What is SNMP?

Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.

Diagram showing why SNMP is still important
Figure 1: How SNMP works

SNMP exposes management data in the form of variables on the managed systems organized in a management information base (MIB), which describe the system status and configuration. These variables can then be remotely queried (and, in some circumstances, manipulated) by managing applications.

Three significant versions of SNMP have been developed and deployed. V1 is the original version of the protocol. More recent versions, V2c and V3, feature improvements in performance, flexibility, and security.

Earlier, SNMP primarily focused on collecting data from network devices, such as routers, switches, and servers using a hierarchical structure of management information bases (MIBs). However, as networks grew larger and more complex, the limitations of SNMP became apparent. The introduction of SNMP v2 addressed some of these shortcomings by adding features like bulk data transfer and improved security mechanisms.

The most significant evolution came with SNMP v3. This introduced robust authentication and encryption mechanisms to address security concerns, apparent in earlier versions. SNMP v3 also enhanced the protocol’s scalability and flexibility, making it suitable for managing modern heterogeneous networks.

Moreover, the emergence of Internet of Things (IoT) and cloud computing further expanded SNMP’s domain, with implementations tailored for managing a diverse array of devices and services.

Overall, SNMP’s evolution reflects the changing demands of network management, from basic monitoring to comprehensive control and security. Thus, ensuring its relevance in an increasingly interconnected world.

How SNMP has changed over the years?

With the evolution from v1 to v3, there have been several changes:

  • Security has improved. SNMP v3 requires authentication and encryption for communicating between the management system and agents.
  • Newer versions support larger values. With SNMP v1, values were 32-bit counters. With SNMP v2 and v3, you can have 64-bit counters for values.
  • SNMP was implemented over UDP. Now TCP is also supported as a transport protocol.

When SNMP was first developed, it was also used to control the target devices/systems. Over the years, given the security challenges involved, SNMP has been more used for monitoring devices, rather than as a protocol for reconfiguring and changing the behavior of the target devices.

Is SNMP Still Relevant?

The first Request for Comments (RFCs) for SNMPv1 appeared in 1988. Over the last 30+ years, several new protocols have emerged for monitoring IT systems, applications, and devices.

  • If you are looking to monitor applications, each application may have its own monitoring interfaces. REST API, web services APIs, JMX, etc., are some of the common methods of monitoring applications. Very rarely do applications support SNMP.
  • Even cloud and virtualization technologies have very limited support for the Simple Network Management Protocol.
  • More sophisticated network devices, such as load balancers and firewalls support SNMP, but the metrics they expose through this protocol are limited, and very often, other interfaces, such as SSH, API calls, etc., have to be used to collect detailed metrics from these devices.

Furthermore, the rise of software-defined networking (SDN) and network function virtualization (NFV) has shifted the focus towards programmable and automated network management solutions. These technologies often rely on open APIs and software-defined interfaces for configuration and monitoring, reducing the reliance on SNMP for network management tasks. As a result, SNMP’s relevance has diminished in certain areas where newer, more agile approaches have taken precedence.

At the same time, SNMP remains relevant. It is the protocol to use if:

  • What is SNMP?You want to know how your switches and routers are performing in your network.
  • You want to check whether the temperature in your server room is normal.
  • You want to know whether your network printer has sufficient paper or ink.
  • You need to check whether your UPS has sufficient backup power.

A majority of network devices, hardware equipment, environmental devices, and such still support SNMP (and sometimes, nothing else). This is because SNMP can be supported with a very small resource footprint while other APIs and protocols require additional applications/libraries that make their implementation more difficult. Besides network equipment, SNMP is also supported by legacy operating systems, such as Open VMS and OS/400. Some storage and backup technologies also support SNMP. All of this means that any monitoring solution that seeks to provide end-to-end visibility into a network infrastructure has to support SNMP.

What Is SNMP Used For?

One of the biggest advantages of SNMP is that it is an open standard protocol. A number of standard MIBs have been defined that allow monitoring tools to obtain metrics of interest from any device, irrespective of model and vendor, that support the standard MIBs. For example, MIB-II is a standard MIB that allows network equipment to expose information about the number of network interfaces they support and the traffic in and out of each interface (besides a number of other statistics). A monitoring system can poll any device that supports MIB-II, auto discover the interfaces on the device, and monitor bandwidth usage on each interface.

