Featured:
Allergies
Tech Know
Grilling Guide
eHow Now Blog

What is an SNMP String?

What is an SNMP String? thumbnail
SNMP community strings let authorized users remotely monitor and configure networked devices.

Simple Network Management Protocol provides a means of monitoring network elements, which include managed devices and applications. An SNMP string acts as a password, allowing users to access event logs and specific devices on the network. However, in SNMP versions 1 and 2c, the SNMP string's lack of encryption left networks vulnerable to unauthorized access, a concern which version 3 addressed by offering functions for enhancing network security and privacy.

  1. SNMP Overview

    • SNMP offers a simple poll-and-response system for administrators to monitor their networks and to be alerted to any events within the system. Network management stations can use automated polling to gather information on network devices, and individual elements can also autonomously relay information to an NMS concerning device performance or suspicious access attempts. SNMP also allows any user with the SNMP community key to remotely configure network devices.

    The SNMP String's Role and Function

    • An SNMP string is essentially a password that identifies its user as a member of its SNMP community. SNMP identifies a group of network elements coupled with their management systems as a "community," and the protocol uses a simple string to identify an individual community. When a user logs on, the community string indicates that she is authorized for network access, and with early SNMP versions, this gives her full access to the network and its elements.

    Security Issues

    • Versions 1 and 2c render the SNMP community string in clear text, which renders the network vulnerable to unauthorized access. If a network administrator doesn't re-assign a unique string to each networked device, any user can use the SNMP community string to gain unrestricted access, regardless of their authorization within the institution deploying the network. SNMP version 3 rectified many of these shortcomings through providing stronger authentication capabilities and data encryption. SNMPv3 also allows the network administrator to set three security levels. Non-sensitive data can be assigned a noAuth setting, providing access to any user, while the auth and Priv settings allow administrators to employ cryptographic hashing and DES encryption to protect data.

    Enhancing SNMP Network Security

    • SNMP is best suited to private networks, particularly if you aren't using SNMPv3. Keeping its use restricted to a local intranet substantially lowers the risk of unauthorized users obtaining your SNMP community string. SNMP's authentication traps are useful tools for monitoring network access and can alert you to suspicious behavior. SNMPv1 provides the "authenticationFailure" protocol data unit, which will prompt a device to send a message to its NMS, notifying it of a potentially unauthorized access attempt.

Related Searches:

References

Resources

  • Photo Credit Siri Stafford/Digital Vision/Getty Images

Comments

Related Ads

thumbnail
Featured