The Internet Engineering Task Force has now approved Version 2 of the Simple Network Management Protocol. The new network management protocol will now become a Request for Comment. SNMP v2 extends the existing protocol, adding new Management Information Bases, Protocol Data Units and Object Types, to make SNMP-based management more efficient and easier to use. Security issues and authentication have taken longest to finalise. Effectively SNMP2 changes Object Identifiers, OIDs, replacing community strings with parties, Access Control Lists and the Modified Management Information Base viewing mechanism. This means that an SNMP entity can grant limited access to another SNMP entity, and two SNMP entities can exchange private information as well as authenticated data. The MD5 algorithm will handle authentication and the Data Encryption Standard is likely to be used to implement security. This structure will make it possible for an SNMP agent to grant one SNMP manager read-only access to that agent’s objects, while granting read-write access to another. There are doubts, however, as to whether users will choose to implement encryption, believing that authentication measures are adequate. In addition, sending encrypted data over international boundaries represents a thorny issue: it is still illegal in some countries. The communication strings now declare that other devices are accessible from the manager, although the number of parties on the network is limited for reasons of network efficiency. (Every party on the network has to have its own space, which can quickly use up available network memory). Many elements of SNMP2 have already been finalised. The most important of these are the new Protocol Data Units. A new GetBulk PDU facilitates the retrieval of large amounts of data, such as tables, by making it possible to bundle a series of GetNext requests into a single request-response operation, improving performance. An InformRequest Protocol Data Unit and a new trap Protocol Data Unit have also been added.

Cause of many problems

Other changes are the refinement of the set operation, the cause of many problems experienced with SNMPv1, and the incorporation of many of the unwritten rules of SNMP. A variety of practices are universally accepted but have never been documented. The new Management Information Bases are designed to support manager-to-manager communication. The Management Information Base semantics have been clarified so that MIB I and MIB II extensions, which typically reside at different locations in the MIB tree, can be given private parameters and object associations, allowing them to be recognised by a single Management Information Base browser. Managers can also be configured to view parts of an MIB. The ease of use of SNMP2 is likely to speed up its rate of adoption by communities other than the local area network world. SNMP is extending out of its traditional local area network environment into the wide area and telecommunications strongholds. Recently carriers such as MCI Communications Corp have announced that they are to adopt SNMP for management and agents. Meantime source code producer, Epilogue Technology Corp, which has its UK base in Marlborough, Wiltshire has announced plans to upgrade its entire line of SNMP products and services to support SNMP2. It says it expects its OEM customers to implement the new standard in their products by the end of the year. Although SNMP2 will offer no real backward compatibility with version 1, Epilogue recognises that SNMP users will need to have both versions resident on their systems, and it will therefore incorporate elements of both versions in its next release.