Simple Network Management Protocol example essay topic
So now, picture yourself in the same situation, only this time, you were using a network monitoring program. Sitting in front of a large screen displaying a map of the world, leaning back gently in your chair. A gentle warning tone sounds, and looking at your display, you see that California is now glowing a soft red in color, in place of the green glow just moments before. You select the state of California, and it zooms in for a closer look. You see a network diagram overview of all the computers your company has within California. Two systems are flashing, with an X on top of them indicating that they are experiencing problems.
Tagging the two systems, you press enter, and with a flash, the screen displays all the statistics of the two systems, including anything they might have in common causing the problem. Seeing that both systems are linked to the same card of a network switch, you pick up the phone and give that branch office a call, notifying them not only that they have a problem, but how to fix it as well. Early in the days of computers, a central computer (called a mainframe) was connected to a bunch of dumb terminals using a standard copper wire. Not much thought was put into how this was done because there was only one way to do it: they were either connected, or they weren't. Figure 1 shows a diagram of these early systems. If something went wrong with this type of system, it was fairly easy to troubleshoot, the blame almost always fell on the mainframe system.
Shortly after the introduction of Personal Computers (PC), came Local Area Networks (LANS), forever changing the way in which we look at networked systems. LANS originally consisted of just PC's connected into groups of computers, but soon after, there came a need to connect those individual LANS together forming what is known as a Wide Area Network, or WAN, the result was a complex connection of computers joined together using various types of interfaces and protocols. Figure 2 shows a modern day WAN. Last year, a survey of Fortune 500 companies showed that 15% of their total computer budget, 1.6 Million dollars, was spent on network management (Rose, 115).
Because of this, much attention has focused on two families of network management protocols: The Simple Network Management Protocol (SNMP), which comes from a de facto standards based background of TCP / IP communication, and the Common Management Information Protocol (CMIP), which derives from a de jure standards-based background associated with the Open Systems Interconnection (OSI) (Fisher, 183). In this report I will cover advantages and disadvantages of both Common Management Information Protocol (CMIP) and Simple Network Management Protocol (SNMP)., as well as discuss a new protocol for the future. I will also give some good reasons supporting why I believe that SNMP is a protocol that all network administrators should use. SNMP is a protocol that enables a management station to configure, monitor, and receive trap (alarm) messages from network devices. (Feit, 12). It is formally specified in a series of related Request for Comment (RFC) documents, listed here.
RFC 1089 - SNMP over Ethernet RFC 1140 - IAB Official Protocol Standards RFC 1147 - Tools for Monitoring and Debugging TCP / IP Internets and Interconnected Devices [superceded by RFC 1470] RFC 1155 - Structure and Identification of Management Information for TCP / IP based internets. RFC 1156 - Management Information Base Network Management of TCP / IP based internets RFC 1157 - A Simple Network Management Protocol RFC 1158 - Management Information Base Network Management of TCP / IP based internets: MIB-II RFC 1161 - SNMP over OSI RFC 1212 - Concise MIB Definitions RFC 1213 - Management Information Base for Network Management of TCP / IP-based internets: MIB-II RFC 1215 - A Convention for Defining Traps for use with the SNMP RFC 1298 - SNMP over IPX (SNMP, Part 1 of 2, I. 1.) The first protocol developed was the Simple Network Management Protocol (SNMP). It was commonly considered to be a quickly designed "band-aid" solution to internetwork management difficulties while other, larger and better protocols were being designed. (Miller, 46). However, no better choice became available, and SNMP soon became the network management protocol of choice. It works very simply (as the name suggests): it exchanges network packets through messages (known as protocol data units (PDU) ).
The PDU contains variables that have both titles and values. There are five types of PDU's which SNMP uses to monitor a network: two deal with reading terminal data, two with setting terminal data, and one called the trap, used for monitoring network events, such as terminal start-ups or shut-downs. By far the largest advantage of SNMP over CMIP is that its design is simple, so it is as easy to use on a small network as well as on a large one, with ease of setup, and lack of stress on system resources. Also, the simple design makes it simple for the user to program system variables that they would like to monitor. Another major advantage to SNMP is that is in wide use today around the world. Because of it's development during a time when no other protocol of this type existed, it became very popular, and is a built in protocol supported by most major vendors of networking hardware, such as hubs, bridges, and routers, as well as majoring operating systems.
It has even been put to use inside the Coca-Cola machines at Stanford University, in Palo Alto, California (Borsook, 48). Because of SNMP's smaller size, it has even been implemented in such devices as toasters, compact disc players, and battery-operated barking dogs. In the 1990 Interop show, John Rom key, vice president of engineering for Epilogue, demonstrated that through an SNMP program running on a PC, you could control a standard toaster through a network (Miller, 57). SNMP is by no means a perfect network manager.
