SNMP (Simple Network Management Protocol) is the language most monitoring tools use to talk to network devices. Almost every router, switch, firewall, server and printer can expose health data over SNMP, which is why it underpins tools like LibreNMS, Zabbix, PRTG and SolarWinds.
How SNMP works
A monitoring server (the manager) asks a device (the agent) for values identified by OIDs (object identifiers), organised in a tree called a MIB. There are two interaction styles:
- Polling — the manager periodically requests values (interface traffic, CPU, uptime).
- Traps — the device pushes an alert to the manager when something happens (a link goes down).
Versions — and why v3 matters
- v1 / v2c use a plaintext community string as a shared password. Easy, but unencrypted — never expose it to untrusted networks.
- v3 adds authentication and encryption (authPriv). Use SNMPv3 wherever possible, especially in regulated environments.
Secure setup checklist
- Prefer SNMPv3 with authentication + encryption (authPriv).
- If you must use v2c, use a long, unique community string and restrict it read-only.
- Restrict access with ACLs so only your monitoring server can query devices.
- Disable SNMP on devices that don't need it.
- Send traps for critical events to get instant alerts, not just polled data.
Common pitfalls
- Leaving the default
publiccommunity string enabled (a classic security hole). - Polling too aggressively and loading device CPUs.
- Forgetting to load vendor MIBs, so metrics show as raw OIDs.
Once SNMP is configured, any of the tools in our comparison can auto-discover and graph your fleet. SKYLINE can set this up securely across your sites — get in touch.
Comments
0 total · 0 threads