Simple Network Management Protocol or SNMP is a protocol for exchanging information between network devices.
There are a lot of SNMP monitoring systems available on the market today that can detect SNMP traps in real-time and let you set alerts based on automatic or user-set trigger conditions. Trap details can be logged with the time the event occurred, associated hostnames, and the type of trap event.
Here’s our list of the best SNMP monitoring tools:
- Datadog Network Device Monitoring (FREE TRIAL) – EDITOR’S CHOICE This cloud-based service will track the statuses of your network devices and extract traffic data by using SNMP. Try it out by accessing a 14-day free trial.
- SolarWinds Network Performance Monitor (FREE TRIAL) This is the industry leader for network device monitoring and it uses SNMP to communicate with equipment and uses SNMP Trap receiver monitoring; The software installs on Windows Server 2016 or later and it is free to use on a 30-day free trial.
- Atera (FREE TRIAL) A network monitoring system that is tailored towards Managed Service Providers and is underpinned by SNMP.
- Auvik (FREE TRIAL) This cloud-based network monitoring service uses SNMP for network discovery, asset inventory maintenance, network mapping, and device status polling.
- ManageEngine OpManager (FREE TRIAL) A comprehensive SNMP-based network monitor that has an excellent user interface.
- Paessler PRTG Network Monitor (FREE TRIAL) A comprehensive monitoring tool for networks, servers, and applications with SNMP providing data collection systems for the LAN monitoring functions.
- Domotz (FREE TRIAL) This SaaS package uses SNMP to discover all connected devices connected to a network, create an inventory, and draw up a map.
- Site24x7 (FREE TRIAL) A comprehensive IT infrastructure, applications, and user behavior monitor that uses SNMP to track network performance.
- SolarWinds Log Analyzer (FREE TRIAL) This log analysis tool is able to receive SNMP trap messages live and report on them in the console.
- N-able RMM (FREE TRIAL) A remote monitoring and management tool that uses SNMP to track network device statuses. Based in the cloud.
- SysAid Monitoring A challenger SNMP-based network monitoring system that is an add-on to Help Desk software.
- Kaseya Network Monitor Part of Kaseya VSA, this monitoring tool uses SNMP to collect device statuses.
- Spiceworks Network Monitor An ad-supported free network monitoring system that is based on SNMP procedures.
- Pulseway IT Management Software An infrastructure monitoring system that relies on SNMP for device status monitoring.
- LogicMonitor Software-as-a-Service network monitoring that interfaces with SNMP to monitor network device health.
- EventSentry A resource monitoring system that combines threat protection with device monitoring. Equipment health checks rely on SNMP.
What is SNMP?
When organizing your network, you will be faced with a range of proprietary and open protocol-based options. The Simple Network Management Protocol is one of those options. SNMP is not a product of any single company. Rather, it is a set of guidelines freely available to everyone. If you decide to implement SNMP for your network, you will then be faced with deciding which implementation to choose.
SNMP is implemented on a wide range of hardware including network devices such as switches, bridges, routers, and gateways, and also on endpoint equipment such as printers. As such, you will discover that manufacturers already include SNMP agents on the operating systems of the devices that you buy to include on your network.
Network managers are very familiar with the concept of protocols. The Internet Engineering Task Force manages the definition of the Simple Network Management Protocol, and it can be downloaded for free from the IETF website. SNMP fits into the application layer of the TCP/IP stack.
The IETF labels the protocols that it manages with a “request for comments” number, or RFC. There have been three versions developed for SNMP. These are:
|RFC 1157||A refinement of the first definition of the protocol, known as SNMPv1|
|RFC 1901||This is SNMPv2c and includes improved error-handling methodologies evolving the original SNMPv2 definition, which was contained in RFC 1441|
|RFC 3410||The latest version of the protocol, known as SNMPv3, which has enhanced security and privacy features|
As it has been around longer, there are more implementations of SNMPv1 on the market. SNMPv1 was first defined in 1988, although earlier RFCs defined this version prior to RCF 1157.
SNMPv2 dates back to 1993. The core definition of version 2 includes a “party-based” authentication security model. This is hardly ever implemented because it uses a complicated system. SNMPv2c is the most widely used variant of version 2. This is the same as SNMPv2, except that it uses a “community-based” model for authentication. You might also see reference to SNMPv2u, which uses a “user-based” system for authentication. This is not as popular as SNMPv2c.
The extra security features of the latest version should be sought out, so aim for networking software that implements SNMPv3. This version employs user-based authentication, the same as SNMPv2u. SNMPv3 includes the ability to use transport layer protocols, such as SSH and TLS to provide encryption protection to messages.
The user-based authorization in SNMPv3 offers three statuses that can be allocated to each user:
|NoAuthNoPriv||No authentication and no encryption of the messages they send and receive|
|AuthNoPriv||Authentication necessary but no message encryption|
|AuthPriv||Authentication necessary and messages are encrypted|
An SNMP network includes the following three elements:
|Managed devices||Such as switches, routers, servers, workstations, and printers|
|Software system management agents||Run constantly to monitor the status of all devices|
|Network management system (NMS)||Requests, compiles, and stores status information.|
Now let’s take a more in-depth look at these contributors to an SNMP network.
How SNMP works
The controlling element of SNMP is the network manager. This can be installed on any computer on the network. The network manager drives the system, whereas the software system management agents’ main task is to respond to requests from the network manager.
