The SNMP v3 is now supported in all the Poseidon2 units. This is a major update that brings many advantages and improvements. The following text will explain all the advantages of the SNMP v3 and how to use it in the Poseidon2 devices.
The SNMP basics
The SNMP (Simple Network Management Protocol) is a way of quick and simple supervision of network elements and services.
It is being increasingly used for monitoring the environment where these elements work. Mainly due to the possibility to monitor the temperature, humidity and other values in the same monitoring software as the other operating parameters of the system. The SNMP was originally designed to be extremely economical and to exist above the UDP protocol. This was to be sure the network management does not put a high load on the network itself. Today in times of gigabite and faster networks the priorities are a little bit different and thus the SNMP got a lot of extensions and improvements.
The SNMP is an asynchronous, transaction-oriented protocol based on the client/server model. The party that sends requests (SNMP client), can be a simple SNMP browser or a complex NMS (Network Management System). On the device side is there is an SNMP agent (SNMP server), that responds to the requests. SNMP traps are an exception and those are sent by agents asynchronously when an event occurs (power failure, fan failure, value excessed, new device discovered…). You need to define the address where the information is sent in advance. The UDP protocol is used to transmit data and it is defined where the applications of individual companies can connect. This is managed by IANA organization (Internet Assigned Numbers Authority - literally: Internet authority for assigning telephone numbers). SNMP can not only be used to read the current values, but also to write the operating values (configure devices).
The SNMP versions
The SNMP Protocol has been developed gradually. The first version (SNMPv1) provides basic SNMP functionality and it is very efficient. As networks were speeding up so was the need for a greater security. Simple authentication was added to SNMPv2 (security with username and password), which followed by adding encryption in the latest version of the protocol (SNMPv3)
In SNMPv1 only Community served for identification of the "authorized" agents. Although the name was user definable, usually only two values are used - "public" for reading and "private" for reading and writing.
The SNMPv2 improved in performance, security, privacy and communication management. The SNMPv2 standard is not much used and is replaced by SNMPv2c, which is compatible with SNMPv1 and has an extended set of commands and a higher efficiency. The SNMPv2u was also not very popular though it was the first attempt to establish SNMP security features.
SNMPv3 is an upcoming variant of the standard and it contains not only the user authentication, but also encrypted communications. For the security Username (similar to Community), Password for authorization (Authentisation password) and key (Privacy password) are used. During the authorization, the communication can be encrypted using MD5 or SHA, private communication can then be encrypted using DES or AES. Starting from SNMPv3 it becomes a full-fledged management protocol in the most demanding corporate networks. The main advantage is that the MIB stays the same and there is no need of any special arrangements during the transition to SNMPv3.
There is an unlimited number of users in the SNMPv3, which allows you to track and log the activity of individual operators. Each user has his combination of Username, Auth. and Privacy password along with the corresponding encryption, which together form a profile.
Using the SNMPv3
The Poseidon2 units now support SNMPv3 and up to 5 user profiles. Please see the images below for examples:
Poseidon2 4002 web interface with SNMP settings
Example of using the SNMPv3 with SNMPget:
C:\Users\volmr\Downloads\SnmpGet\SnmpGet.exe -r:192.168.2.71 -v:3 -sn:public -ap:MD5 -aw:idefix12345678790 -pp:DES -pw:idefix12345678790 -o:.1.3.6.1.2.1.1.3.0
Result: