Net-SNMP v3: Brief Overview
Simple Network Management Protocol (SNMP) is an Internet-standard Application Layer protocol used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. The SNMP agent receives requests on UDP port 161, and the manager gets notifications (Traps and InformRequests) on port 162 but when SNMP is used with Transport Layer Security (TLS) or Datagram Transport Layer Security (DTLS) requests are received on port 10161 and traps are sent to port 10162.
The first two versions of the SNMP protocol (SNMP v1 and SNMP v2c) contained clear text passwords and provided NO SECURITY at all that’s the reason SNMP v3 was later developed to secure the protocol. So when choosing the vendor product make sure the SNMP v3 support is available. SNMP v3 can be configured in following ways:-
-
SNMPv3 with User-Based Security Model (USM) which secured the protocol by allowing administrators to define “users” with various security credentials and supported by most devices.
-
Tunneling SNMPv3 packets over SSH, TLS, and DTLS. The SSH protocol uses existing SSH authentication and encryption methods (like SSH keys and usernames and passwords) to secure its traffic. And the TLS and DTLS protocols use X.509 certificates for securing its traffic. Hopefully, this will be supported by most devices soon.
-
Another way of securing SNMP is to implement a Kerberos security model for SNMPv3. Although Net-SNMP contains a prototype implementation of this, the work was never finished within the IETF nor the Net-SNMP implementation and is not yet ready for real-world use.
Please provide any feedback using the comments below, and I invite you to check out following posts.