The SNMP Manager
The network management system includes a schedule for querying agents. Each device on the network has a software agent installed on it, and the communication of SNMP takes place between the manager and the system management agents, making it unnecessary for the network manager to communicate directly with each device.
A central element of SNMP is the Management Information Base (MIB). The MIB is a communications framework and dictates the format of data communicated between the network manager and each device agent.
The SNMP standard allows for more than one manager. The responsibilities of each manager may overlap.
The SNMP Agents
The SNMP agent monitors the device on which it is installed. It creates a local MIB, maintaining the status of each category in the database, ready to respond to requests for information from the network manager. The agent does not automatically communicate with all network managers. It will only respond to managers that it has been configured to deal with. This selective communication strengthens the security of SNMP because each network manager has to authenticate its identity with credentials before an agent responds to its request.
The SNMP system includes a pre-defined information structure, which includes a little flexibility in the information that it can handle. So, you may find that the agent implementation that is already loaded onto the equipment that you buy contains some extra information slots that aren’t defined in the protocol.
The Management Information Base
The MIB structure dictates the format of information exchange in an SNMP system. Information on a device is collected by its associated SNMP agent and stored in a text file at the device. When a request for information arrives from the SNMP manager, that data is returned showing the current status of the specified parameter.
The notation of conditions and statuses is mapped in a hierarchy. This hierarchy has two forms of notation: one that uses numbers and one that uses variable names. Either naming system can be used for interaction between the manager and the agent.
The hierarchy is expressed as an addressing system. Each address is called an object ID, or OID. The addresses of each point in the hierarchy rely on inheritance. So, a root address would be 1 and then all nodes beneath that point in the tree would also include 1 in its label, such as 1.1, 1.2, 1.3, etc.
The MIB notation has been revised since it was first created. The newer version of the system is called MIB-2. The version of the notation being used for communication is written into the address. The standard address for internet resources in the addressing scheme is 188.8.131.52. This can also be written as iso.org.dod.internet. The management function of this resource has the OID 184.108.40.206.2.1, or iso.org. dod.internet.mgmt-mib-2. That last element — 1 or mib-2 — indicates that the MIB-2 address format is in operation.
You can get more details on the meaning of OID addresses at the OID Repository. When you install an SNMP system, you don’t need to understand the entire MIB-2 addressing language because the SNMP manager dashboard will interpret these addresses for you and present the values transferred by this system as meaningful data rather than delivering a long list of variables and statuses for you to decode.
The Simple Network Management Protocol includes the definition of seven network message types, which are also known as “protocol data units.” These are:
|Get||An information request|
|GetNext||Requests next information segment|
|GetBulk||Requests a range of information categories|
|Set||Change a setting|
|Response||The reply from the agent|
|Inform||Acknowledges a Trap|
The SNMP manager sends out Get, Set, GetNext, and GetBulk, and PDUs. The agents send back Response PDUs. The Trap PDU is a method made available to agents to send out unsolicited alerts, and managers send Inform protocol data units to acknowledge Trap messages.
Message Types in More Detail
Here are some more details on each message type:
|Get||The Get PDU is the main method used by the SNMP manager to request information from a service agent on a specific object identifier.|
|GetNext||The GetNext message type allows the SNMP manager to work through an ordered list of OIDs according to the standard MIB hierarchy. So, the SNMP hierarchy would start at a specific point in the hierarchy with a Get request, and then continue through point by point with a series of GetNext requests.|
|GetBulk||The GetBulk request is implemented as a sequence of GetNext requests, allowing a large segment of the MIB hierarchy to be queried by the SNMP manager from a device agent.|
|Set||The Set message type is the method that the SNMP manager uses to instruct an agent to alter a setting on the device that it monitors.|
|Response||The Response message type is used by the device agents. It acts as a delivery mechanism for the requested information. In cases where no information is required back, such as with a Set PDU, the Response acts as an acknowledgment.|
|Trap||The Trap PDU enables the device agents to send out alerts to the SNMP manager. These Trap messages concern the failure of the monitored network device, maintenance issues, and other unexpected conditions.|
|Inform||The Inform message is the SNMP manager's version of a Response. It is only sent out in reply to a Trap message. This acts as an acknowledgment and the device agent will keep resending its Trap message until it receives an Inform PDU back from the manager.|
The Trap command is one of the most distinctive features of SNMP and is probably the reason why the protocol is so universally applied in the networking industry. The Trap will pick up on events that the scheduled Get requests from the manager might miss.
Network Equipment Issues
Just about all network equipment and most devices intended to connect to a network now ship with an SNMP module installed. This gives most of the hardware that you acquire the ability to send Trap messages. In most cases, the SNMP functions are turned off in the factory settings. So one of your tasks, when you plug in a new piece of kit, is to log into its administration console and turn SNMP on.
Older equipment may not have SNMP capabilities. However, that doesn’t mean that you have to throw it away. You can install an RTU to interface on it. “RTU” means “remote terminal unit.” Think of it as a modem for one piece of equipment. This device will implement SNMP monitoring on that device and send out Trap messages when error conditions are detected.
SNMP Version Issues
Different versions of SNMP can be a problem when buying network equipment. It is better to settle on one version. As SNMPv3 includes encrypted messaging and more sophisticated authentication procedures, it is best to settle with version 3.
