Overview

Simple Network Management Protocol (SNMP) is an application-layer protocol defined by the Internet Architecture Board (IAB) for exchanging management information between network devices. It is a part of the Transmission Control Protocol/Internet Protocol (TCP⁄IP) suite.

SNMP is one of the widely accepted protocols to manage and monitor network elements. Most of the professional-grade network elements come with bundled SNMP agent. These agents have to be enabled and configured to communicate with the network management system (NMS). The SNMP agent is a program that resides on your managed device, packaged within the network element. You have to enable it on your device. It collects the management information from the device locally and provides it to the SNMP manager. These agents could be standard, for example, Net-SNMP or specific to a vendor, such as HP Insight Agent.

SNMP Credentials

SNMP uses a password-like authorization known as a community string. When you provide an SNMP credential to a device, it checks to see if the community string matches the community string configured on the device. If the string matches, the device responds to the SNMP query.

Discover the gateway using SNMP

To find the read-only gateway community string, one option is to:

  1. Log into the gateway WebUI.
  2. Click SNMP.

Or, you can get the read-only community string by logging into the gateway and reading the string in the /etc/snmp/snmpd.conf file.

You can change the community string to a name of your choice.

Multi-credential functionality

SNMP multi-credential functionality allows you to discover network resources using multiple credentials using a single discovery profile. You can create or use multiple credential sets if you are using a gateway to discover your resources.

For example, a printer uses SNMPv2c credential type and a Cisco router uses SNMPv3 credential type. In such a case, you need to create two discovery profiles. With SNMP multi-credential functionality, you can create one discovery profile and use both the credential sets.

The gateway discovers devices with the credentials, sequentially, as the credentials were entered when a Discovery Profile was created at the time of the first scan. After successful discovery, the gateway remembers resources and their credentials for subsequent discovery.

Multi-credentialed, SNMP-enabled devices have the following advantages:

  • Reduces the effort of creating multiple discovery profiles.
  • Reduces time for manually traversing through multiple discovery profiles to discover a network resource.
  • Scans and discovers a subnet with multiple SNMP community strings.
  • Discovers network resources working on different SNMP versions.

SNMP field values

The following provides information on configuring the SNMP fields for creating an SNMP credential set.

SNMPv1 and SNMPv2

FieldValueDescription
Port161Agent receives requests on UDP port 161.
CommunityN/ARead-only community string.

SNMPv3

SNMPv3 is a user-based security model. It provides secure access to the devices by combining authenticating and encrypting packets over the network. The security features provided in SNMPv3 are message integrity, authentication, and encryption.

FieldValueDescription
Port161SNMP Agent port. The default port is 161.
ContextN/ASpecify context name (an octet string) that identifies the collection of management information accessible by an SNMP entity.
Security NameN/AEnter the name of the user (principal) on whose behalf the message is being exchanged.
Security Level
  • NOAUTHNOPRIV
  • AUTHPRIV
  • AUTHNOPRIV
  • Communication without Authentication and Privacy
  • Communication with Authentication and Privacy
  • Communication with Authentication and without Privacy.
Authentication Protocol
  • MD5
  • SHA
Authentication in an SNMPv3 uses an encryption algorithm to determine if the data is from a valid source. The encryption algorithms for authentication:
  • Message Digest Algorithm: generates a 128-bit (16 bytes) message digest.
  • Secure Hash Algorithm: generates a 160-bit (20 bytes) message digest.
Authentication PasswordN/AEnter the Authentication password.
Confirm PasswordN/ARe-enter authentication password for validation.
Privacy Protocol
  • AES-128
  • AES-192
  • AES-256
  • DES
Privacy in SNMPv3 uses an encryption algorithm to encode the contents of an SNMPv3 packet. This encoding is used to verify that the content cannot be viewed by unauthorized entities when routed over the network.
  • Advanced Encryption Standard (AES 128) is a 128-bit standard, cryptographic algorithm that encrypts and decrypts data.
  • Advanced Encryption Standard (AES 192) is a 192-bit standard, cryptographic algorithm that encrypts and decrypts data.
  • Advanced Encryption Standard (AES 256) is a 256-bit standard, cryptographic algorithm that encrypts and decrypts data.
  • Data Encryption Standard (DES) is a 64-bit standard that encrypts and decrypts data.
Privacy PasswordN/AEnter the privacy password.
>Confirm PasswordN/ARe-enter authentication password for validation.
Connection time-outN/A - Default value: 10,000 millisecondsProvide a maximum time period for discovery. If the gateway does not get a response from the device after 10,000 milliseconds, it terminates the discovery.

Configure and Install an SNMP Integration

  1. Go to Setup > Integrations and Apps.

  2. Click + ADD on the Installed Integrations page.
    The Available Integrations and Apps page displays all the available applications.

    SNMP
  3. On the right side of the page, under Categories, click Network in the drop-down menu.

SNMP

4. Click ADD in the SNMP application.

SNMP Add Option
  1. From the Configurations page, click + ADD.

    SNMP Configuration and Installation Page

    The Add Configuration page appears.

