Skip to main content

SNMP Scanning Reference

This guide provides a reference for the Simple Network Management Protocol (SNMP) scanner, which discovers and collects information from network devices like routers, switches, firewalls, and printers.

Overview

The SNMP scanner polls network devices that have SNMP enabled. It gathers data about the device's identity, configuration, network interfaces, and connectivity, which is then used to build a map of your network topology.

Network Requirements

  • Port: UDP 161 must be open from the NopeSight Scanner Agent to the target network device.
  • Protocol: Simple Network Management Protocol (SNMP)

Authentication and Privilege Requirements

The scanner requires credentials to access SNMP data on a device. The requirements vary based on the version of SNMP being used.

SNMPv1 and SNMPv2c

  • Required Credential: A read-only Community String.
  • Security Note: This method is less secure as the community string is transmitted in clear text.

SNMPv3

  • Required Credentials: A user account configured on the device with a specific security level.
  • Security Levels: Supports all security levels, including:
    • noAuthNoPriv (least secure)
    • authNoPriv (authentication)
    • authPriv (authentication and encryption)
  • Recommendation: SNMPv3 with the authPriv security level is highly recommended for secure communication.

Data Collected Summary

The SNMP scanner automatically classifies devices and collects the following information:

CategoryExamples
SystemDevice Name, Description, Vendor & Model (via System OID), Uptime, Physical Location
Device TypeThe scanner automatically classifies devices (e.g., Router, Switch, Firewall, Printer, UPS).
InterfacesInterface Name & Description, Type (e.g., Ethernet), Speed, Admin & Operational Status, MAC Address
IP ConfigurationIP addresses and subnet masks assigned to each interface.
Network Topology- ARP Table: Used to discover directly connected Layer 2 neighbors.
- Routing Table: Used to map Layer 3 network paths and gateways.
Vendor-SpecificThe scanner can collect additional details for specific vendors, such as:
- Cisco: CPU and memory utilization.
- HP/Aruba: Power over Ethernet (PoE) status.
- Printers: Toner/ink levels and page counts.