Unfortunately, as SNMPv3 access levels are defined per user and not per device, it isn’t really backward compatible with devices running earlier protocol versions. In these instances, you can install a translator to make your equipment SNMPv3-compatible. The translator is another RTU and it can handle incoming traps from many devices, encrypt them, and convert them to the SNMPv3 standard. The only weakness of this solution is that the messaging that feeds into the RTU is not secure. If you run several sites, you will need at least one translator per site.
The issue of compatibility and newer versions is a problem that all IT managers face with all of their equipment and software. Migrating from an older version of SNMPv3 may seem to be an unnecessary expense for established businesses. You don’t need to worry about your traps running out over the internet unencrypted if you opt for a SaaS solution to network monitoring because all of the cloud services run messaging through a client program on your network, which will encrypt all internet communications.
Installing SNMP manager software
SNMP capabilities are already installed on network devices out of the box. However, in some cases, that capability may be turned off. You need to make sure the SNMP service is active on each of your network devices and servers. The activated SNMP service will run constantly, starting up with the operating system. The location of the executable files and its name varies depending on your operating system.
You will get some .mib files on each of the servers on your network. These files are generated when you activate the SNMP agent and they are not properties of the collector. On Windows, these files are stored in the Windows\System32 directory. On Linux, the MIB files will be in /usr/share/snmp/mib.
The SNMP manager has a collector, a data store, and a user interface. Cloud-based network monitors still need the collector installed on a server on your network — the store and the user interface software are held on a remote server. An on-premises installation consists of installing the three elements on a server on your network. The data store can be implemented as a file or as an SQL database.
Once the agents on all of your devices and servers are operating they are ready to respond to a Get request from a collector. The installation process of your network monitor finishes with its first request broadcast. All of the agents on the network will pick up that request. The interface software of your monitoring tool will assemble an inventory from the SNMP responses. So, you don’t have to do anything to map your network and start monitoring device health.
The best SNMP monitoring tools and manager software
The ease of use of SNMP monitoring systems and the vital contribution that Traps provide make this protocol an essential part of any network administrator’s toolkit. It is great to be alerted of potentially damaging conditions on equipment and resolve those issues before the users start calling. Being proactive and discovering errors saves a fortune on Help Desk time.
The cost savings borne of SNMP monitoring in terms of Help Desk budget is further illustrated by the number of companies that offer these systems as modules in a suite of services that also includes Help Desk interoperability.
Datadog offers two network monitoring tools, one of these is the Network Device Monitoring system and the other is the Network Performance Monitoring. While the Network Performance Monitoring system looks at bandwidth usage, the Network Performance Monitoring module uses SNMP to extract traffic data from switches and routers along with device health reports.
Thanks to SNMP, the monitor is able to discover all of the devices on the network. This enables the tool to compile a network asset inventory. That list of devices provides an index through to the report from each piece of equipment. The total list provides a quick overview of all assets, showing color-coded statuses.
The device polling by Datadog is repetitive. That means the system will spot whenever a device is added or removed from the network. Each scan of the network refreshes the asset inventory, so your view of all equipment is always up to date.
The monitor will process SNMP Trap messages from device agents into alerts on the screen. It is also possible to set up performance thresholds on any of the statistics that the monitor gathers. If one of those thresholds gets crossed, the system will generate an alert. Alerts from the Network Device Monitoring service can be forwarded to key staff as notifications by email or through Slack, PagerDuty, Jira, or Webhooks.
The alerting mechanism means that you can leave the Datadog system unattended and it will watch over performance. You will be brought back to the monitor if any problems arise.
The ability to see the statuses of all of your network devices in one screen makes it very easy to spot performance problems and know exactly where they are. Datadog offers a menu of modules and while each will work individually, they provide enhanced system monitoring capabilities when combined. For example, using both the Network Performance Monitoring and Network Device Monitoring modules together gives you a complete view of network activity and performance.
- Watches over all network devices in one screen
- Automatic device discovery
- Gethers traffic statistics at each network node
- Provides notifications of gathering issues
- The free trial only lasts two weeks
The Network Device Monitoring system is based in the cloud and reaches out to monitored networks through the installation of agents. It is possible to monitor any site anywhere with this tool and even cover multiple sites in the same account. You can get a look at the Network Device Monitor by accessing a 14-day free trial.
Datadog Network Device Monitoring is our top pick for an SNMP monitoring tool because this system is based almost entirely on the Simple Network Monitoring Protocol. The tool watches over device health and also extracts traffic data from switches and routers. Repetitive polling ensures that the automatically generated device asset inventory is always kept up to date. The monitor processes SNMP Trap messages into alerts so that you know immediately when a device is experiencing problems.
Official Site: https://www.datadoghq.com/free-datadog-trial/
The SolarWinds Network Performance Monitor (NPM) is our top pick SNMP management tool. The installation of this system is straightforward, thanks to a device discovery tool, which will locate, map, and configure all of the nodes on your network, installing agent software, or instructing existing, pre-loaded agents.
The console of this network monitoring system tracks availability and load and keeps you updated when new devices are added or nodes get taken away. This is particularly useful for large networks that cover multiple sites, or workplaces that have a “Bring your own device” policy.
A graphical map shows you all of the topologies of your network and reports on link utilization through color-coding. You don’t have to set up this map yourself because the SolarWinds software compiles the data on your network and puts them on the map automatically.
The SolarWinds console can zoom in on each detected device and show a detailed performance report. The Node Details screen of the console leverages graphical displays to make visual checks on the health of a device instantly.
