11.5 Graphical SNMP Tools

 < Day Day Up > 



Being a very simple application, SNMP does not have all the features of a full-blown NMS. Among the many capabilities SNMP does not have are automatic discovery and topology mapping. The automatic discovery capability finds and identifies all devices or nodes connected to the network. Based on the discovered information, the NMS automatically populates a topology map. Nodes that cannot be discovered automatically can be represented by manually adding custom or standard icons to the appropriate map views, or by using the NMS’ SNMP-based APIs for building map applications without having to manually modify the configuration to accommodate non-SNMP devices.

A network map is useful for ascertaining the relationships of various equipment and connections, for keeping accurate inventory of network components, and for isolating problems on the network. The network map is updated automatically when any device is added or removed from the network. Device status is displayed via color changes to the map. Any changes to the network map are carried through to the relevant lower layer maps.

Some vendors have developed graphical wrappers for SNMP, which makes SNMP easier to use than its traditional text-based CLI. They have also appended additional functionality such as automatic discovery and topology mapping, giving SNMP-based products the look and feel of a high-end NMS.

Many wireless devices, including both access points and bridges, support SNMP. There is a set of common management tasks that can be done with SNMP, but vendors often include proprietary management features in their products that can be handled via SNMP as well. This enables SNMP to perform some management tasks that cannot be done using the vendor’s GUI. For example, it might be possible to disable service set identifier (SSID) broadcasts from an access point using SNMP but not with the vendor’s GUI configuration tool. The purpose of these broadcasts is to let wireless clients know that they are in range of an access point. The reason for disabling the broadcasts is to hide the access point from hackers, who can use the access point as a point of entry to the enterprise network.

But care must be taken when using SNMP-supported products because they often ship with a default password. When changing other default settings, administrators should not overlook changing the default SNMP password (often called the “community”) as well. As an extra security precaution, administrators should consider disabling SNMP until it is actually needed. If a hacker ever succeeds in exploiting the security vulnerabilities of SNMP, he or she could tie up network resources at will. This aspect of SNMP is discussed in Chapter 13, Section 13.11.



 < Day Day Up > 



LANs to WANs(c) The Complete Management Guide
LANs to WANs: The Complete Management Guide
ISBN: 1580535720
EAN: 2147483647
Year: 2003
Pages: 184

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net