SNMP Primer

Blog Date:  8/30/2013
Author:  Ray Coulombe

SNMP ... today, this could mean “Security - Not My Protocol” for all the use we’re getting out of it. What SMP officially stands for is Simple Network Management Protocol. You may have seen it on a configuration screen for an IP camera or other security device and wondered what it was used for. It really is a pretty useful protocol, and it’s time we did something with it.
SNMP is based on a model consisting of a manager, an agent, a database of management information, managed objects and the network protocol. The manager provides the interface between the human network manager and the management system. The agent provides the interface between the manager and the physical device(s) being managed. The information to be accessed is stored in a specified format in the device database, known as a MIB (Management Information Base), used by both the manager and the agent.
MIB’s contain the parameters to be collected for reporting, captured for notifications, or configured by the corresponding management software. Basic commands are “gets” to retrieve desired information, “traps” to trigger alarm or condition notifications, and “sets” for configuration and control. There are three common revision levels, or versions, of SNMP - v1, v2c, and v3. Each succeeding version provided more functionality and, importantly, more security. Version 2c uses log in information known as Community Read and Write strings, analogous to passwords and requiring change from default values. Information, including configuration commands, are sent in the clear. Version 3 provides for far better security and privacy through authentication (using MD5 or SHA hash) and DES or AES encryption. This becomes particularly important if the managed device has been configured to allow system variables to be remotely set. Imagine another avenue for a hacker to gain control IP camera settings.
While there are a number of standard MIB’s that have been established though the RFC process, these deal primarily with network functions and protocols. Companies may develop their own MIB’s, usually after obtaining an enterprise number form the IETF. In our industry, there are tens or hundreds of vendors, each with their own unique set of MIB’s and only discoverable by software packages that have been configured to look for them. Predictably, their usage is sparse.
So what’s an industry to do? Enter the Standards Committee of the Security Industry Association (SIA). This committee has just recently approved an effort to develop an industry set of standard MIB’s. What this means is that vendors from across the industry will get together to decide those conditions which merit monitoring, capturing, or configuring. What kinds of conditions? They could include such things as loss of video, intensity of video compression, excessively high access card retries, over-current, under voltage, hard disk drive utilization, excessive temperature, loss of pressure, etc. By having a solid set of conditions for which MIB’s are defined, it is far more likely that be third part monitoring software will supervise the network and attached security devices. Such software may have the ability to discover devices, identify linkages between them, name devices, examine their status and history, provision IP addresses and reconfigure them.
Link to Complete Article as it appeared in Security Technology Executive Magazine

 

Resource Blogs

Most Recent Blog List for Blog Author: Ray Coulombe

Security Specifier Blog List Image for  Stay Safe! While Traveling This Summer

Stay Safe! While Traveling This Summer

It’s summer vacation time! The last thing you need to worry about it is getting your identity stolen while you’re sitting on a beach somewhere exotic. In 2016, more than 15 million Americans were victims of identity theft, up 16 percent from the previous year, according to Experian. Plus, about 33 percent of that fraud took place when people were traveling. Here’s a few tips to staying safe all summer while traveling...
read more -->

Security Specifier Blog List Image for Rethinking Cabling

Rethinking Cabling

Cat 5e became an ANSI/TIA/EIA standard in 2001, Cat 6 in 2002, and Cat 6a in 2008. However, it may be extremely useful to consider taking advantage of other existing cabling infrastructure in lieu of running new. Read more to learn how to approach cabling.
read more -->

Security Specifier Blog List Image for Off the Beaten Path at ISC West

Off the Beaten Path at ISC West

This year at ISC (the International Security Conference and Exposition), I was determined to try to see the latest iStechnologies hiding in the nooks and crannies—literally! I visited booths in the back, the basement, small kiosks hidden inside larger vendor books, and throughout the Emerging Technology Zone.

In case you missed the show, I’ll round up some of the best new technologies and companies to keep an eye on. Read more.
read more -->

Security Specifier Blog List Image for Cyber Crime Taking Down Cities

Cyber Crime Taking Down Cities

Earlier this year, in March, the City of Atlanta’s nearly 8,000 employees heard words they never thought they would hear: “It’s okay to turn your computers on.” Their computers were powered off for five days. In those five days Atlanta residents could not pay traffic tickets, water bills, or report city issues. Read how ransomware impacted this metropolitan area.
read more -->

Security Specifier Blog List Image for A Few Thoughts on K-12 School Security

A Few Thoughts on K-12 School Security

There is no one size fits all when it comes to K-12 school security. Schools vary in so many ways: size, age, local environment, affluence, culture, governance, and more. Read some helpful tips and resources that might just help your school be better prepared.
read more -->


Copyright Ⓒ 2010 SecuritySpecifiers™
>