The TCP/IP Guide  9  TCP/IP Application Layer Protocols, Services and Applications (OSI Layers 5, 6 and 7)       9  TCP/IP Network Configuration and Management Protocols (BOOTP, DHCP, SNMP and RMON)            9  TCP/IP Network Management Framework and Protocols (SNMP and RMON)                 9  TCP/IP Internet Standard Management Framework Overview, Architecture, Components and Concepts

TCP/IP Internet Standard Management Framework Architecture and Protocol Components 1 2 3 4 TCP/IP Internet Standard Management Framework and SNMP Standards

SNMPv1

The first version of SNMP was developed in early 1988, and published in the form of three RFC standards in August 1988. This first version is now known as SNMP version 1 or SNMPv1. The three SNMPv1 standards provided the initial description of the three main Internet Standard Management Framework components: the Structure of Management Information (SMI), Management Information Bases (MIB) and the SNMP protocol itself. However, the term “Internet Standard Management Framework” was not actually used at that time.

SNMPv1 was generally accepted and widely deployed in many networks. SNMPv1 got the job done and became the standard for TCP/IP network management; it is still widely used today. It is the “Old Faithful” of SNMP versions. Slight revisions were made to the initial standards and more and more MIB modules were defined over time, but the technology remained the same for a number of years.

As with any technology, users of SNMPv1 identified weaknesses in it and opportunities for improvement, over time. One of the areas in which SNMPv1 was most criticized was the area of security. SNMP version 1 used only a “trivial” (as RFC 3410 puts it) authentication scheme using a password-like construct called a community string.

The issue of security turned out to be the bone of contention that eventually led to serious problems in the development of SNMP. Some people felt that community strings were sufficient security, but many others felt it was important that better security be put into SNMP. There were many different ways proposed to add security to SNMP, and no universal agreement on how to do it. The points raised about the security weaknesses in the original SNMPv1 had some validity, as I explore in the SNMP protocol operations section.

The first attempt to add security to SNMP came in the form of three standards published in July 1992 that defined a new security mechanism using logical identifiers called parties. This is sometimes called SNMP Security or SNMPsec. This method was more secure than the original SNMPv1, but SNMPsec was never widely accepted, and is now considered “historic”.

TCP/IP Internet Standard Management Framework Architecture and Protocol Components 1 2 3 4 TCP/IP Internet Standard Management Framework and SNMP Standards