A typical network includes SNMP-enabled devices sourced from several different manufacturers. SolarWinds is ideal for a multi-vendor network environment because it relies on the universal Simple Network Management Protocol to ensure interoperability.
The location and ownership of network segments don’t matter to the Network Performance Monitor. This enables cloud services to be integrated into the network. The performance of links to those off-premises services can help the network manager decide where extra resources are needed to prevent bottlenecks.
- Supports both SNMP monitoring as well as packet analysis, giving you more control over monitoring than similar tools
- Alerts are easy to set up with conditional and threshold-based notifications
- Uses drag and drop widgets to customize the look and feel of the dashboard
- Offers tons of preconfigured templates, reports, and dashboard views
- This is a feature-rich enterprise tool designed for sysadmin, non-technical users may some features overwhelming
The automation of setup and the ability to use the Network Performance Monitor to adjust the settings of devices means that the Network Manager can maintain multi-site networks from anywhere in the world. It is no longer necessary to employ a key network manager at every site of a network because all administration tasks can be centralized. SolarWinds offer a 30-day free trial.
SNMP Trap Receiver Monitoring is made easy with Network Performance Monitor where you can receive, log and display SNMP traps whenever an event occurs. The monitor and intuitive dashboard give you a commanding view of network resources and performance including device event information.
Download: Start 30-day FREE Trial
Official Site: solarwinds.com/network-performance-monitor/
OS: Windows Server 2016 and later
Atera integrates its network monitoring system into a complete MSP support package, which includes a Help Desk system. The complete system covers the usage and capacity of apps and infrastructure and generates invoices and reports from logs of staff activities.
This option would be the right choice if your IT department operates as an income center or if your business provides fee-based support to other companies. The SNMP involvement in this package is concentrated on the network monitoring module. SNMP Traps provide a vital element of the monitoring system, providing real-time alerts in the Atera console.
The network manager dashboard includes scripts that automate routine administration tasks, and you can also create your own custom scripts to complete your regular tasks your way.
Atera allows you to reach out from the data center, and even leave it. The system includes remote access procedures and it is also possible to access the dashboard from a mobile device. The dashboard includes real-time performance graphs to speed decision making. Alerts can be set to trigger notifications by email.
Configuration control and patch management is also centralized. Remote management utilities enable you to centralize IT support for multi-site, or even multi-customer scenarios. The closed-loop information flows between the network monitor and the Help Desk system keeps customer Support teams apprised of solution progress in real-time and enables online operators to match existing system alerts with incoming queries.
Atera offers a free trial that helps you get the feel of the system. There are also video walkthroughs available on the Atera website to show you how to use the package effectively.
- Lightweight cloud-based tool for scalable SNMP monitoring
- Built with MSPs in mind, and includes RMM and PSA tools built-in
- Dashboard access from any browser makes Atera extremely flexible
- Can scale and support multiple networks in an organized manner
- Many features cater to MSPs – smaller organizations may not use all features available
You can gain access to a free trial.
Auvik is a cloud-based system that offers network monitoring services. The package reaches out to networks through an agent that needs to be installed on a host connected to the monitored system. The connections between the network and the monitor are protected by AES-256 encryption and the account space of each client is similarly encrypted. It is possible to centralize the monitoring of several networks within one Auvik account.
The Auvik network performance monitoring service relies on SNMP for its data gathering. This enables the system to generate a network inventory from the SNMP agent responses. The network inventory also provides source data from a network map, which is also created automatically. Regular SNMP responses enable Aiuvik to keep both the inventory and the network map constantly up to date.
The network map and the asset inventory form overviews of the system and provide links through to details on the Layer 2 and Layer 3 devices that connect the network together. Each detail page also includes a list of alerts for that device, which are derived from any Trap messages sent out by its SNMP agent.
The system also provides a front page overview that lists all alerts for the system. These are collated from SNMP Traps and also from traffic volume measurements taken from the network.
A higher plan of Auvik, called Performance adds on network traffic analysis. This uses NetFlow, J-Flow, IPFIX, and sFlow to communicate with network devices. The lower plan is called Essentials. Another service that is included only with the Performance edition is a Syslog manager. This offers a log retention period of 14 days and the cloud storage space to hold log files is included in the subscription price of the package.
The console for the system can be customized. It is based in the cloud, hosted on the Auvik servers, and it can be accessed through any standard Web browser.
- SNMP monitoring with autodiscovery and network mapping
- Alerts based on SNMP Traps
- Network traffic analysis features with the Performance plan
- Syslog manager with the Performance plan
- Integrations with third-party team and project managers
- No Windows Event log management
Auvik is a subscription service but the charge rate is not published. You can test the Auvik system with a 14-day free trial.
ManageEngine OpManager is a very comprehensive facilities management tool that includes network mapping, configuration management, traffic analysis, WAN link monitoring, network status monitoring, and even a specific module for VoIP traffic management.
The first day of an OpManager install involves network discovery and mapping, which the management software can carry out automatically. The system uses a range of protocols to keep track of the performance of equipment and infrastructure. SNMP is used in conjunction with WMI and CLI to provide process monitoring and system health monitoring. WMI is Windows Management Instrumentation — this technology can sometimes put extra load on a network, whereas SNMP is a very lightweight system.
Monitoring data can be accessed from mobile devices, which helps you keep on top of situations when you are out of the office or on a site visit. Overall, the management console is beautiful. Topology visualizations are map-based for multi-site networks, and colorful graphs and dials make quick overview checks fruitful.
