You've got a good-size network with hundreds of users in several locations, connected by routers, hubs, bridges, switches, dial-up modems, Web servers, application servers-you name it. When everything's fine, then everything's fine. But what happens if a section of the network starts experiencing dropouts, outages, reduced throughput or other network-based errors? How do you know that something has gone wrong, discover where the source problem is and then fix it?
This isn't a trivial issue. In today's economy, businesses are linked to one another and to their customers by networks that must be kept running around the clock. To do that, you need to know when there's a network problem, and you need to know now.
The most common mechanism for keeping tabs on network health is a standard called Simple Network Management Protocol (SNMP). Any device (which in this case can refer to software as well as hardware) that can be managed by SNMP contains a monitoring program, called an agent, that gathers information on that device's network activity. This information is in the form of messages called protocol data units (PDU) and is stored in an onboard database called a management information base (MIB).
At the network administrator's console, there's usually some type of monitoring application, often called a network management station, such as IBM's Tivoli NetView or Hewlett-Packard Co.'s OpenView. From this point, the administrator (or an automated or scheduled process) polls all or some of the network nodes, asking for whatever information has been collected.
At the device being monitored, another piece of software, called the master agent, looks at what's been stored in the MIB and sends it back up the chain to the network management station, where it can be collated and processed with information from other nodes to determine what's happening on the network. At this point, SNMP can also be used by the network administrator to reconfigure specific devices.
SNMP agents can also be set up to automatically notify the network management station if certain predefined conditions or events occur. These alerts are called traps.
Past and Future
When networks were first created, problems could be solved only by network gurus using relatively primitive tools such as Internet Control Message Protocol and ping. As networks grew, however, these simple tools no longer sufficed for monitoring every device on a network.
The first specific network management tool was the Simple Gateway Monitoring Protocol (SGMP), which debuted in 1987. SGMP could monitor gateways but still wasn't a general-purpose tool. SNMP came along a year later, but only for TCP/IP networks. In 1993, SNMP was extended to use two other network transport systems, AppleTalk and Novell Inc.'s IPX protocols.
A more recent offshoot of SNMP is Rmon, a remote monitoring capability that gives a network manager the ability to monitor subnetworks as a whole, rather than just individual devices.
The more powerful and secure Common Management Information Protocol (CMIP), developed in the mid-1990s, was expected to replace SNMP. However, the fact that CMIP uses 10 times the network overhead has meant that SNMP is still the major player in the industry.
Despite its innocent-sounding name, SNMP isn't simple. It's a highly complex protocol that can be difficult to implement. Also, SNMP isn't very efficient. It wastes considerable bandwidth relaying unnecessary information, such as the version number, which is included in every message.
But one thing that sets SNMP apart from so many other standards is that it's not a mere paper specification but is widely available and interoperable among a variety of network components.