    SNMP Configuration Page
  2. In the Add Configuration, enter the below details in the Basic Information section:

    • Name: Enter the name for the integration.
    • SNMP Credentials: Select the credentials from the drop-down list. Click + ADD to create a new credential.
    • Discovery Type: Select the discovery type from the list: IP Range or Seed.
    • IP Range: Provide the IP address.
      Example: You can enter 172.25.23.123 as an IP range value.
  3. In the Discovery Schedule section, select Recurrence Pattern to add one of the following patterns:

    • None: Select this option, If you don’t want to schedule the discovery.
    • Minutes: Select this option, If you want to apply the discovery on a minute basis. You can configure this option by choosing: Every minute.
    • Hourly: Select this option, If you want to apply the discovery on hourly basis. You can configure this option by choosing: Every hour.
    • Daily: Select this option, If you want to apply the discovery daily. You can configure this option by choosing: Every Weekday (Mon-Friday) or Everyday.
    • Weekly: Select this option, If you want to apply the discovery on a weekly basis. Configure weekly schedule by selecting: Time preference, Starting date, and Days.
    • Monthly: Select this option if you only want to apply discovery on a monthly basis. Configure this by selecting: Time preference, Starting date, and number of days in a month.
  4. Click ADD.
    Now the integration is saved and displayed on the configurations page after you save it. From the same page, you are able to Edit and Remove the created integration.

    SNMP Edit and Remove Options

  5. Click Next. The Installation page is displayed.

    SNMP Installation Page
  6. From the SELECT GATEWAY COLLECTOR PROFILE listing:

    • Create a new collector by providing a new name or use the pre-populated name.
    • Select a collector from the existing list.
  7. Click Finish.
    The integration or application is now installed and displayed on the Installed Integration page. Use the search field to find the installed application.

Modify an Installed Integration or App

  1. Click the SNMP integration or app. A list of installed integrations is displayed with the following information:

    SNMP List of Apps and Integrations

    • Name - Displays the name of the integration or app.

    • Collector Profile - Displays the name of the collector profile.

    • Status - Displays the status of the collector profile. The status is a combination of both the gateway and application.
      For example, if the gateway status is up and the application status is installed, then the status is Running.

      Gateway StatusApplication Status
      InstalledEnabled
      UpRunningRunning
      DownStoppedStopped
      Not Installed/ Deployed/RegisteredConfiguredConfigured
    • Added On - Displays the date and time details of the added integration or app. The user icon next to the time indicates the user who added the app.

    • The following options are available in the three dot menu:

      • Edit: To edit an integration, click this button.
      • Copy Id: To copy an integration id, click this button.
      • Uninstall: To uninstall an integration, click this button.

Edit an integration

  1. Click Edit from the three dot menu or click the name of the integration.
    The Configurations window is displayed with a list of available configurations specific to the selected integration.
  2. Click the three dot symbol available for the configuration and click Edit.
  3. In the Edit Configuration window that appears, edit the configuration and click Update.

Copy an integration id

  • Click the three dot menu available for the integration and click Copy Id.
    The integration id is copied.

Uninstall an integration

  1. Click the three dot menu available for the integration and click Uninstall.
  2. In the Uninstall Integration window that appears, mention the reason for uninstalling and click Uninstall.
    The configuration is uninstalled.

Modify a configuration

Configurations are available for each integration. The following actions can be performed on the configurations from the three dot menu next to each configuration:

  • Edit: To edit a configuration, click this button.
  • Remove: To remove a configuration, click this button.
  • Discover: To discover a configuration, click this button.
Edit, Remove, Discover Options

Edit a configuration

  1. Click Edit from the three dot menu of a configuration.

  2. In the Edit Configuration window that appears, edit the configuration and click Update.

    You can also uninstall multiple configurations at the same time. Select configurations from the list in the Edit SNMP page and click Uninstall at the top right.
    You can also add a new configuration from the Edit SNMP page by clicking the Add button.

    Uninstall SNMP

Remove a configuration

  1. Click Remove from the three dot menu of a configuration that you want to remove. A confirmation message appears.

  2. Click Delete to remove the configuration. Click Cancel to go back.

Discover a configuration

  • Click the three dot menu available for the configuration and click Discover.
    A discovery is initiated and the status is displayed under the Discovery status column.

SNMP Definition Requests

You can view and submit SNMP definitions for review.

Only Service Provider (SP) and partner-level users can submit SNMP definition requests. All user levels, including SP, partner, and client, can view existing definitions.

View SNMP definition requests

  1. Go to Setup > Resources.
  2. Click SNMP Device Type Definitions. This displays the list of available definitions, as shown in the example:
SNMP Definition List

Submit SNMP definition request

  1. Go to Setup > Resources.

  2. Click SNMP Device Type Definitions.

  3. Click the +Submit button.

  4. In the Add SNMP Device Type Definition page, enter the following information:

    Device Type Definition:

    FieldRequiredDescription
    Object OIDYesObject identifier.
    MakeYesChoose the make from the drop-down list.
    ModelNoIf you selected Model, choose the model from the drop-down list.
    Model OIDNoIf you selected Model OID, enter a model identifier.
    Device TypeYesChoose a device type from the drop-down list.
    Operating SystemYesChoose an operating system from the drop-down list.
    Serial Number OIDNoSerial number identifier.
    Firmware Revision OIDNoFirmware revision identifier.
    Hardware Revision OIDNoHardware revision identifier.
    Software Revision OIDNoSoftware revision identifier.

    SNMP OIDs for Network Interface Information:

    FieldRequired
    Number of InterfacesNo
    NameNo
    AliasNo
    IndexNo
    TypeNo
    SpeedNo
    Operational StatusNo
    Admin StatusNo
  5. Click Cancel to discard your definition or click Submit, which displays the following advisory message:

    This definition will reflect on devices only after it is reviewed by a vistara admin. You can check the status on the definition listing page.

  6. Click Yes to continue and submit your definition for review.