The Configuration Management module helps you keep track of software version statuses and enables you to patch and update remotely from one central location.
You can analyze traffic by application and get network load visualizations that show overloaded or underutilized infrastructure at a glance. These facilities extend into security management because you can get alerts on exception traffic levels from certain devices, specified applications, or both. This demonstrates where unusual activity occurs, and traffic analysis tools can help you packet sniff problems to identify irregular system usage.
The Trap processing element of OpManager can process 300 messages per second, giving collated feedback on arising equipment problems and failures. Logging functions include trap conditions. Other logs are an event log for security purposes and Syslog interpretation that highlights critical conditions in all system logs. The visibility of network performance is made easier by monitoring templates, which are pre-written reports that source live data from the entire monitoring system.
- Designed to work right away, features over 200 customizable widgets to build unique dashboards and reports
- Leverages autodiscover to find, inventory, and map new devices
- Uses intelligent alerting to reduce false positives and eliminate alert fatigue across larger networks
- Supports email, SMS, and webhook for numerous alerting channels
- Integrates well in the ManageEngine ecosystem with their other products
- OpManager is a feature-rich tool that will require a time investment to properly learn
OpManager comes in three different editions – Standard (10+ devices starting at $245), Professional (10+ devices starting at $345), and Enterprise (250+ devices starting at $11,545). The free edition can monitor up to 3 devices. You can download OpManager on a 30-day free trial.
The PRTG system from Paessler includes three different network monitoring methods and SNMP is one of them. The other two are packet sniffing and NetFlow. Each of these three technologies provides a specific level of network information. The role of SNMP in the PRTG system is to provide an overview of network performance. NetFlow and packet sniffing are both engaged when analysis of network traffic is required.
The interpretation of SNMP messages is complicated by the fact that there are several different versions of the standard. The network management software you choose might not be compatible with the SNMP versions that firmware of your equipment uses. The PRTG Network Monitor can interpret all versions of SNMP. Paessler has also compiled interpretations of the custom OIDs that many network equipment manufacturers add to the standard MIB list. PRTG Network Monitor software can be installed on Linux, Windows, and macOS.
PRTG Network Monitor categorizes facility statuses as “sensors.” So, there is a CPU Load Sensor, a Disk Free Sensor, and so on. In all, PRTG incorporates more than 200 sensors, giving you the ability to keep track of network performance over a wide range of factors.
The manager software of PRTG can discover all available SNMP devices connected to the network. However, you might need to access each device individually and manually set up SNMP, because many devices are shipped with their SNMP capabilities switched off. Equipment firmware that includes firewalls also has to be adjusted to allow SNMP messaging through.
- Drag and drop editor makes it easy to build custom views and reports
- Supports a wide range of alert mediums such as SMS, email, and third-party integrations into platforms like Slack
- Supports a generous freeware version of up to 100 sensors
- Extremely flexible, great for small and large networks alike
- Paessler PRTG is a very comprehensive platform with many features and moving parts that require time to learn
The management console includes an SNMP tester, which enables you to get more precise details remotely on a reported alert condition arriving via a trap message. The dashboard of PRTG includes graphical elements, such as dials and graphs that give instant recognition to overall network performance. It is also possible to drill down and examine the status reports of each device, which can also be displayed as real-time graphs. Download a 30-day free trial here.
Domotz is a cloud-based network monitoring platform. It is available in a multi-tenant architecture that is ideal for managed service providers. The tool is offered at a set price per network, regardless of how many endpoints it has. You can easily combine the monitoring of several sites to unify your corporate IT operations administration.
The Domotz system relies on SNMP and other network protocols for network performance monitoring. The system installs an agent on a host connected to the monitored network. This agent takes the SNMP Manager role, sending out requests for reports from device agents. The responses are uploaded to the Domotz server for processing.
SNMP data enables Domotz to compile an asset inventory and generate a map for the network. These are updated every time an SNMP response package comes in. The SNMP reports also provide details of activity on each device and include status reports on any component.
If a problem arises, the SNMP agent will send out a Trap message and the Domotz agent uploads this to the server, where it is interpreted into an alert. Alerts can also be created by the Domotz system from the interpretation of reports from several devices. The tool can also pick up environmental reports from sensors in the server room.
Status reports get shown in the Domotz console as summaries and as time-series graphs. While the live data reports show recent activity, those SNMP reports also get filed and become source data for analysis. That analytical system allows demand assessments over time, leading to capacity planning for the network.
Other network monitoring systems included with Domotz include wireless network monitoring and virtual network monitoring, both on-site and across the internet. The tool can also monitor office equipment, IoT systems, and smart devices. The system also performs security scanning, the results of which can be fed into a SIEM package.
There are many other features in the Domotz package, including remote access systems and Wake-on-LAN for running maintenance tasks on endpoints. The system can be used to implement patch installation and backup management.
- Technician accountability and tracking with individual user accounts
- Network monitoring for physical, virtual, and wireless systems
- Monitoring of endpoints, equipment, network devices, and IoT systems
- Network and endpoint management tools
- No bandwidth analysis tools
The standard Domotz package is called Pro and is priced at $21 per site per month. There is no limit on the number of devices or endpoints on the network and it is possible to create as many individual user accounts for technicians as you need. There is a higher plan available, called Enterprise, which is a customized service and is priced by negotiation. You can examine the Domotz system with a 14-day free trial.
Site24x7 is a cloud-based service, which probably points towards the common format of the future for infrastructure monitoring systems – the network monitoring software does not need to be resident on a server that is directly connected to that network.
