SNMPv1 vs. V2c vs. V3 – SNMP Versions Comparison

曾几何时，简单网络管理协议(SNMP)只有一个版本. It was used to monitor and manage all network 设备, and those 设备 used it to communicate with one another. 然而, over time, different SNMP versions have arisen.

Today, we have SNMPv1, SNMPv2, and SNMPv3. But, what’s the difference, and SNMP是如何工作的 within the different variations? Can these different versions coexist within the same network?

Important Components of Different SNMP Versions

Before we explore the different SNMP versions and what each offers, let’s touch quickly on the 设备 that use them.

什么是SNMP设备?

SNMP 设备 include anything connected to your organization’s network. That includes things like:

• 路由器
• 开关
• 防火墙

然而, 它还包括您可能不会自动认为是“设备”的其他组件。, 如:

• 闭路电视摄像头
• 负载平衡器
• 十大赌博正规老平台器

SNMP为什么重要?

SNMP为什么重要? 没有这个 type of network management protocol, no device on the network could communicate effectively with others. In essence, there would be no network. 毕竟, if your server cannot communicate with the router, or the firewall cannot communicate with other 设备, there’s no interconnectivity.

然而，每个SNMP版本都是不同的，并且会带来一些其他的东西. 有什么不同?? Continue reading below to find out.

What Are Community Strings?

社区字符串是ID或密码与GET请求的组合，用于从启用snmp的设备(路由器)访问数据, 开关, 防火墙, 等.). SNMP团体字在您的网络设备上是只读的(SNMPv1和SNMPv2c)或读写的(SNMPv3). 如果您计划使用读写，出于安全原因，您可能希望使用SNMPv3.

什么是acl?

访问控制列表(acl)是将权限分配给特定用户的规则集, 设备, 或者交通类型. acl还可以用于为您的SNMP配置添加额外的安全层 improve network performance by restricting traffic 只提供基本十大赌博正规老平台.

如果您是Cisco Meraki用户，请记住您必须将设备列入SNMP查询的白名单.

SNMP V1

We’ll start the discussion with SNMPv1, the initial version.

什么是SNMPv1?

As you might suspect, SNMPv1 is the original version and the oldest. 它也是最容易设置的，因为您所需要的只是一个明文社区. 然而, that ease of setup acts as a weakness today. With only a string of plaintext, even if limited to a range of authorized IP addresses, v1 doesn’t offer much in the way of security. This wasn’t originally a problem because threats had yet to evolve, 但在当今世界, 风险太大了.

SNMP Version 1 Vulnerabilities

Many SNMP version 1 vulnerabilities exist. 然而，其中一个关键问题是通过网络发送的消息是未加密的. 换句话说, 任何有数据包嗅探器的不良行为者都可以毫不费力地读取社区字符串. 一旦发生这种情况，攻击者就可以创建一个欺骗的IP地址并与网络进行交互.

SNMP V2c

接下来是SNMP v2c. What should you know about this version?

什么是SNMPv2c?

SNMP v2c is the second generation of this protocol. 但是，不要认为这意味着在功能或安全性方面的重大飞跃. In reality, v2c only added support for 64-bit systems. 这意味着它仍然存在影响v1的所有安全漏洞, including that messages are sent unencrypted across the network.

SNMPv2安全吗??

一句话，不. SNMPv2c is not particularly secure, although it was a slightly better iteration than the initial version.

SNMP V2漏洞

Because it is simply a revamped version of SNMPv1, 攻击者可以利用相同的弱点，通过欺骗的IP地址轻松访问整个网络. SNMP V2c设备可能从制造商发货时使用PUBLIC作为团体字符串名称，但这并没有帮助. 在您的网络上启用社区字符串之前，请确保在您的设备上定制了社区字符串.

SNMPv3

现在让我们讨论SNMP的最终版本SNMPv3，以及它如何解决安全漏洞.

网络可观测性是简单网络管理协议的一个关键成果——通过下载免费的GigaOm网络可观测性雷达，探索领先的网络可观测性工具!

什么是SNMPv3?

As the name suggests, SNMPv3 is the third (and final) version of SNMP. 它是专门为解决前两代中非常突出的安全漏洞而开发的. 它还向表中添加了三个新元素，包括SNMP View、SNMP Groups和SNMP Users.

Which Encryption Algorithms Can SNMPv3 Use?

SNMPv3可以使用几种不同的安全加密算法来帮助创建更安全的网络. These include SHA, MD5, and DES. 更重要的是, it can use them without requiring a massive amount of system resources, leaving additional resources for other network needs. 注意，安全性增强是开发SNMPv3的主要原因, so there are no additional major functionality enhancements.

SNMPv3如何工作?

SNMPv3 works very similarly to v1 and v2. Traffic flows across the network from a wide range of sources (设备). SNMP与整个网络以及组成该网络的所有设备进行通信. 在大多数设备中，它是预先配置的，尽管有些设备需要管理员启用它. Once enabled, all 设备 will begin storing performance statistics.

SNMP is based on the shared resource management model, in that every device contributes to managing the system’s resources. 协议数据单元(称为SNMP GET请求)被发送到不同的设备. 这些通信由网络监控工具跟踪，然后用于从SNMP获取数据.

SNMP V2 vs V3: Can They Coexist?

Can you use SNMP v2 and v3 on the same network? 虽然两者都基于相同的基本原则，但您不能(也不应该)这样做。. They’re best used in different applications. Because of its improved security, SNMPv3 is better suited for use on public and Internet-facing networks.

V2 is best used only on low-risk, internal networks. 和, 澄清一下, if you’re still running SNMPv1, it’s beyond time for you to upgrade to something sounder

在当今的IT环境中，对许多组织来说，威胁建模是一个重要的过程. When it comes to security requirements, security threats and vulnerabilities, 临界, 修复方法, there is no right solution for everyone. While SNMPv3 leverages 2-password encryption for increased security, it is not extremely common or easy-to-use. 您可以使用只读v2c和ACL来实现足够的安全性，而不必在v3上使用双密码加密.

Put Your Network Management on Cruise Control

From optimization woes to security issues, 管理网络可能涉及许多威胁和琐事，而您的团队可能没有能力处理这些威胁和琐事. Network management services 从值得信赖的合作伙伴那里获得的资源是一种很好的方式，可以让您的IT团队在保持可用性的同时，腾出时间进行更多的战略活动.

侨福网络管理™带来的工具和专业知识，以实现卓越的可见性, 在当今不断变化的IT环境中管理您的网络. 通过利用我们的企业运营中心(EOC)入职团队的产品经验和最佳绩效管理的最佳实践，我们允许您消除设置和实施程序.

立即十大赌博平台排行榜 设置关于我们的网络管理十大赌博正规老平台的呼叫，或探索我们的 portfolio of IT infrastructure managed services.