Simple Network Management Protocol (SNMP) was introduced in the 1980s with the objective of auditing and managing network devices. By using a connectionless protocol — User Datagram Protocol (UDP ) — SNMP has little to no impact in today’s network environment. There are quite some articles on SNMP’s concept, so I won’t be touching on them.
A Brief History of Windows and SNMP
Also On SNMP
- Homebrew NMS: Put It Together with Perl and Net::SNMP
- SNMP for Everybody
- Make Sense of SNMP/MRTG Alphabet Soup
- Cacti: SNMP Monitoring Without All the Prickles
- SNMP – Anything But Simple
Microsoft first implemented SNMP on Windows NT server, using SNMPv1 (version 1). Out of SNMP’s three components, only SNMP Agent and SNMP Trap were added to Windows NT Server. The problem with SNMPv1 is security: Everything is passed in cleartext format, and anybody can sniff the network to gather important data regarding the servers.
Windows 2000 Server introduced improvements over SNMP by implementing SNMPv2c. SNMPv2c has better security, performance, confidentiality and communications between managers. Additional commands like GETBULK are now supported, which allow easier retrieval of data from multiple agents. However, Windows 2000 Server did not drop support for SNMPv1, which means SNMPv1-only management tools are still able to manage Windows 2000 Server.
Windows XP/Vista and Windows Server 2003/2008 all have SNMP built-in like their predecessors, but now IPv6 is natively supported by SNMP in Windows Server 2008 and Windows Vista. What does this mean? SNMP now works with the IPv6 protocol, but Windows Server 2003 or Windows XP and earlier will not be able to respond to queries made to their IPv6 addresses. And here’s another catch: Even if the IPv6 protocol stack is installed on Windows Server 2003 or Windows XP, neither will be able to respond to SNMP, which uses IPv6 addresses, too!
Configuring SNMP Agent on a Microsoft Windows Platform
As with most tasks on Microsoft Windows platforms, SNMP Agent can be configured through GUI. SNMP Agent can be configured by pulling up the properties of SNMP Agent service, under Services.msc.
As shown in Figure 1, you will find the settings to configure an SNMP Agent. This dialog asks for the contact person and the location of the network device, in order for the user to know who to contact if this particular network device goes down. The five service checkboxes tells the management system what network services the agent’s computer is using. Most, if not all, Windows operating systems have applications that use TCP/IP (thus Applications need to be checked); and are an IP host (thus End-to-End is checked).
If you click on the Traps tab, you will see the properties as shown in Figure 2. Here, you specify the community name and the trap destinations. If you are not familiar with these settings, “community name” acts as a password that is shared by other SNMP hosts. Trap destinations sends out trap messages to the management system which are located at the trap destinations IP addresses. Multiple IP addresses can be specified if the trap messages need to be processed by multiple management system.
The Security tab, as shown in Figure 3, specifies which trap messages are accepted and which to disregard. This is done by adding the community name under Accepted Community Names. It is also useful specify which hosts you want to receive SNMP packets from, otherwise the management system might be cluttered with unneeded SNMP messages. But is this all? There’s nothing else to configure on a Windows system? Yes, you are all good by just configuring these three different tabs, and no, there’s no command line configuration.
Trapping an Event
Being able to send reboot or ‘I’m alive’ trap messages is useful, but it’s more useful to send trap messages based on an event. “Event” here refers to an event logged by Event Viewer, be it an Error, Warning or Informational. Why is this useful?Picture this: Without using any third party tool to push errors from a managed server to a management system, how would you know that your managed servers went down just like that?
There are two tools designed to configure event trapping, and make administrators’ lives easier. First is Microsoft’s GUI tool evntwin (See Figure 4). Alternatively, administrators who love hanging out with the black command prompt screen can use evntcmd. As cool as the GUI tool can get, however evntwin does not configure Trap Destination.
SNMP’s Windows Future
After many years of refinement, SNMP has become a stable and reliable network monitoring protocol. I have been keeping myself updated with Microsoft Windows next course of action on how they can improve or implement latest Request For Comment (RFC) on SNMP protocol; however it’s unfortunate that Microsoft Windows did not include a SNMP Monitoring System for small businesses to take advantage of this very useful protocol.
At the moment the most commonly used management systems are proprietary software, and only enterprise-level organizations are able to enjoy the luxury of using SNMP protocol. What about the forgotten small or mid-size businesses? Do they not need to have their network devices monitored?
Speaking on my own, and maybe for the small businesses out there, it’s in our interest (and Microsoft’s) to include a network management system, maybe in its Microsoft Windows Small Business Server line. Even a very simple management system would work, were it included in Windows Small Business Server line.