But because of it's simple design, these flaws can be fixed. The first problem realized by most companies is that there are some rather large security problems related with SNMP. Any decent hacker can easily access SNMP information, giving them any information about the network, and also the ability to potentially shut down systems on the network. The latest version of SNMP, called SNMPv 2, has added some security measures that were left out of SNMP, to combat the 3 largest problems plaguing SNMP: Privacy of Data (to prevent intruders from gaining access to information carried along the network), authentication (to prevent intruders from sending false data across the network), and access control (which restricts access of particular variables to certain users, thus removing the possibility of a user accidentally crashing the network).
(Stallings, 213) The largest problem with SNMP, ironically enough, is the same thing that made it great; it's simple design. Because it is so simple, the information it deals with is neither detailed, nor well organized enough to deal with the growing networks of the 1990's. This is mainly due to the quick creation of SNMP, because it was never designed to be the network management protocol of the 1990's. Like the previous flaw, this one too has been corrected with the new version, SNMPv 2.
This new version allows for more in-detail specification of variables, including the use of the table data structure for easier data retrieval. Also added are two new PDU's that are used to manipulate the tabled objects. In fact, so many new features have been added that the formal specifications for SNMP have expanded from 36 pages (with vs. 1) to 416 pages with SNMPv 2. (Stallings, 153) Some people might say that SNMPv 2 has lost the simplicity, but the truth is that the changes were necessary, and could not have been avoided.
A management station relies on the agent at a device to retrieve or update the information at the device. The information is viewed as a logical database, called a Management Information Base, or MIB. MIB modules describe MIB variables for a large variety of device types, computer hardware, and software components. The original MIB for Managing a TCP / IP internet (now called MIB-I) was defined in RFC 1066 in August of 1988.
It was updated in RFC 1156 in May of 1990. The MIB-II version published in RFC 1213 in May of 1991, contained some improvements, and has proved that it can do a good job of meeting basic TCP / IP management needs. MIB-II added many useful variables missing from MIB-I (Feit, 85). MIB files are common variables used not only by SNMP, but CMIP as well. In the late 1980's a project began, funded by governments, and large corporations.
Common Management Information Protocol (CMIP) was born. Many thought that because of it's nearly infinite development budget, that it would quickly become in widespread use, and overthrow SNMP from it's throne. Unfortunately, problems with its implementation have delayed its use, and it is now only available in limited form from developers themselves. (SNMP, Part 2 of 2, . 40.) CMIP was designed to be better than SNMP in every way by repairing all flaws, and expanding on what was good about it, making it a bigger and more detailed network manager. It's design is similar to SNMP, where PDU's are used as variables to monitor the network.
CMIP however contains 11 types of PDU's (compared to SNMP's 5). In CMIP, the variables are seen as very complex and sophisticated data structures with three attributes. These include: 1) Variable attributes: which represent the variables characteristics (its data type, whether it is writable) 2) variable behaviors: what actions of that variable can be triggered. 3) Notifications: the variable generates an event report whenever a specified event occurs (e.g. A terminal shutdown would cause a variable notification event) (Comer, 82) As a comparison, SNMP only employs variable properties from one and three above. The biggest feature of the CMIP protocol is that its variables not only relay information to and from the terminal (as in SNMP), but they can also be used to perform tasks that would be impossible under SNMP. For instance, if a terminal on a network cannot reach the fileserver a pre-determined amount of times, then CMIP can notify appropriate personnel of the event.
With SNMP however, a user would have to specifically tell it to keep track of unsuccessful attempts to reach the server, and then what to do when that variable reaches a limit. CMIP therefore results in a more efficient management system, and less work is required from the user to keep updated on the status of the network. CMIP also contains the security measures left out by SNMP. Because of the large development budget, when it becomes available, CMIP will be widely used by the government, and the corporations that funded it. After reading the above paragraph, you might wonder why, if CMIP is this wonderful, is it not being used already? (after all, it had been in development for nearly 10 years) The answer is that possibly CMIP's only major disadvantage, is enough in my opinion to render it useless. CMIP requires about ten times the system resources that are needed for SNMP.
In other words, very few systems in the world would able to handle a full implementation on CMIP without undergoing massive network modifications. This disadvantage has no inexpensive fix to it. For that reason, many believe CMIP is doomed to fail. The other flaw in CMIP is that it is very difficult to program. Its complex nature requires so many different variables that only a few skilled programmers are able to use it to it's full potential.
Considering the above information, one can see that both management systems have their advantages and disadvantages. However the deciding factor between the two, lies with their implementation, for now, it is almost impossible to find a system with the necessary resources to support the CMIP model, even though it is superior to SNMP (vs. 1 and vs. 2) in both design and operation. Many people believe that the growing power of modern systems will soon fit well with CMIP model, and might result in it's widespread use, but I believe by the time that day comes, SNMP could very well have adapted itself to become what CMIP currently offers, and more. As we " ve seen with other products, once a technology achieves critical mass, and a substantial installed base, it's quite difficult to convince users to rip it out and start fresh with an new and unproven technology (Borsook, 48).
It is then recommend that SNMP be used in a situation where minimal security is needed, and SNMPv 2 be used where security is a high priority.