Simple Network Management Protocol i.e. SNMP is a simple request/response protocol in which SNMP manager communicates with SNMP agents/managed devices using SNMP PDU’s (Packet Data Unit). Security is an important aspect wrt. SNMP as the pdus that are being broadcasted contain critical information about the managed devices.
Think of a scenario when someone gets access to this critical information and reboot the managed devices without the knowledge of network administrator or network operator. This can result in loss of service and hence loss of business. There can be many such scenarios where in invalid commands can be issued to the managed devices. Thus security should not be overlooked and modification of contained information or disclosure of information should not be allowed.
Different versions of SNMP i.e. SNMPv1, SNMPv2 and SNMPv3 implement security in different ways and as obvious, each version provides improvements over it’s predecessors. Here is a brief overview of how security is implemented in each of the SNMP versions.
Only form of security used in SNMPv1 is community names. Community names are similar to passwords. The concept behind using community name is that all the managed devices in an SNMP network which are being managed by a network manager are considered to be in a community and a specific name i.e. community name can be assigned to it. While creating the SNMP PDU, this community name is set in the message header and any message received with the wrong value of the community name would be rejected by the receiver.
The community name set in the message header is in the form of plain text. Thus, it is very easy to fiddle with this data by eavesdropper.
In SNMPv2 all the information in pdu which contains source IP address, community name and other object instances/values except the destination address is encrypted. The encryption is done using DES. This is called as Party Based Security Model and is also known as SNMPv2p.
The SNMP agent can decode the encrypted data in the pdu and use the accepted IP address and accepted community name to validate the request.
SNMPv3 provides the latest architecture for SNMP security. USM i.e. User Based Security Model and VACM i.e. View Based Access Control Model are part of SNMPv3. USM is based on the user’s access to a specific machine whereas VACM is based on user’s access to a view that contains specific MIB objects. Unless specified, default model in SNMPv3 is USM.
Thus all the versions of SNMP provides security at some level. Hope you find the information presented here useful. Please let us know for any queries, feedback or suggestions.