Simple Network Management Protocol (SNMP) allows management data to be collected remotely from devices and allows devices to be configured remotely. SNMP is popular, and its popularity has grown rapidly because of its simplicity. It has only four operations: two to retrieve data, one to set data, and one for a device to send an asynchronous notification. Version 3 of SNMP, the focus of this book, addresses a major weakness of earlier versions of SNMP--the lack of strong security. SNMPv3 is a framework for extending SNMP to address security and administration. In the past, users have coped with the lack of security in SNMP by using firewalls and proprietary access control methods. Version 3 addresses this issue by offering both strong authentication and data encryption for privacy.

This book is divided into three parts. The first describes older versions of SNMP, the second focuses on version 3, and the third looks at several practical network management issues.

Versions 1 and 2 of SNMP relied on get, get-next, set, and trap as major functions. In order to alleviate potentially catastrophic events, INFORMs were introduced in version 2. However, they do not completely solve the problem, and sometimes increase the price to be paid in terms of load on the network and resources consumed by the device. For example, if traps are being lost due to congestion, resending them only adds to the congestion problem.

The addition of sophisticated features such as authentication, encryption, and access control adds some complexity. However, authentication is important because it ensures that parties can communicate with each other and messages will be received in a timely fashion, not be saved and then replayed to cause damage later.

This book prepares the user for SNMP version 3 by making it understandable at the conceptual and practical level, using both examples and explanations using pseudocode (for the more sophisticated user). It shows how to configure SNMP version 3 for generating notifications, proxy forwarding, authentication, security, and access control. Another goal of the book is to make RMON2 understandable, so the user knows about both the network layer traffic and the application layer traffic that goes across the network. A chapter is devoted to notification and proxy forwarding.

SNMP consists of an SNMP engine and an SNMP application. The engine is made up of a dispatcher, a message processing subsystem, a security subsystem, and an access control subsystem. The user-based security model asks the following questions: Has the message been altered? Is the message coming from a valid user? Has the message been maliciously delayed? Is the message being replayed? Can sensitive information be protected against eavesdroppers? and Is the user allowed to access the management information base (MIB) objects specified in the message? The MIB determines which management information should be included in or excluded from the view. Zeltserman favors Cisco private MIBs and devotes a whole chapter to them. He justifies their use by the fact that the majority of networks in the industry have Cisco devices within their backbones; that Cisco has done a good job of standardizing its private MIBs over a wide range of devices; and that these private MIBs are available through their Web site. Authentication assures that the message was sent by the right person and received by the right person and was not altered by a malicious party.

The key to managing any network is understanding it. Knowing which ports are underused or heavily used can help administrators balance the traffic. Understanding which ports are experiencing congestion or high error rates can be critical. The author hopes that using and understanding SNMP version 3 will allow users to avoid someday buying books on version 4.

Although the typographical errors in the early chapters are rather bothersome, the book is a good choice, since the author makes an effort to be as user-friendly as possible. In particular, he uses enlightening notes and asides and provides example configurations and pseudocode.