Simple Network Management Protocol (SNMP)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
1 hour 43 minutes
Difficulty
Intermediate
CEU/CPE
2
Video Transcription
00:00
Hi, everyone. Let's get started on S and M P or a simple Network Management Protocol.
00:07
S and M p collects information on the hardware systems to manage and monitor them. Many never components support or have built in S and M P capabilities. And once they're enabled, they become S and MP agents
00:21
there three common versions of S and M P that are present in network systems, which are vision one
00:27
vision to see in version three
00:33
s and M P agents have management information, base files or, in short, M I B files, which contains codes of device parameters such a system Cebu, Graham and the like.
00:46
These parameters are represented as object identifiers or oh, I ds rehearsing in the m I B file.
00:54
Here's a sample and maybe file entitled Cisco Dash S M I and the sample. Oh, I d that represents system up time
01:02
when SNP managers prompt to collect information from network devices or s and then the agents
01:07
uses a process called polling, which uses protocol. UDP port number 161 by the Folds
01:15
S and M P agents can also initiate communications to the S and P manager when The change is detected by said the S and M P Traps
01:23
which uses protocol UDP port number 162
01:29
The important parameters to be set up in order to enable as an MP includes
01:34
community string
01:36
server I P your S and M P managers I P address
01:40
and your S and M P version
01:42
default intervals for pulling and trapping are usually one minute. However, they can be adjusted according to your requirements or system conditions.
01:52
It is important to know that the shorter the interval, the higher the utilization of system CPU and Member
02:00
S and M P version one uses plain text community string meaning a poles or sends traps and plain text A readable format.
02:09
It is easily deployed as the S and M P manager has to match. The community string name configured on the S and P agent,
02:17
however, lacks insecurity. As there is no encryption involved during communication,
02:23
it is tempting to use or maintain version one. However, keep in mind toe only. Use this within your land.
02:31
Most s and MP agents have a default coping the D string name called public
02:37
and of course, as a general security best practice is always recommended to change these default values.
02:46
S and M P aversion to see is the improved version of S and M P Version one. It also uses plain text community string
02:54
with the sea inversion to see standing for community.
02:58
It has improved features Lackey inversion one such as get bulk and inform operators get bulk allows a large amount of data to be retrieved from the S and M P. Agent
03:09
informs are used with traps to allow the S and P manager to acknowledge the receipt of an S and M P trap.
03:15
If the manager does not reply to the sense inform, the S and M P agent will resend the in form again like its predecessor is still lack security features having no encryption applied during communications between the manager and agent.
03:34
Version three is the latest version of S and M P that offers more security by ensuring message integrity.
03:40
No modification of data during transit
03:44
authentication, using password hashing to verify that the messages from a valid source and privacy,
03:51
which uses encryption and packet contents, converting them toe unreadable output or cipher text.
03:59
Version three includes cryptography features in the form off three common security levels. That's
04:05
first off. We have communications without with indication that privacy between the agent and the manager
04:12
they will simply be authorized based on community string name match, which is what s in the P version one and version two supports.
04:19
Next, we have communication with authentication, but without privacy. Commonly, MD five or show hashing are used for pastoral authentication, but no encryption are applied between them. Agent a manager at the moment
04:34
and lastly, communication with authentication and privacy.
04:39
This security said, applies both pastoral authentication, hashing and encrypted communications between the agent and manager
04:46
making it the more secure option
04:53
Quiz time
04:54
by default. What protocol? Import this. An S and M P Manager used to collect system information from S and MP agents.
05:13
And the answer is UDP port 161
05:19
To summarize, this module we re flee went through the S and the B processes such as polling and traps between s and MP agents and managers.
05:29
We also discussed the three different versions of us in that be
05:31
next up, we will have a quick demo on S and M P configurations using Cisco Packet tracer.
05:38
See you there
Up Next