Skip to main content

SNMP

SNMP (Simple Network Management Protocol) is a network protocol for monitoring and managing network elements. Using this protocol, a KentixONE Main or standalone device can query measured values, alarms or other variables from an SNMP-capable network device.
KentixONE is able to both send and receive data packets via SNMP. Additionally, SNMP offers the possibility to independently send messages when a certain event occurs.
Such an initiative notification is called a "trap".

SNMP Configuration

To enable SNMP on a Kentix device, the corresponding checkbox must be selected. Afterwards, a list in the form of a CSV file containing all measurement and configuration values provided by KentixONE can be downloaded. Each value has a unique identifier (OID) defined by the ASN.1 standard.
On the Kentix website in the software section, you can download a MIB file (Management Information Base) containing the OID tree structure of KentixONE. Each branch of the tree structure has a name and a number. When traversing the tree structure ("MIB-Walk"), the individual nodes become increasingly specific.

tip

A MIB browser like iReasoning can help with reading the OIDs.

When KentixOne receives a trap from an SNMP device, all monitored OIDs of this device can be automatically retrieved again. A separate query is initiated for each configured OID.

note

Receiving a trap triggers an immediate update of all OIDs from the trap-sending agent. This enables timely alerting through OID values. During normal operation, these values are updated by Kentix ONE at user-defined intervals of 1, 3, 10 or 20 minutes.

SNMP Access

For data exchange via SNMP to take place, access must first be configured. All previously created access entries are listed in the corresponding table. Clicking on the "+" tab creates a new access entry and a new configuration window appears.

General

To set up SNMP access, you must determine for which SNMP function ("Type") it should be used. For the SNMP types "Provide data" and "Trap", KentixONE acts as an agent and provides data. For the type "Receive data", KentixONE is an SNMP manager.
The access must be assigned a name and SNMP version. The access name appears in the table of all created access entries and when adding SNMP sensors in the Detail View, helping with their management.
The SNMP version must be configured identically for both the data-providing and data-retrieving parts to ensure trouble-free communication.
KentixONE supports SNMPv2 and SNMPv3, which mainly differ in the security of data packet transmission.
Newly created access entries are inactive by default and must be manually changed by clicking the corresponding checkbox.

When KentixONE acts as a manager, SNMP sensors can be added in the Detail View. The corresponding OID is assigned to the sensor there.

Traps

note

This menu item only appears when the SNMP type "Trap" is selected.

Traps can be sent for the following events:

  • Coldstart: An interruption of the power supply triggers a trap.
  • Warmstart: A device restart triggers a trap.
  • Alarm: A trap is triggered as soon as an alarm occurs.
  • Alarm status change: A trap is triggered as soon as the alarm status changes from alarm to no alarm or from no alarm to alarm. Changes from acknowledgeable to pending alarm also trigger a trap.
  • Access: A trap is triggered as soon as someone attempts to open a SmartAccess component.

For alarm and access traps, you can choose between two different display types. With a structured alarm or access trap, the alarm values are packed into individual OIDs in a data packet and sent. With a normal alarm trap, all alarm values are packed into a single OID, separated only by commas, and sent.

note

For the SNMP type Alarm status change, traps are always sent as structured traps.

Authentication

Authentication depends on the SNMP version being used.

In SNMPv2, communities are used for authentication between agent and manager. Communities are names that are transmitted together with the request via SNMP and represent a pre-agreed key (pre-shared key).

From SNMPv3 onwards, an authentication protocol and a privacy protocol can be selected. In addition to both protocols, a username must be assigned. SNMPv3 supports the following combinations:

  • No authentication and no privacy protocol
  • Authentication and no privacy protocol
  • Authentication and privacy protocol

HMAC-MD5 (hash-based message authentication code) and HMAC-SHA can be chosen as authentication protocols. When an authentication protocol is used, the authentication password is additionally required.

With the "Authentication and Privacy Protocol" combination, a privacy protocol must be selected in addition to the authentication protocol mentioned above.
The encryption algorithms DES (Data Encryption Standard), 3DES (Triple-DES), AES (Advanced Encryption Standard), and IDEA (International Data Encryption Algorithm) are supported.
For the Advanced Encryption Standard, the key length must also be specified (AES128, AES192, AES256).
When using AES, there is the option to use a 3DES-extended key.

In addition to the protocol, the privacy password must be specified.

Settings

When KentixONE wants to query data from an SNMP device, its IP address and port of the SNMP service are required.

Since with the SNMP type "Trap" a data packet is sent unsolicited to the manager, the host's IP address and port must also be specified here.

The heartbeat serves for cyclic function control of the SNMP device. The heartbeat interval specifies the length of the time interval between two heartbeat messages. To test the settings, a single heartbeat message can also be sent by clicking the "Send trap" button.