Simple Network Management Protocol (SNMP) is a UDP-based network protocol. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention.
An SNMP-managed network consists of three key components:
1. Managed device = Slave device
2. Agent = software which runs on Slave device
3. Network management system (NMS) = software which runs on Master
A Managed Device is a network node that implements an SNMP interface that allows unidirectional (read-only, ro) or bidirectional access to node-specific information.
Managed devices exchange node-specific information with the NMSs. Sometimes called network elements, the managed devices can be any type of device, including, but not limited to, routers, access servers, switches, bridges, hubs, IP telephones, computer hosts, and printers etc.
An Agent is a network-management software module that resides on a managed device. An agent has local knowledge of management information and translates that information to or from an SNMP specific form.
A Network Management System (NMS) executes applications that monitor and control managed devices or use Bytemon.
SNMP version available are v1, v2 and v3 with SNMPv3 being th most secure. Now a days either SNMPv2 or 3 is using. Following are the basic steps for the configuration of SNMP on cisco devices.
Configuration Stpes:
1. SNMP Community
In the following line CommunnityName is PUBLIC bydefault and its like a password between SNMP management system and the device, while RW means READ and WRITE permission while 10 specify the access-list that you already define on your system or to be defined right now.
PSW-DXX(config)#snmp-server community [CommunityName] RW 10
PSW-DXX(config)#access-list 10 permit 10.0.0.0
2. Chassi-ID Location and Contacts (Optional)
PSW-DXX(config)# snmp-server chassis-id cisco1841
PSW-DXX(config)# snmp-server location PSHsngpl
PSW-DXX(config)# snmp-server contact EngineerNetSysSohail
3. SNMP Trap Setup
Now that SNMP is enabled. It is important and more necessary to send alert messages also known as SNMP traps to the manager so the Network manager can be alerted. This is mostly the case of most of the SNMP Management/Monitoring system.
PSW-DXX(config)# snmp-server host 10.110.1.2 version ?
1 : Version1
2 : Version 2c
3 : Version 3
Note: If you use version 3 then it will ask for auth, noauth or priv(use the SNMPv3 authprov security level). I used SNMPv3 and it will now authenticate by either using v1/v2c community string and sets up the Management server to which the trap messages needs to be sent, The Community Name will be the one that you define above.
PSW-DXX(config)# snmp-server host 10.110.1.2 version 3 auth [CommunityName]
Also sets up the traps and the type of traps to be sent. Here Link up/down status and system reboot traps are sent to the management server.
PSW-DXX(config)# snmp-server enable traps snmp linkup linkdown coldstart warmstart
We can also configure a very good frriend of my and may be your also SYSLOG to monitor your device.
PSW-DXX(config)# snmp-server enable trap syslog
And we also use the following friend which will help us in finding who access with illegal community string.
PSW-DXX(config)# snmp-server trap authentication
I hope this will be informative for you!
Cheers
2 comments:
nice post!
very helpful Man !
Post a Comment