Section 10.2. Windows and MOM Implementation of SNMP

Previous page
Table of content
Next page

10.2. Windows and MOM Implementation of SNMP

By itself, MOM cannot receive or send SNMP. In fact, it can't speak SNMP at all; it relies on the SNMP Windows OS, the SNMP service, and SNMP Trap service for translation and sending or receiving SNMP data. The SNMP service communicates to MOM through WMI, which MOM monitors via the WMI SNMP provider. Figure 10-1 shows the flow and conversion of an SNMP trap from an SNMP device to a management server.

Figure 10-1. SNMP trap and data flow


In this flow, a preconfigured event occurs and the SNMP agent on the SNMP-enabled device generates a trap (point 1 in Figure 10-1). In this example, the device is a member of the SNMP community named Homelab. SNMP communities are insecure boundaries that are created for administrative purposes. The device is configured to send its traps to 10.0.0.64. SNMP trap communication uses UDP port 162, and all other SNMP management communication occurs over UDP port 161. Therefore, SNMP information is not secure by default and delivery is not guaranteed.

The trap is received (point 2 in Figure 10-1) by the management server, which is running the SNMP Trap service and the SNMP service. The SNMP Trap service allows the management server to receive and interpret SNMP traps. When the SNMP Windows component is installed on a server, the SNMP Trap service and SNMP service are both installed. The SNMP service is essentially an SNMP agent. It is used when the management server needs to generate and send a trap of its own (as in the SNMP alert response option). The SNMP Trap service uses whatever MIB the sending device formatted the trap in and sends the trap data into the WMI namespace via the WMI SNMP provider (point 3 in Figure 10-1).

Once the trap data is in the WMI namespace, it is in WMI format and is fully accessible to a MOM agent via WMI (point 4 in Figure 10-1). The management server agent applies a rule that uses the WMI Extended SNMP Trap Catcher provider. The agent can match the incoming data to the appropriate rule criteria and then generate an alert.

MOM alerts that are created from SNMP traps are not as rich as MOM alerts that are created natively from Windows, but there is a lot of useful information in them.

When generating SNMP traps from MOM to be sent to another SNMP management tool, the flow is almost the exact opposite of the one in Figure 10-1:

  1. A MOM rule is configured with a response to send an SNMP trap that uses the content of the alert as its source.

  2. MOM calls the SNMP service (through WMI) and passes the data to it.

  3. The SNMP service takes the alert data and translates it into SNMP format, using the MicrosoftOperationsManager.mib as a template.

  4. The SNMP service then sends the trap to whatever community and destination IP address have been configured.



Previous page
Table of content
Next page
Essential Microsoft Operations Manager
Essential Microsoft Operations Manager
ISBN: 0596009534
EAN: 2147483647
Year: N/A
Pages: 107
Authors: Chris Fox voc
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
Image Processing with LabVIEW and IMAQ Vision
A+ Fast Pass
MySQL Cookbook
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy