SNMP. A Pillar In IT: What You Must Know About Its Versions and FCAPS

As a professional member of your IT teams, it is your job to manage your company's information technology. You ensure availability, you keep network performance at an acceptable level, you identify and solve problems quickly, you take care of security. This means that you prevent loss of revenue - or ultimately, even loss of lives, depending on who you work for. Customers and patients as well as your company and its staff rely on your work every single day.

Curious about SNMP? The following lines give you a solid introduction to the SNMP protocol - from a bird's-eye view.

FCAPS

In the late 80s, some ISO (International Organization of Standardization) fellows figured out 5 important functions that proper network management generally should include.

• Fault Management
• Configuration Management
• Accounting Management
• Performance Management
• Security Management

This ensemble of network management functions is also called the FCAPS model. It was (re)defined by the ISO in ISO/IEC 7498-4: 1989, and ITU-T Recommendation M.3400, 02/2000 . 

Now, what does SNMP have to do with these ISO management functions? Before we answer that question, let's take a little journey back to where it all began. The origins of SNMP date back to the late 80s as well - a time when network administrators lacked suitable tools that were not dependent on hardware manufacturers. In these times, two important protocols emerged: the CMISE/CMIP (Common Management Information Services Element/Common Management Information Protocol) and SNMP, which has its roots in the SGMP (Simple Gateway Monitoring Protocol), also known as RFC 1028.

SNMP Versions

It didn't take very long to develop SNMPv1, based on SGMP. Defined in 1988, it was broadly accepted and is still in use nearly 40 years later - which is practically an eternity in IT. SNMP version 1 provides the basic functionality for data polling, is relatively easy to use, and doesn't create much overhead because it doesn't include any encryption algorithms. That said, it transmits data as plain text, which is why you should only use it in LANs for security reasons. Its biggest limitation, however, is its 32-bit counters architecture, which simply isn't enough for today's GB/s-scale network environments. Worth noting: the IETF has since moved SNMPv1 to "Historic" status - meaning it's no longer recommended for internet management.

SNMPv2 - or more precisely, SNMP v2c, where the "c" stands for "community" - added support for 64-bit counters and introduced operations like GETBULK and GETNEXT, which made data retrieval from network devices significantly more efficient. It also brought enhancements in error handling. However, it still sends critical data as plain text and relies on community strings for authentication, which offers very little in terms of enhanced security. Two other variants exist - SNMP v2p and SNMP v2u - but they are only implemented in rare cases. Like SNMPv1, SNMPv2c has also been classified as "Historic" by the IETF.

Defined in 2002, SNMPv3 is where things get serious from a security perspective. It includes all the advantages of SNMP v2c and adds a proper user-based security model (USM), authentication methods, and optional encryption via AES or DES. The view-based access control mechanism (VACM) and access control lists (ACLs) give you granular control over who can access what - effectively preventing unauthorized access to your management system. This makes SNMPv3 the only version the IETF now officially recommends for internet management. Yes, configuration is more complex - especially user management - and you'll need more CPU resources, particularly when using short monitoring intervals that generate large volumes of SNMP messages. But for most modern network environments, there's really no excuse not to use it.

It's up to you to decide which version fits your setup. Not all network devices support all versions of SNMP - compatibility can still be a real-world constraint. If they do support it, go with SNMPv3. Just keep in mind that you might need a workaround if SNMP puts too much load on your network.

SNMP: An Allround Talent

Once you get SNMP working, you can monitor nearly everything. Not just the CPU load of a server, the fan status of a disk array, or the traffic on routers, switches, and hubs - but also your air conditioning, the humidity in the server room, and yes, even the level of coffee beans in the office coffee machine. SNMP not only delivers data upon request via SNMP agents but also proactively through SNMP traps and notifications when something unusual happens. Imagine a ventilation unit cooling your most critical server racks suddenly sending a trap about a failing fan - that's the kind of early warning that saves hardware and headaches.

As said before, you can monitor nearly everything, as long as it "speaks" SNMP.

And to answer the question "What's SNMP?" in one sentence: SNMP is a protocol for management information transfer in networks, particularly suited for use in LANs.

Manage FCAPS with SNMP

Now, does SNMP cover all the necessary functions to properly manage your network? Remember, according to the FCAPS model, you need to manage faults, configuration, accounting, performance, and security. Let's take a look.

Looks good, doesn't it? But how exactly do these FCAPS functions work with SNMP in practice? Here are a few concrete examples.

🧩 Fault Management. FSNMP traps report errors without being prompted - like in the ventilation unit example above. Beyond reactive alerting, SNMP monitoring and data storage also enable proactive troubleshooting. If your traffic trend has been consistently high over the past year, your monitoring data tells you to look into better bandwidth options before your users start complaining. SNMP SET requests even let you restart or deactivate a given interface read/write - though always double-check before you send a SET request. With the right monitoring tools in place, fault management becomes seriously powerful.

🧩 Configuration Management. SNMP GET requests let you register all connected devices in your network and pull important inventory data - installed programs, system info, service tags. With SNMP SET requests, you can carry out configuration tasks like changing server names, giving you a level of automation that keeps larger environments manageable.

🧩 Accounting Management. All measurements made with SNMP provide a solid data basis for billing. If you're an MSP, being able to base invoices on real data - like actual bandwidth or server usage per client - is a genuine advantage.

🧩 Performance Management. Countless manufacturers use SNMP to expose important metrics about their devices via OID (Object Identifier) mappings in the MIB (Management Information Base). CPU usage, disk space, availability thresholds - SNMP pulls it all together. By analyzing trends in your monitoring data, you can manage network capacity proactively before things go sideways.

🧩 Security Management. This is where SNMP can only partially deliver. Read-only GET requests allow you to check, for example, user logins to your company VPN - which helps detect potential security risks. However, SNMP traps may indicate firewall attacks, and managing access control in large environments can get complex. For broader security management, syslog tends to be the more common complement.

Wrapping It Up

Setting up SNMP can, honestly, be a bit nerve-wracking at times - anyone who's debugged a misconfigured SNMP manager or wrestled with community strings at 11pm knows what we mean. But once it's running, it's reliable, widespread, and supported by virtually every hardware manufacturer on the market. That combination of compatibility and ubiquity is exactly what makes it a universal and powerful network monitoring protocol. As long as alternatives like streaming telemetry haven't fully taken over, SNMP isn't going anywhere.

PRTG supports SNMPv1, SNMP v2c, and SNMPv3 - including full support for the user-based security model, AES encryption, and real-time alerting via SNMP traps. See what your network has been hiding.

👉 Download your free PRTG trial

New Horizons

Stay tuned on our SNMP blog series if at least one of the following questions has already crossed your mind:

• How do I enable SNMP on Windows, Linux, or MacOS?
• What exactly are OIDs and MIB and why should every admin have heard of them?
• SNMP doesn't work, can somebody out there help me!?
• How do I become an SNMP information structure pro?