Friday, August 21, 2009

Using SNMP for Network Troubleshooting

Here is a network troubleshooting tip to consider. Simple Network Management Protocol (SNMP) is used for getting notifications and performance data about networking devices. It can also be useful in a non-traditional way as well.

When most networking devices are very busy they stop responding to management requests and focus on core routing or traffic-level tasks. As a result, if you see increasing SNMP response times or worse complete SNMP response failure, it’s likely a leading indicator that a device’s performance is nearing the user impact stage. The device may not be down yet but, it very well could be shortly. Use this indicator to your advantage and start monitoring SNMP response time and failure rates. Be sure to keep a close eye on these devices and you’ll know about problems before it's too late.

Why use SNMP v3?
Need stronger security than community strings and access lists can provide? Consider moving to SNMPv3 if you haven't done so already. SNMP v1 and v2 are sufficient for many networks. When management traffic must pass over the public Internet, however, SNMP v3 provides improved message security that can be important.

Enhanced security features in SNMPv3 include:

- Message integrity to ensure a packet has not been tampered with in transit.
- Authentication and verification that the message is from a valid source
- Encryption of packets to prevent snooping by an unauthorized source

1 comment:

  1. I like your thoughts. Can you send me a link to your other posts?


    Justin Davis
    Internet Filter

    ReplyDelete