. You can also use an SNMPv3 mediation device to ensure compatibility.
SNMPv3 is the newest version of SNMP. Its primary feature is enhanced security.
The "EngineID" Identifier in SNMPv3 uniquely identifies each SNMP entity. Conflicts can occur if two SNMP entities have duplicate EngineID's. The EngineID is used to generate the key for authenticated messages.
SNMPv3 security comes primarily in 2 forms:
Authentication is used to ensure that traps are read by only the intended recipient. As messages are created, they are given a special key that is based on the EngineID of the entity. The key is shared with the intended recipient and used to receive the message.
Privacy encrypts the payload of the SNMP message to ensure that it cannot be read by unauthorized users. Any intercepted traps will be filled with garbled characters and will be unreadable. Privacy is especially useful in applications where SNMP messages must be routed over the Internet.
The NetGuardian 832A is one example of an RTU that supports SNMPv3.
If now you have to use only secure/encrypted SNMPv3, you need a way to avoid replacing all of your current v1/v2c SNMP gear. A mediation device allows you to do that. You can keep your older gear and add SNMPv3 security.
The Fast Track Introduction to SNMP by Marshall DenHartog is a quick, 12-page introduction to SNMP. You'll learn about traps, message formats, the MIB, and other fundamental SNMP concepts.
Download SNMP Tutorial PDF
At DPS, we're totally focused on remote monitoring, including SNMP protocol. We've worked on thousands of projects that involve SNMP in one form or another.
That experience means that we have SNMP experts on staff. Send us a quick online message (or just give us a call) and we'll answer any SNMP question you have.