SNMP Discovery ReferenceDescribes SNMP environment.Leave FeedbackIntroductionSimple Network Management Protocol (SNMP) is an application-layer protocol defined by the Internet Architecture Board (IAB) for exchanging management information between network devices. It is a part of Transmission Control Protocol/Internet Protocol (TCP⁄IP) suite.SNMP is one of the widely accepted protocols to manage and monitor network elements. Most of the professional-grade network elements come with bundled SNMP agent. These agents have to be enabled and configured to communicate with the network management system (NMS). The SNMP agent is a program that resides on your managed device, packaged within the network element. You have to enable it on your device. It collects the management information from the device locally and provides it to the SNMP manager. These agents could be standard, for example, Net-SNMP or specific to a vendor, such as HP Insight Agent.SNMP credentialsSNMP uses a password-like authorization known as Community String. When you provide an SNMP credential to a device, it checks to see if the Community String matches to what is configured on the device. If the string matches, the device responds to the SNMP query.Multi-credential functionalitySNMP multi-credential functionality allows you to discover network resources using multiple credentials via a single discovery profile. You can create or use multiple credential sets if you are using a Gateway to discover your resources.For example, a printer uses SNMPv2c credential type and Cisco router uses SNMPv3 credential type. In such a case, you need to create two discovery profiles. With SNMP multi-credential functionality, you can create one discovery profile and use both the credential sets.NoteThe gateway discovers the devices with the credentials in a sequential order as entered while creating a Discovery Profile at the time of the first scan. Once the discovery is successful, the gateway remembers the resources and its valid credentials for future discoveries.The following are the advantages of multi-credentials for SNMP enabled devices:Reduces the effort of creating multiple discovery profiles.Reduces time for manually traversing through multiple discovery profiles to discover a network resource.Scans and discovers a subnet with multiple SNMP community strings.Discovers network resources working on different SNMP versions.SNMP field valuesThe following provides information on configuring the SNMP fields for creating an SNMP credential set.SNMPv1 and SNMPv2SNMPv1 and SNMPv2 Field DescriptionsFieldValueDescriptionPort161Agent receives requests on UDP port 161.CommunityN/AProvide Community string with read-only access.SNMPv3SNMPv3 is a user-based security model. It provides secure access to the devices by combining authenticating and encrypting packets over the network. The security features provided in SNMPv3 are message integrity, authentication, and encryption.SNMPv3 Field DescriptionsFieldValueDescriptionPort161SNMP Agent port. The default port is 161.ContextN/ASpecify context name (an octet string) that identifies the collection of management information accessible by an SNMP entity.Security NameN/AProvide the name of the user (principal) on whose behalf the message is being exchanged.Security LevelNOAUTHNOPRIVAUTHPRIVAUTHNOPRIVCommunication without Authentication and PrivacyCommunication with Authentication and PrivacyCommunication with Authentication and without Privacy.Authentication ProtocolMD5SHAAuthentication in an SNMPv3 uses an encryption algorithm to determine if the data is from a valid source. The encryption algorithms for authentication:Message Digest Algorithm: generates a 128-bit (16 bytes) message digest.Secure Hash Algorithm: generates a 160-bit (20 bytes) message digest.Authentication PasswordN/AProvide the Authentication password.Confirm PasswordN/ARe-enter authentication password for validation.Privacy ProtocolAES-128AES-192AES-256DESPrivacy in SNMPv3 uses an encryption algorithm to encode the contents of an SNMPv3 packet. This encoding is used to verify that the content cannot be viewed by unauthorized entities when routed over the network.Advanced Encryption Standard (AES 128) is a 128-bit standard, cryptographic algorithm that encrypts and decrypts data.Advanced Encryption Standard (AES 192) is a 192-bit standard, cryptographic algorithm that encrypts and decrypts data.Advanced Encryption Standard (AES 256) is a 256-bit standard, cryptographic algorithm that encrypts and decrypts data.Data Encryption Standard (DES) is a 64-bit standard that encrypts and decrypts data.Privacy PasswordN/AProvide the privacy password.>Confirm PasswordN/ARe-enter authentication password for validation.Connection timeoutN/A - Default value: 10,000 millisecondsProvide a maximum time period for discovery. If the Gateway does not receive a response from the device after 10,000 milliseconds, it terminates the discovery.