The distance of the remote server that hosts the monitoring software from the network that is being monitored only requires an internet connection to ‘bridge’. Many business managers may be nervous about network information being let outside the building, particularly in these days of heightened cybersecurity attacks.
An essential element for any business service delivered remotely is connection security. Site24x7 addresses these concerns by encryption communication between their servers and the networks of their customers. Another potential security weakness lies in the communication between technicians at the client site and the console resident on the Site24x7 server. Those communications are also protected by encryption.
So, the remote nature of Site24x7 shouldn’t raise concerns. The network monitoring section of this service relies on SNMP to discover devices, generate a device inventory, and draw up a network topology map.
The monitor communicates with switches and routers through SNMP procedures. It also monitors network appliances, such as firewalls, wireless network access points, cloud resources, and internet connection for WANs.
Site24x7 also monitors server performance. While SNMP provides pre-installed agents on switches and routers, servers can only be fully monitored through the installation of a dedicated Site24x7 agent. The existence of SNMP agents in the firmware of network devices is a distinct advantage. Not all network managers like the idea of installing agents on-site for access by remote monitoring services, so Site24x7 gives customers the option of working on an agentless model. However, that strategy reduces the amount of information that the monitor can extract from the client’s servers.
- Flexible cloud-based monitoring option
- Supports SNMP monitoring alongside other forms of environment monitoring
- Offers a host of out-of-box monitoring options and dashboard templates for SQL server
- Allows administrators to view dependencies within the application stack, good for building SLAs and optimizing uptime
- Site24x7 is a feature-rich platform with options that extended beyond SNMP monitoring, may require time to learn all options and features
The Site24x7 service is charged for on a subscription basis, which is an attraction for startups and cash-strapped SMBs because they don’t have to pay the full cost of the monitoring software upfront. Even better, there is a free version of the service for very small networks with up to five servers or websites to monitor. The paid version of the service is marketed in four editions. You can gain access to a free trial that lasts for 30 days.
SNMP reporting capabilities are built into all network devices. The typical report only gets sent out when a request from an SNMP manager is received by the device agent. However, trap messages get sent out without a request. It doesn’t matter whether or not an SNMP manager is present, those trap messages will be circulating on the network anyway. In this respect, SNMP traps are a form of log message.
The SolarWinds Log Analyzer will collect SNMP trap messages. This is an easy task that just requires the Log Analyzer to listen on the network. The tool is able to process up to 500 live trap messages per second.
The tool displays trap messages in its console as each arrives. These messages get filed as any log message would be. While processing the trap, the Log Analyzer uses the alerting system of the SolarWinds Orion platform to send out notifications. The alerting system needs to be set up and it can send emails or SMS messages to any address or number entered into the profile interface.
Stored traps are available for analysis in the tool’s data viewer. Traps can be sorted and filtered to identify patterns of behavior.
- File monitoring HIPAA and PCI compliance
- Simple yet highly customizable dashboards and reports
- Easy to understand licensing
- Supports SNMP monitoring via SNMP traps
- A high-level tool that requires trained technicians to properly utilize
The Log Analyzer will also act as a log server for Syslog messages, Windows Events, and VMWare log messages. SolarWinds offers the tool on a 30-day free trial.
N-able Remote Monitoring and Management (RMM) is an infrastructure management system that is delivered from the cloud. This tool support IT departments in their task of managing several remote sites from one central location. The network monitoring part of this system management bundle is based on SNMP.
As with most SNMP-based monitoring systems, the N-able RMM takes the role of SNMP Manager. It broadcasts status requests at regular intervals and receives back the MIB responses from device agents. Those responses get quickly interpreted into live performance data shown on the screen.
A big advantage of the SNMP service is that the monitor doesn’t need to know anything about the network in order to get started. The responses to the first report request enable SolarWinds RMM to assemble a full network inventory. This list of devices is always checked whenever each successive status poll result comes in, so devices are added or removed from the list accordingly, creating a live update to the network inventory.
The status reports of the N-able RMM dashboard are enhanced by that other SNMP innovation, the trap message. When the remote monitoring and management software receives a trap message, it generates an alert, which is shown on the dashboard. This alert can also be sent out to key staff as an email or SMS message.
Alerts can be customized or downgraded through the settings of the RMM. For example, the network manager can set up a custom alert based on a combination of inputs. As well as alerts, the N-able RMM receives warning statuses, which are less severe. A combination of warnings can be specified as an alert condition.
Unlike many network monitoring tools, N-able RMM includes an automation manager. This is an easy-to-use drag-and-drop interface that enables network managers to set actions that can be triggered by alerts. The automation manager is also available to set up routine maintenance tasks on a schedule.
- Excellent monitoring dashboard, great for MSPs or any size NOC teams
- Scalable cloud-based deployment – no need for additional hardware
- Automatic asset discovery makes inventory management easy, even on busy networks
- Offers a wide variety of automated remote administration options make it a solid choice for helpdesk support
- The platform can take time to fully explore all of its features and configuration options
N-able RMM is a very cost-effect solution because it frees up IT professionals from mundane tasks and makes them available for more important work. The service costs nothing to implement because it is charged for by subscription and includes all supporting software and hardware. N-able RMM is available on a 30-day free trial.
SysAid produces a range of IT support utilities, and SysAid Monitoring is one of those. The SysAid Monitoring package is not a standalone product but is an optional extra for the Help Desk and IT service management software systems that the company produces.
