"Do You Understand SNMPv1, SNMPv2c, And SNMPv3?"

SNMP versions
SNMP versions are very different,
and handling versions appropriately is your job.

Struggling through an SNMPv3 transition?

If you've been mandated to use only secure/encrypted SNMPv3, you need a way to avoid replacing all of your v1/v2c SNMP gear. A mediation device allows you to do that. You can keep your older gear and add SNMPv3 security.

Just need a tutorial on SNMP versions?

The quick summary below will help you understand how SNMP v1, v2c, and v3 differ. This material is drawn from the SNMP Tutorial White Paper. That's recommended reading if you want to learn about SNMP quickly.

SNMPv1 was the first version of SNMP. Although it accomplished its goal of being an open, standard protocol, it was found to be lacking in key areas for certain applications. Later versions have addressed many of these problems. Smaller RTUs commonly support SNMPv1.

SNMPv2c is a sub-version of SNMPv2. Its key advantage over previous versions is the Inform command. Unlike Traps, which are simply received by a manager, Informs are positively acknowledged with a response message. If a manager does not reply to an Inform, the SNMP agent will resend the Inform.

Other advantages include:

  • improved error handling
  • improved SET commands
NOTE: Not all devices are SNMPv2c compliant, so your SNMP manager should be downward compatible with SNMPv1 devices. You can also use an SNMPv3 mediation device to ensure compatibility.

SNMPv3 is the newest version of SNMP. Its primary feature is enhanced security.

The "EngineID" Identifier in SNMPv3 uniquely identifies each SNMP entity. Conflicts can occur if two SNMP entities have duplicate EngineID's. The EngineID is used to generate the key for authenticated messages.

SNMPv3 security comes primarily in 2 forms:

  • Authentication is used to ensure that traps are read by only the intended recipient. As messages are created, they are given a special key that is based on the EngineID of the entity. The key is shared with the intended recipient and used to receive the message.
  • Privacy encrypts the payload of the SNMP message to ensure that it cannot be read by unauthorized users. Any intercepted traps will be filled with garbled characters and will be unreadable. Privacy is especially useful in applications where SNMP messages must be routed over the Internet.

The NetGuardian 832A is one RTU that supports SNMPv3.

To learn more about the SNMP products that will make your job easier, call the DPS SNMP experts at 1-800-693-0351