Video-Demo-Tour

Ask us


I agree to the terms of the Privacy policy
I agree with the provisions on data protection. I agree that Protelion will process the personal data provided by me electronically for the processing of my request and contact me, according to my explicit request, for the processing of my request. I can revoke my consent at any time with effect for the future.

Your request was sent successfully.
We’ll answer you as soon as possible.

OK
EN
DE ES

Home

/
 ... / 

Resources

/
 ... / 

Blog

/
 ... / 
SNMP: Simple Network Management Protocol

SNMP: Simple Network Management Protocol

16.09.2025

Simple Network Management Protocol (SNMP) works on the application layer of the OSI Reference Model, to manage and control network devices. 

SNMP is one of the widely accepted protocols in the TCP/IP suite for managing and monitoring network elements, so most communication devices today include an SNMP agent to exchange data with the network management system. 

SNMP allows management of devices that are connected to any network accessible from the Internet, and not only those that are located in the local network itself. Obviously, if any of the routing devices with a remote device to be controlled does not work properly, its monitoring or reconfiguration is not possible. 

A network with SNMP applications has at least one management station that monitors and manages a group of network devices by means of a software called NMS (Network Management System), which is designed to manage the network.

The managed device is a network node that has an SNMP interface. It permanently runs a software component called an agent, which exchanges data with the management station and allows NMS access to node-specific information.

Essentially, SNMP agents on the devices expose management data to the management stations in the form of variables organized into hierarchies, which are stored in a structure called Management Information Base (MIB).

MIB and OID 

A Management Information Base (MIB) can be described as a collection of data organized hierarchically as a tree, with an anonymous root and with several levels provided by various organizations.

Node (object) identifiers located at the top of the tree belong to different organizations that define standards, while the identifiers at the bottom are placed by the associated entities.

Manufacturers can establish private branches (paths) that include defined objects for their own products. Non-standardized objects are typically located in an experimental branch.

To identify objects defined in a Management Information Base (MIB), an identifier called OID (Object ID) is used, which can be interpreted as the path through the nodes of the tree from its root to the object, and representing a variable to be checked on a specific type of network device.

In other words, Management Information Databases (MIB) contain hierarchically organized Object Identifiers (OIDs), where each node is identified indistinctly with a number and a text string.

To refer to a specific object, trace the path from root to it, adding each node as you go. Each connection is represented as a point, and the resulting address with all included nodes is the object ID (OID).

Any management information that can be obtained via SNMP is processed individually by its OID and can indicate e.g. server memory usage, traffic on a switch, or files in a printer queue.

So that a management entity and a network managed device can communicate successfully, both need to know which OIDs are available. This is why MIBs exist, and why system administrators need them.

To monitor the parameters (objects) of a given device, the MIBs of that device must be known, so administrators should ensure that all required MIBs are stored in SNMP agent devices and in the system of the management entity.

Normally, when a device manufacturer offers SNMP-compatible products, it also provides the required MIB files, which can be easily recognized through their extensions .my or .mib.

When using MIB files, network management software can display a tree of OID objects from managed devices, making network monitoring simple and flexible with the use of SMNP. 

SMNP Messages 

To perform basic management operations, the SNMP protocol is encapsulated within the UDP protocol, to send messages between the management device and its monitored endpoints (agents). Using UDP encapsulation ensures that management tasks do not affect network performance, as it avoids the use of control and recovery mechanisms as with other protocols such as TCP.

Generally, SNMP agents receive and send UDP requests on port 161 and 162. An SNMP manager can send its requests from any port, although usually the same ports are used as on the agent.

For successful monitoring, it is very important that UDP packets can pass from the agent to the manager. This normally works in a local network by default, but it’s necessary to specifically configure routing to allow such packets to pass through larger networks.

There are different types of SNMP messages that can be used to configure network monitoring via SNMP: 

  • GET: This is the message sent by an SNMP manager to request data, and it is the most frequently used one. Target device returns the requested value in a response message.
  • GET NEXT: SNMP manager can keep sending requests of next available data until there's no more data. This way, all data available on a specific device can be received, even if there has been no prior knowledge of the response device.
  • GET BULK: an iterated execution of GET NEXT. The requested response contains as much data as the request allows. Essentially, it is a way to perform several GET NEXT requests at once, allowing users to generate a list of all the data and parameters available on the requested device.
  • SET: it is a command initiated by the manager to set or modify the value of a parameter via SNMP on the agent device or system. This type of message can be used to manage or update configuration or other settings. Special attention is needed, as an incorrect SET could seriously affect systems and network configurations.
  • RESPONSE: the message that a device agent sends after a manager's request. When a response to a GET message is sent, the packet contains the requested data or values. In the case of a SET, the packet responds by indicating the new value set as a confirmation that it has been successfully completed.
  • TRAP: the SNMP agent sends a trap (message) to the manager without being requested. Actually, traps are sent under certain conditions, e.g. in case of an error or when a predetermined threshold is exceeded. Traps are a great idea in terms of proactive monitoring, however, if you want to benefit from their use it is usually necessary to set them up using SNMP manager
  • INFORM: this type of message was added to provide the manager the possibility to confirm that it has received a TRAP message from an agent. Some agents are configured to continue sending traps until they receive confirmation of a report message from the manager.
  • REPORT: these messages allow the manager to determine what type of problem the remote SNMP agent detected. 

SMNP Versions 

The most widely used versions of the SNMP protocol are SNMPv1 and SNMPv2. The latest version SNMPv3 presents important changes compared to its predecessors, especially in security. However, it has not been widely used by the international community. 

SNMPv1

It is the first version of the protocol, and is still widely used, mainly due to the simplicity of the authentication process it uses, even if it is not particularly secure.

This first version was designed when the priority was to monitor the rapid growth of network devices, so security aspects were not adequately addressed. In this sense, for example, the authentication of devices is carried out only by a string of octets transmitted in plain text.

SNMPv2

It includes improvements in performance, security, confidentiality and communication between management stations. It introduces new message types for device management.

With several classes (types), the second version of SNMP was not initially accepted due to its complexity and poor compatibility with the previous version of the protocol. However, its latest update has provided compatibility, simplified its use and improved the security, so that it is the most widely used version today.

SNMPv3

It provides important security features and remote configuration, making it the best option in terms of security measures that it includes, as well as its performance. It also has incorporated integrity and encryption checks during authentication.

Unfortunately, it has not been implemented to a large extent in most organizations, although it is recommended to use this version.

In general, SNMP offers its greatest value by facilitating the monitoring of all devices in a network, allowing issues to be tracked, timely decisions to be made, and control when necessary. That said, device access security is an aspect to be considered for the use of the protocol where necessary.
 

Back to list

Blog

Blog
IoT Security: How Smart Devices Open Doors for Hackers
05.09.2025
Smart homes, wearable devices, connected cars, the Internet of Things (IoT) is everywhere. From fitness trackers to smart fridges, these devices make our lives easier and more connected. But with convenience comes risk: every smart device is a potential entry point for hackers.
Read more
Blog
Why Systems Are Vulnerable — and Why It Matters to Fix Them
12.08.2025
No system is perfect. Whether it’s a hospital’s patient database, a bank’s online platform, or the apps we use daily, every system has weak spots. These weaknesses, or vulnerabilities are what cybercriminals look for. And the truth is, they don’t need to target you personally. They can scan thousands of systems at once, waiting for one to give them easy access.
Read more
Blog
MDM: Mobile Device Management
18.08.2025
The development of mobile devices and wireless technologies in recent years has revolutionized the way we work and communicate. The growing use of these technologies makes mobile devices one of the main targets of cyber threats.
Read more