This chapter provides an overview of tools that can be utilized to monitor and troubleshoot Cisco devices. SNMP is a major component of monitoring Cisco devices. SYSLOG is a facility that can be utilized to log messages for either real-time NETFLOW is a protocol that utilizes the environment coupled with tools to understand network traffic and how it is flowing.
For our SNMP Overview, we are going to cover many different componets that you will see on your Cisco CCNA exam. Such as what the Manager does, how SNMP works, the Agents role and what MIBs are. You need to be familiar with all of these terms for your CCNA test.
SNMP supports three differnet versions: 1, 2c and 3.
Both SNMPv1 and SNMPv2c use plaintext authentication whereas SNMPv3 implemented strong authentication.
SNMPv2c implemented a bulk retrieval mechanism which is also available in SNMPv3.
SNMPv2 is defined in RFC 1901 and some new features are the Get Bulk Request, Inform Request and data types with 64-bit values.
For the Cisco CCNA exam, it also covers SNMPv3 and some of it’s key upgrades such as support for Authentication and privacy, authorization and access control, usernames and key management and remotely configurable via SNMP operations.
Some basic SNMP recommendations are to configure ACKs for SNMP community strings, restrict SNMP traffic to addresses in an ACL and use SNMPv3 if possibel for the authentication and encryption features.
The access list implemented allows any host on the 10.1.1.0/24 network to poll for SNMP requests. The Read Only community string is set to “cisco” while the Read Write community string is set to “xyz123”. SNMP Traps will be sent to 10.1.1.50.
sw(config)# access-list 100 permit ip 10.1.1.0 0.0.0.255 any
sw(config)# snmp-server community cisco RO 100
sw(config)# snmp-server community xyz123 RW 100
sw(config)# snmp-server trap 10.1.1.50