Versions of SNMP

• Overview of Versions

• SNMPv1 and SNMPv2c

• SNMPv1 and SNMPv3

• SNMPv1, SNMPv2c and SNMPv3

Internet Engineering Task Force (IETF) publishes documents that are called Requests For Comments (RFCs). These documents specify standards, operational practices, opinions, humor, etc. for the Internet protocol suite.

The different versions of SNMP are the SNMPv1, SNMPv2c, and SNMPv3. The following is a snippet of each version and it is followed by a detailed comparative overview of the versions.

SNMPv1: This is the first version of the protocol, which is defined in RFCs 1155 and 1157.

SNMPv2c: This is the revised protocol, which includes enhancements of SNMPv1 in the areas of protocol packet types, transport mappings, MIB structure elements but using the existing SNMPv1 administration structure ("community based" and hence SNMPv2c). It is defined in RFC 1901, RFC 1905, and RFC 1906.

SNMPv3: SNMPv3 defines the secure version of the SNMP. SNMPv3 also facilitates remote configuration of the SNMP entities. It is defined by RFC 1905, RFC 1906, RFC 2571, RFC 2572, RFC 2574, and RFC 2575.

The WebNMS SNMP API distribution supports all the three versions of the SNMP. The communication and MIB portions of the WebNMS SNMP API conform to the following Internet RFC specifications.

• SNMPv1 - RFC1155 and RFC1157

• SNMPv2c - RFC1901 and RFC1907

• SNMPv3 - RFC2571 and RFC2572

• SNMPv3 USM - RFC2574

• SNMPv3 VACM - RFC2575

Overview of SNMP Versions

SNMPv1 was the standard version of SNMP. The SNMPv2 was created as an update of SNMPv1 with several features. The key enhancements of SNMPv2 are focused on the SMI, Manager-to-manager capability, and protocol operations. The SNMPv2c combined the community-based approach of SNMPv1 with the protocol operation of SNMPv2 and omitted all SNMPv2 security features. One notable deficiency in SNMP was the difficulty in monitoring networks, as opposed to nodes on networks. A substantial functional enhancement to SNMP was achieved by the definition of a set of standardized management objects referred to as the Remote Network Monitoring MIB (RMON MIB) objects. Another major deficiency in SNMP was the complete lack of security facilities. The development of SNMPv3 was based on the security issues. SNMPv3 defines two security-related capabilities, namely USM and VACM.

SNMPv1 and SNMPv2c

SNMPv2c provides several advantages over SNMPv1. SNMPv2c has expanded data types of 64-bit counter. It calls for improved efficiency and performance by introducing the GETBULK operation. Confirmed event notification is sought by the introduction of the Inform operator. Enhanced error handling approach, improved sets, and a fine tuned Data Definition Language are some of the advantages of SNMPv2c over the SNMPv1.

SNMPv1 and SNMPv3

The SNMPv1 framework distinguishes between application entities and protocol entities. In SNMPv3, these are renamed as applications and engines respectively.

The SNMPv1 framework also introduces the concept of an authentication service supporting one or more authentication schemes. In SNMPv3, the concept of an authentication service is expanded to include other services, such as privacy.

The SNMPv1 framework introduces access control based on a concept called an SNMP MIB view. The SNMPv3 framework specifies a fundamentally similar concept called view-based access control.

SNMPv1, SNMPv2c, and SNMPv3

Both the versions v1 and v2c lack the following security-related features.

• Authentication

• Privacy

• Authorization and access control

• Remote configuration and administration capabilities

SNMPv3 was formed mainly to address the deficiencies related to security and administration.