Hierarchical tree structure of SNMP MIBs

Figure 2: Hierarchical tree structure of SNMP MIBs
There are a number of standard SNMP MIBs – for example, the Host Resources MIB for monitoring resource usage on any system and the Fiber Channel MIB to monitor any fiber channel network switch. Vendors provide enterprise specific MIBs that expose additional details about their devices. For example, to monitor the CPU usage of a Cisco router, a monitoring tool must support the Cisco proprietary CPU MIB. Likewise, Cisco routers support a NetFlow MIB. A monitoring tool that supports this MIB can get information about the top sources and destinations that are communicating through the router.

SNMP is mainly used for:

  • Auto-discovering network equipment – Vendor specific MIBs are used to identify the type of each device on the network. Network topologies and interconnections can also be monitored using SNMP.
  • Polling network equipment to collect different types of metrics – Changes to network device status, workload details, and performance metrics (queue lengths, packets dropped, buffer overflows, etc.) are detected by monitoring systems when they compare statistics reported to them by each network device over time.
  • Network devices also emit SNMP traps when abnormalities are detected – For example, when a printer is low on paper, it will send a trap to its monitoring tool, informing it that action has to be taken. Likewise, failure of a network interface may also cause a router to send a trap. By listening for and processing such traps, monitoring tools can detect failure conditions that administrators may need to be informed about.

How eG Enterprise Supports SNMP Monitoring

As you have seen above, monitoring tools must support SNMP if they are to provide end-to-end visibility. eG Enterprise is no exception to this:

  • Its network discovery relies on polling of network devices.
  • SNMP polling is also used for on-going monitoring. While many standard MIBs are supported, a wide variety of vendor proprietary MIBs are also supported to provide specialized monitoring for different devices. SNMP-based monitoring is agentless – that is, no additional agents need to be deployed or configured to collect performance metrics.
  • Any eG Enterprise agent can also be configured as a Trap receiver. Traps sent by network devices are processed immediately and alerted in the eG Enterprise console.
Loading and selecting SNMP MIB objects in eG Enterprise’s MIB browser
Figure 3: Loading and selecting MIB objects in eG Enterprise’s MIB browser

SNMP v1, v2, and v3 are supported. You can configure the version to use based on the target device(s).

At the same time, if you have proprietary devices that are not supported out of the box, you can use eG Enterprise’s SNMP capability to add new monitoring capabilities for these devices without having to write lines of code to do so. An MIB browser allows you to import new MIBs into the eG Enterprise system. You can choose SNMP objects that eG agents must poll from the browser. The values returned by these objects can also be manipulated by the agents (for example, seconds converted into milliseconds, differences between current and previous values computed) before they are reported as metrics on the eG Enterprise console. Traps to be captured by eG Enterprise can also be configured in the same way.

Questions that Network Monitoring with eG Enterprise Answers

The Challenge of Scalability

One of the bigger challenges with SNMP monitoring is scalability. Network devices can take time to respond to requests and if greater security levels are configured, this can greatly reduce the number of target devices that can be monitored.

Additionally, SNMP’s polling-based architecture can lead to scalability issues in large and dynamic network environments. As the number of managed devices increases, so does the volume of SNMP requests and responses, potentially overwhelming network resources and causing bottlenecks. Moreover, SNMP’s reliance on periodic polling to collect data may not be efficient for real-time monitoring requirements or highly dynamic network conditions.

  • For scalability, eG Enterprise uses multi-threading – so multiple different network devices can be polled simultaneously. Multi-threading also ensures that one slow target device does not slow down the data collection.
  • For further scalability, eG Enterprise uses a decentralized monitoring model. Multiple polling systems can be configured, and the target devices can be allocated to different polling systems.


Even after 30+ years, there is no other monitoring protocol standard like SNMP. Almost all network devices and data center equipment support this protocol. As it is a common standard, SNMP has to be supported by any monitoring system today.

At the same time, as other monitoring protocols are more common for monitoring applications, cloud, virtualization platforms, etc., monitoring tools cannot rely on SNMP alone.

eG Enterprise is an Observability solution for Modern IT. Monitor digital workspaces,
web applications, SaaS services, cloud and containers from a single pane of glass.