Skip to content

Network Management Protocols

SNMP (Simple Network Management Protocol)

What is SNMP?

SNMP (Simple Network Management Protocol) is a network management protocol used to monitor and manage devices such as routers, switches, servers, printers, and IoT devices in an IP network. It allows network administrators to collect real-time data, configure devices, and detect issues remotely.

Key Features of SNMP

  • Centralized Monitoring and Management

  • Uses an SNMP Manager to monitor multiple network devices.

  • Works on UDP for Efficiency

  • Uses UDP port 161 for communication.

  • Uses UDP port 162 for SNMP Traps (alerts from devices to managers).

  • Supports Different SNMP Versions

  • SNMPv1 – Basic monitoring, minimal security.
  • SNMPv2c – Adds bulk data transfer, still weak security.

  • SNMPv3 – Strong security (authentication and encryption).

  • Device Information is Stored in a MIB (Management Information Base)

  • MIB is a structured database containing device-specific data (CPU usage, bandwidth, errors, uptime).

  • Trap Notifications for Alerts

  • Devices can send SNMP Traps to the manager when a critical event occurs (e.g., high CPU usage, link failure).

How SNMP Works

  1. SNMP Manager (NMS - Network Management System) requests data from an SNMP Agent (device).
  2. SNMP Agent (installed on the device) responds with the requested data.
  3. The manager analyzes and stores the data for performance monitoring and issue detection.
  4. If a device encounters an issue, it sends an SNMP Trap to notify the manager.

SNMP Operations

Operation Description
GET Manager requests data from an agent (e.g., CPU usage).
GETNEXT Retrieves the next value in the MIB hierarchy.
SET Modifies a device configuration (e.g., change interface settings).
TRAP Device sends an alert to the manager about an event.
INFORM Like TRAP but requires acknowledgment from the manager.

SNMP File Directories

On Linux-based SNMP systems, configurations and logs are stored in: 

/etc/snmp/snmpd.conf    # SNMP daemon configuration  
/var/log/snmpd.log      # SNMP logs  
/usr/share/snmp/mibs/   # MIB files

Example SNMP configuration (snmpd.conf): 

rocommunity public 192.168.1.0/24  # Read-only access for public community  
rwcommunity private 192.168.1.0/24  # Read-write access for private community  
syslocation "Server Room 1"  
syscontact admin@example.com

Comparison: SNMP vs. Other Monitoring Protocols

Feature SNMP NetFlow ICMP (Ping)
Purpose Network monitoring Traffic analysis Connectivity testing
Data Collected Device metrics (CPU, memory, status) Flow-based traffic stats Latency and packet loss
Protocol UDP (161, 162) UDP (2055, 9555) ICMP
Security Weak in v1/v2c, strong in v3 Moderate Minimal

SNMP is a widely used protocol for managing network devices, providing real-time monitoring and alerting for network health and performance.

CMIP (Common Management Information Protocol)

What is CMIP?

CMIP (Common Management Information Protocol) is a network management protocol designed as a more advanced alternative to SNMP. It provides detailed and robust management of network devices but is complex and less widely adopted.

Key Features of CMIP

  • Object-Oriented Management Model
  • Uses a structured model where network resources are represented as managed objects.

  • Supports operations like creation, deletion, modification, and retrieval of these objects.

  • More Secure and Reliable than SNMP

  • Supports authentication, access control, and event reporting.

  • Connection-Oriented Communication

  • Uses TCP or OSI protocols instead of UDP, ensuring reliable data transfer.

  • Event Reporting and Filtering

  • Devices can generate alerts based on pre-set conditions.

  • Can filter notifications to avoid excessive data overload.

  • Supports Both Polling and Event-Driven Communication

  • Unlike SNMP, which primarily relies on polling, CMIP allows asynchronous event-driven monitoring.

CMIP vs. SNMP

Feature CMIP SNMP
Architecture Object-oriented Simple key-value model
Security Strong (built-in authentication and access control) Weak (SNMPv1 and v2c lack security, SNMPv3 improved)
Communication Connection-oriented (TCP, OSI) Connectionless (UDP)
Performance Higher overhead, more complex Lightweight, easy to implement
Adoption Limited Widely used

How CMIP Works

  1. CMIP Manager sends a request to a CMIP Agent (network device).
  2. The CMIP Agent processes the request and retrieves the necessary information.
  3. If an event condition is met, the CMIP Agent sends an alert to the Manager.
  4. The Manager can modify configurations or execute management commands.

Why CMIP Failed to Replace SNMP

  • High complexity and resource-intensive implementation.
  • Limited vendor adoption due to existing SNMP infrastructure.
  • OSI dependency, while most networks use TCP/IP.

Because of these challenges, SNMP remained the dominant network management protocol, while CMIP was mostly used in specialized environments.