Simple Network Management Protocol (SNMP) is an Internet Standard protocol used for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. SNMP is an application layer protocol included in the internet protocol suite, a set of the most commonly used communication protocols. SNMP is used to collect data related to network changes or to determine the status of network-connected devices. Collecting this data can help IT professionals keep their finger on the pulse of all their managed devices and applications.

SNMP works by sending messages, called protocol data units (PDUs), to devices within your network that “speak” SNMP. These messages are called SNMP Get-Requests. Using these requests, network administrators can track virtually any data values they specify. All of the information SNMP tracks can be provided to a product that asks for it. That product can either display or store the data, depending on an organizations needs.

SNMP operates in the application layer of the Internet protocol suite. All SNMP messages are transported via User Datagram Protocol (UDP). The SNMP agent receives requests on UDP port 161. The manager may send requests from any available source port to port 161 in the agent. The agent response is sent back to the source port on the manager. The manager receives notifications (Traps and InformRequests) on port 162. The agent may generate notifications from any available port.

SNMP has three components: SNMP Manager, SNMP agent, and Management Information Base (MIB). The SNMP Manager is a centralized system used to monitor the network. It is also known as Network Management Station (NMS). The SNMP agent is a software module residing within a network element that provides the interface between the device and the SNMP manager. The MIB is a hierarchical database of information that describes the managed devices and the parameters available for monitoring and configuring.

SNMP has different versions, including SNMPv1, SNMPv2c, and SNMPv3. SNMPv1 is the initial implementation of the SNMP protocol, and it offers weak security features. SNMPv2c uses community strings for authentication and uses UDP but can be configured to use TCP. SNMPv3 uses Hash-based MAC with MD5 or SHA for authentication and DES-56 for privacy. This version uses TCP. Therefore, the higher the version of SNMP, the more secure it will be.