Internet Protocol Analysis/Network Monitoring

This lesson introduces network monitoring and looks at the Simple Network Monitoring Protocol (SNMP). Activities include installing, configuring and testing the SNMP service, using Wireshark to examine SNMP network traffic, and using OpenNMS to monitor a network.

Readings

 * 1)  Network monitoring
 * 2)  Simple Network Management Protocol
 * 3)  Management information base

Multimedia

 * 1) YouTube: An Overview of SNMP - CompTIA Network+ N10-005: 4.4

Activities

 * 1)  Install the SNMP Service.
 * 2)  Configure the SNMP Service.
 * 3)  Test the SNMP Service.
 * 4) Use a free or open source network monitoring tool to monitor a network:
 * 5) * OpenNMS Demo
 * 6) * Nagios XI Demo
 * 7) * Spiceworks Free Network Monitor
 * 8) * Simple Server Monitor Free Trial
 * 9) Review Wireshark: Simple Network Management Protocol (SNMP).
 * 10) Consider situations in which a packet analyzer might be used to troubleshoot network monitoring traffic.

Lesson Summary

 * Network monitoring describes the use of a system that constantly monitors a computer network for slow or failing components and that notifies the network administrator (via email, SMS or other alarms) in case of outages.
 * Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices on IP networks. With SNMP, administrative computers called managers monitor or manage a group of hosts on a computer network. Each managed system executes an agent which reports information via SNMP to the manager.
 * SNMP uses a Management Information Base (MIB) to describe the structure of the management data of a device subsystem. The MIB is a hierarchical namespace containing object identifiers (OID), and each OID identifies a variable that can be read or set via SNMP.
 * SNMP is an application layer protocol. SNMP agents receive requests on UDP port 161.  SNMP managers receive notifications (Traps and InformRequests) on UDP port 162.
 * SNMP messages from managers include GetRequest, SetRequest, GetNextRequest, and GetBulkRequest. SNMP messages from agents include Response and Trap.  SNMP messages from manager to manager include InformRequest.
 * SNMP versions 1 and 2 support limited security through the use of a clear-text password known as a community string. SNMP version 3 supports encryption on UDP ports 10161 and 10162.
 * Default SNMP settings present a variety of security issues that must be addressed when SNMP is implemented on a network.

Key Terms

 * agent
 * A software component that runs on managed devices and responds to requests from the network management system.


 * availability
 * The degree to which a system, subsystem, or equipment is in a specified operable and committable state.


 * managed device
 * A network node that implements an SNMP interface that allows unidirectional (read-only) or bidirectional access to node-specific information.


 * network management system
 * A combination of hardware and software used to monitor and administer a computer network or networks.


 * response time
 * The interval between the receipt of the end of transmission of an inquiry message and the beginning of the transmission of a response message to the station originating the inquiry.


 * uptime
 * A measure of the time a machine has been up without any downtime.

Assessments

 * /Lesson Flashcards/
 * /Terms Flashcards/
 * /Quiz/