The system relies on SNMP and its Trap alerts that enable the monitoring system to spot problems before network users call them into the Help Desk. Ongoing monitoring examines resource utilization to assist network administrators with capacity planning.
You can choose to get notified of alert events either by email or SMS, which means that you can keep on top of system issues around the clock, even when you are out of the office. Although the system comes with a set of commands and utilities that help automate network management, you can also create your own custom scripts to get the precise functionality that helps your job as a network manager run smoothly.
The main panel of the consoles shows a table of performance metrics for the whole network with each record featuring data from one asset. Performance monitor graphs are instantly available as overlays on the main screen on demand for each asset.
The notifications for each device don’t just log hardware statuses, but you can see instantly if the software is altered on each monitored network device. This is a great way to keep on top of security breaches, such as virus attacks or Advanced Persistent Threat disabling of network activity reporting. Those network activity reports can also alert you to intrusion by displaying abnormal traffic on specific network cards.
SysAid also produces a Help Desk module and the Monitoring system integrates seamlessly with that. This enables you to get a data flow through into opening up response tickets. It also keeps the support team informed with answers in response to user calls about any problems that arise.
- Offers SNMP monitoring through a simple plugin
- Flexible pricing options allow you to choose the features you pay for
- Good option for those looking for SNMP monitoring and patching solution
- Lacks enterprise features – better suited for small to medium size networks
The Kaseya Network Monitor is part of a more extensive network and system remote monitoring package, called Kaseya VSA.
The Network Monitor Module includes a visualization of the topology of your network displayed on a world map. This is very similar to the network visualization feature built into SolarWinds Network Performance Monitor. The dashboard of the network manager includes other visualizations including charts, performance graphs, and other graphical interfaces.
Performance data featured in the monitor includes CPU utilization and which nodes originate and receive the most network traffic. Storage space utilization is another focus topic. SNMP Trap alerts are integrated into the Kaseya Network Monitor system.
Network elements that the Network Monitor has specific functions for include mail servers. The Monitor keeps tabs on the availability of mail servers and keeps track of their capacity and performance.
The standard install includes pre-set reports and a list of routines and commands to help automate processes. However, the system also integrates a scripting language, called Lua, which enables you to create your own custom automation programs. Lua scripts are easy to put together because the Kaseya Network Monitor environment includes an Integrated Development Environment to help you assemble them.
The patch status of all network devices is instantly available in a specialized panel of the dashboard. Installer and update programs can be distributed and implemented on remote network nodes from one central console.
The broader VSA system has a comprehensive patch management module and also monitors the status of network devices for malware. You can integrate cloud storage into your network through Kaseya VSA and manage the network remotely, accessing each node for manual troubleshooting.
- Combines asset monitoring with built-in threat protection
- Integrates well into other Kaseya products – great for MSPs
- Leverages color to help highlight key metrics and alerts
- Would like to see a longer trial period
Atera is pitched at a reasonable price. However, Spiceworks goes one better: it’s free. The dashboard features real-time performance graphs for all the devices on the network, which makes the screen look a little crammed. However, if there’s something wrong on the network, you’ll spot it straight away.
Those SNMP Traps are displayed as device alerts in a headline strap in the dashboard and they certainly can’t be overlooked. You can specify those alerts to be sent to you via email as well.
The user selects the attributes of each device that make it onto the screen in the form of performance graphs. There are nine attribute slots in all that can show you real-time data on factors such as I/O rate, packet loss, and packet throughput.
Version control functions are available with Spiceworks. User event tracking will enable you to monitor for unusual activity on the network. These two elements are essential tasks for network managers now that vulnerabilities appear quickly, and updates to block those exploits are produced almost as fast.
The Spiceworks network has a learning center and community forums that can help you pick up tips on getting the most out of your network monitoring software.
- Completely free tool
- Web-based dashboard allows SNMP monitoring from anywhere in the world
- Integrates well into other Spiceworks tools like Spiceworks Inventory and Cloud Desk
- Lacks integrations into other solutions outside of the Spiceworks ecosystem
The network monitoring module of Pulseway’s IT management software is based on the SNMP system. The SNMP manager software can be loaded onto Windows, Linux, or macOS, which then communicates with the SNMP agents that are loaded into the firmware of your network-attached equipment.
A rules base in the manager can be set to categorize alert levels when SNMP Trap signals come in. The response to these alerts can be scripted to automate reporting and device resets. The central console can be accessed through mobile devices, which enables you to manage the network while away from your desk.
Service and system restarts can be commanded from the management console, and you can also get remote access to equipment through a terminal session. A scripting element enables you to automate processes such as scheduled monitoring, version upgrades, backups, and security sweeps. The management console can be accessed from any terminal on the network.
The Pulseway software integrates with software from other vendors, which includes the Slack messenger system, Kaspersky anti-malware, and SQL Server.
The access management system allows you to grant different levels of access to different user types. This enables you to grant read-only access to live reporting screens of the dashboard, enabling customers and upstream managers to check on progress towards goals.
The Pulseway software enables you to manage sites remotely, integrating networks from dispersed locations into one WAN that can be monitored and managed uniformly. A Remote Desktop feature even allows you to access individual devices attached to the wider network, no matter where they are in the world.
Version control and patch management is another module of the Pulseway system. This enables you to update operating systems and firmware automatically across the system. The system is also capable of monitoring mail servers, virtual machines, internet servers, and critical applications, including cloud services.
