CCNP ENARSI 300-410 Exam Cram Notes

4.0 Infrastructure Services

4.2 Troubleshoot SNMP (v2c, v3)

Internet Protocol (IP) networks use managing devices such as Simple Network Management Protocol (SNMP) to monitor network attached devices. In a computer network, a group of devices are attached, and they are managed and monitored by a manager. An agent, which is a software module in a managed device, reports information through the SNMP to the manager which has a Network Management System (NMS) that executes the applications that monitor and control managed devices.

There are seven SNMP protocol data units (PDU):

1. GetRequest - request to retrieve the value of a variable from the manager to the agent.

2. SetRequest - request to change the value of a variable from the manager to the agent.

3. GetNextRequest - request to find variables from the manager to the agent.

4. GetBulkRequest - enhanced version of GetNextRequest.

5. Response - reply from the agent to the manager through the return of variables.

6. Trap - simultaneous message from the agent to the manager.

7. InformRequest - simultaneous messages between managers.

There are three versions of SNMP:

1. SNMPv1, which is the network management protocol being used by the Internet.

2. SNMPv2, which is a revised version of the SNMPv1. It contains improvements in performance, confidentiality, security, and communications between managers. Its party-based security system is very complex, though, and has to be revised in order to be able to use it with the SNMPv1.

3. SNMPv3, which has added cryptographic security and new concepts, terminology, remote configuration enhancements, and textual conventions.

The main difference between SNMP v3 and v2 (or v1) is that the v3 version addresses the security and privacy issues. For example, in SNMP v2, passwords are transmitted in plain text, whereas v3 uses encryption.

The advantages are given below, in brief:

1. Authentication

2. Privacy

3. Authorization and Access Control

4. Remote configuration and administration capabilities

Security Model Security Level Authentication Encryption Type
SNMPv1 noAuthNoPriv Community string None
SNMPv2c noAuthNoPriv Community string None
SNMPv3 noAuthNoPriv User name None
AuthNoPriv MD5 or SHA None
authPriv MD5 or SHA CBC-DES (DES-56)
CCNP ENARSI Cram Notes Contents
certexams ad

simulationexams ad