Summary of SNMP Configuration Tasks
This section compares SNMP versions in terms of their support for features and usage scenarios to help you select the appropriate SNMP version for your network.
The device supports SNMPv1, SNMPv2c, and SNMPv3. Table 1 lists the features supported by SNMP, and Table 2 lists the SNMP versions supported by each feature. Table 3 describes the usage scenarios of SNMP versions, helping you choose the appropriate version for the communication between an NMS and managed devices according to the operation conditions of your network.
When a device is managed by multiple NMSs running different SNMP versions, configure SNMPv1, SNMPv2c, and SNMPv3 on the device so that it can communicate with all the NMSs.
Feature |
Description |
|---|---|
Access control |
This function restricts a user's device administration rights. It gives specific users the rights to manage specified objects on devices, providing fine-grained management. |
Authentication and privacy |
Authentication and privacy packets are transmitted between the NMS and managed devices. This prevents data packets from being intercepted or modified, improving data sending security. |
Error code |
Error codes help the administrator to identify and rectify faults. More varied error codes make it easier for the administrator to manage the device. |
Trap |
Traps are sent from managed devices to the NMS. Traps help administrators to find device faults. The managed devices do not require the acknowledgement from the NMS after sending traps. |
Inform |
Informs are sent from managed devices to the NMS. The managed devices require the acknowledgement from the NMS after sending informs. |
GetBulk |
GetBulk allows an administrator to perform GetNext operations in batches. In a large network, GetBulk reduces the workload of administrators and improves management efficiency. |
After a restart, an NMS can receive the informs that are sent by managed devices during the restart.
Feature |
SNMPv1 |
SNMPv2c |
SNMPv3 |
|---|---|---|---|
Access control |
Access control based on the community name and MIB view |
Access control based on the community name and MIB view |
Access control based on the user, user group, and MIB view |
Authentication and privacy |
Authentication based on the community name |
Authentication based on the community name |
Supported authentication and encryption modes are as follows: Authentication mode:
Encryption mode:
|
Error code |
6 error codes supported |
16 error codes supported |
16 error codes supported |
Trap |
Supported |
Supported |
Supported |
Inform |
Not supported |
Supported |
Supported |
GetBulk |
Not supported |
Supported |
Supported |
Version |
Usage Scenario |
|---|---|
SNMPv1 |
Small networks with simple networking and low security requirements or small networks with good security and stability, such as campus networks and small enterprise networks. |
SNMPv2c |
Medium and large networks with low security requirements or with good security (for example, VPNs) but on which there are many services running, leading to traffic congestion. Configure the managed devices to send SNMP notifications as informs to ensure that the NMS can receive them. |
SNMPv3 |
Networks of various scales, in particular, networks that have strict security requirements and can be managed only by authorized network administrators. For example, SNMPv3 can be used if data between the NMS and managed device needs to be transmitted over a public network. |
If you plan to build a network, choose an SNMP version according to your usage scenario. If you plan to expand or upgrade an existing network, run the same SNMP version on the managed devices as that running on the NMS to ensure that they can communicate.