Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Simplifying SNMPv3

Version 3's shortcomings haven't stopped some key vendors from supporting the protocol in their products. All the major router and switch vendors have supported it for several years. Cisco, for instance, has had full SNMPv3 support since IOS 12.0. On the management platform side, Aprisma's Spectrum, BMC Software's Patrol, Computer Associates' Unicenter, Hewlett-Packard's OpenView, IBM's Tivoli and Smarts' InCharge all support v3. Even Castle Rock Computing's SNMPc and MG-Soft's MIB Browser include SNMPv3 support. These management packages store a user ID and password in their database so they can securely communicate with, and manage, an SNMPv3-capable device. SNMPv3 is slowly catching on with cable broadband providers, too; Cox Cable and Time Warner, for instance, use SNMPv3 for securely managing their cable modem networks, and they've expanded on the spec with stronger encryption.

Entities and Engines

SNMPv3 has incorporated and extended earlier versions of the protocol so you can add new functions as modules without having to rewrite the protocol altogether. So if a new access model were developed for v3, for example, it would replace the existing one without affecting the rest of the protocol.

That's good news for network managers, because it means your existing SNMP software won't require a complete rewrite, and your new v3 software will work with previous versions. Although SNMPv1 and v2 rely on plain-text community strings and can't use v3 authentication and encryption, for example, you can still manage your v1 and v2 devices with v3. And vendors will be able to reuse code and upgrade functionality without overhauling their management software.

SNMPv3 doesn't use the traditional SNMP terms agent and manager. Devices and management components are entities in SNMPv3 parlance. One entity (formerly known as the agent) sits on a router, and the other entity (formerly known as the manager) handles application polling. The names may have changed, but the functions have not. Each entity has an SNMP engine and application (see "Start Your Engine,"). The SNMP engine has four functions--access control, security, message processor and dispatcher. Both the message processor and dispatcher modules come with SNMPv1 and v2 functions, such as processing sets and gets and formatting the SNMP data units, or PDUs (protocol data units).

  • 1