What is SNMP?

SNMP is a network management standard widely used with TCP/IP networks and, more recently, with Internetwork Packet Exchange (IPX) networks. The SNMP standard includes the following Request for Comment (RFC)–compliant constructs:

  • The Management Information Base II (MIB II), RFC 1213. A set of manageable objects that represent various types of information about the network configuration, such as the list of network interfaces, the routing table, the ARP table, the list of opened TCP connections, or ICMP statistics.

  • The Structure for Management Information (SMI), RFC 1902. A separate Internet RFC that describes the object syntax for specifying how MIB data can be referenced and stored.

  • Simple Network Management Protocol (SNMP), RFC 1157. A standard that defines how communication occurs between SNMP-capable devices and the types of messages that are allowed.

SNMP provides a method of managing network nodes (servers, workstations, routers, bridges, and hubs) from a centrally located host. SNMP performs its management services by using a distributed architecture of management systems and agents. As shown in Figure 10.1, the centrally located host, which is running network management software, is referred to as an SNMP management system or SNMP manager. Managed network nodes are referred to as SNMP agents .


Figure 10.1 Distributed Architecture of SNMP

Network management is critical for resource management and auditing. SNMP can be used in several ways:

Configure remote devices    You can configure information so that it can be sent to each networked host from the management system.

Monitor network performance    You can track the speed of processing and network throughput and collect information about the success of data transmissions.

Detect network faults or inappropriate access    You can configure trigger alarms on network devices that alert you to the occurrence of specific events. When an alarm is triggered, the device forwards an event message to the management system. Common types of events for which an alarm can be configured include:

  • The shutdown or restart of a device.

  • The detection of a link failure on a router.

  • Inappropriate access.

Audit network usage    You can monitor overall network usage to identify user or group access or types of usage for network devices or services. This information can be used to generate direct billing of individual or group accounts or to justify current network costs or planned expenditures.

The Windows 2000 implementation of SNMP is a 32 - bit service that supports computers that are running TCP/IP and IPX protocols. It is an optional service on Microsoft® Windows® 2000 Professional, and can be installed after TCP/IP and IPX have been successfully configured. Windows 2000 implements SNMP versions 1 and 2C. These versions are based on industry standards that define how network management information is structured, stored, and communicated between agents and management systems for TCP/IP-based networks.

The Windows 2000 SNMP service provides an agent that allows centralized, remote management of computers that are running the following software:

  • Microsoft® Windows® 2000 Server.

  • Microsoft® Windows® 2000 Professional.

  • Windows 2000 and Microsoft® Windows NT® – based Windows Internet Name Service (WINS).

  • Windows 2000 and Windows NT – based Dynamic Host Configuration Protocol (DHCP).

  • Windows 2000 and Windows NT – based Microsoft® Internet Information Service (IIS).

  • Microsoft® LAN Manager.

  • Windows 2000 Quality of Service Admission Control Service.

  • Windows 2000 Routing and Remote Access service.

  • Windows 2000 Internet Authentication Service.

To use the information that Windows 2000 SNMP service provides, you must have at least one centrally located host that is running an SNMP management software application. The Windows 2000 SNMP service provides only the SNMP agent; it does not include SNMP management software. You can use some third-party SNMP management software application on the host to act as the management system. Alternatively, you can develop your own SNMP management software application by using the two application programming interfaces (APIs) that are provided with Windows 2000:

  • WinSNMP API (WinSNMP.dll), which provides a set of functions for encoding, decoding, sending, and receiving SNMP messages.

  • Management API (Mgmtapi.dll), which provides a basic set of functions that can be used to develop fast and simple SNMP management systems.

The SNMPUtil.exe tool, which is provided on the Microsoft ® Windows ®  2000 operating system CD, is meant to be used as an example of a management software application built on top of the Management API. For more information about the Management API, see "Architecture of Windows 2000 SNMP" later in this chapter. The Windows 2000 SNMP service also supports network management programs provided by third-party vendors.