- Has a freeware version for small deployments and testing
- Supports multi-platform deployments like Linux, Windows, and Mac.
- Custom script library allows you to build and run fixes at will, or through a scheduler
- Offers numerous monitoring features – might be too much for those looking for a simple SNMP trap monitor
Like Paessler’s PRTG monitoring system, LogicMonitor blends data sourced from NetFlow with its SNMP services to give a complete representation of a network’s performance. While NetFlow shows traffic flows over links, SNMP monitors the status of the network equipment and devices connected to that network.
LogicMonitor leverages the Software-as-a-Service model. That means that the servers that collate information on your network are held offsite. You access information through a browser on your desktop, or through an app on your mobile device. An element of this service that is resident on your site, called the Collector. Think of this as a relay for the SNMP manager. So, rather than running the manager software on your network, the collector receives all data from device agents and forwards that on to the LogicMonitor server. The Collector’s communication with the LogicMonitor server over the internet is fully encrypted.
The cloud-based concept of LogicMonitor enables it to integrate data from multiple sites and also from other cloud services, such as cloud storage or managed application servers. Being a third-party, the LogicMonitor treats all resources equally, no matter where they are located or who owns and manages them.
The SNMP agents on your equipment regard the Collector as the SNMP manager. The functionality of the communication between the LogicMonitor server and its Collectors enables network discovery. Topology is charted on an attractive real-world map. Other graphics on the dashboard include real-time performance line graphs and the ability to view snapshots or aggregations of historical data. These reporting graphs include the ability to perform trend analysis and forecast capacity requirements for each node on the network, segments of the network, or the network as a whole.
- Offers a highly visual interface, great for NOCs and big screen monitoring
- Supports SNMP monitoring as well as physical and virtual servers
- Pricing is flexible and available in three versions
- Would like to see a longer 30-day trial
EventSentry monitors the utilization of resources — both hardware and software, like most network monitoring systems. However, this package has a security monitoring feature that enables the tracking of user activity as well. The system can be tuned to look out for multiple logins across servers, and activity across the network that might indicate an Advanced Persistent Threat or virus infection. Another warning sign is the number of failed authentication attempts, which may indicate a brute force password cracking attempt.
Given recent headlines regarding ransomware attacks, the system monitoring procedures of EventSentry to guard against this category of attacks is especially interesting. This network monitoring system has much greater stress on network security than on resource performance.
Internet monitoring checks on events for incoming connections and can trace a location of a suspicious source to integrate origin details into activity reports.
Getting back to hardware performance, SNMP is used to monitor the capacity of network equipment. The SNMP Traps are collected by the EventSentry network management system console. The performance of UPS units and Linux machines is particularly followed by EventSentry. The system routinely polls for conditions including CPU usage, memory availability, and storage capacity.
On the software front, EventSentry keeps track of the current versions of all applications and operating systems available on the system and logs the latest versions for each, giving update functions an alert.
The dashboard can be accessed via a browser, and there is also a version of the monitor’s reporting console that can be channeled to TVs around the office. The web interface of EventSentry can be displayed in nine different languages, including English, Spanish, German, and French. The interface has a note keeping facility to enable you to remark on events and highlight important information.
- Offers live and historical insights for devices via SNMP and other protocols
- Insights are made available through a simple web interface
- Features built-in compliance tracking – ideal for larger organizations
- Better suited for medium to large-size networks
SNMP Monitoring Tools FAQs
What is SNMP switch monitoring?
SNMP agent software is pre-loaded on all switches that are sold in the USA today. The agent checks many statuses on the switch and prepares a set of answers to send back when it receives a request from the SNMP manager. SNMP switch monitoring also allows for the agent to send an alert without waiting for a status request.
What can you monitor with SNMP?
SNMP will track the statuses of network devices and that includes both physical properties and operating performance. Those devices also include network servers. So, you can monitor both network traffic flows and the health of equipment with SNMP.
What is SNMP MIB?
SNMP MIB stands for Management Information Base. This is the format of communication between the SNMP manager and all of the SNMP device agents on the network. The MIB takes a tree format with nodes on that tree indicated by a numeric labeling system that indicates the position in the tree of each piece of information contained in the MIB. Not all fields need to have values for every information exchange.
Is SNMP UDP or TCP?
SNMP operates on UDP. It is assigned UDP port 161.
What is the difference between MIB and OID?
The MIB (Management Information Base) is the format of communication between the SNMP manager and all of the SNMP device agents. The OID is the numbering system that identifies each piece of information. The OID is both a code system that acts as a label for each field and it is structured to identify the field’s position in the hierarchy of data in the MIB.
What kind of protocol is SNMP?
The protocol is application–layer and is defined by the Internet Architecture Board (IAB) in RFC1157.
There is much to discover about network management. Here is a list of some great resources on the topic that are available on the web.
- Best free bandwidth monitoring software and tools to analyze network traffic usage
- The best free network vulnerability scanners and how to use them
- Packet sniffers and network analyzers
- RFC 1157 – A Simple Network Management Protocol (SNMP)
- RFC 1901 – Introduction to Community-based SNMPv2
- RFC 3410 – Introduction and Applicability Statements for Internet Standard Management Framework
- RFC 1213 – Management Information Base for Network Management of TCP/IP-based internets: MIB-II
- RFC 2570 – Introduction to Version 3 of the Internet-standard Network Management Framework
- RFC 2574 – User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)