Overview
Network Management Systems (NMS) using the Simple Network Management Protocol (SNMP) are widely deployed to manage today’s corporate networks. As the three versions of SNMP (v1,v2c and v3) can all be found in these heterogeneous networks, sometimes there is a mismatch between the versions supported by the NMS and those supported by the device. In addition, firewalls which break up these networks into zones with varying levels of security are often set up to block UDP/SNMP traffic. This makes the resources in the cordoned off zones, invisible to the NMS.
SimpleSnmpProxy™ is an easy-to-deploy, software solution that provides version translation, event forwarding, and management visibility to firewalled resources. It provides protocol translation between the various versions of SNMP allowing an SNMPv1 NMS to manage a SNMPv2c or v3 device or SNMPv3 application to manage a SNMPv1 device. It also allows SNMP traps, informs, syslog, netflow and slow packets to be forwarded both in the intranet and from restricted zones to one or more specified managers/collectors. In addition, it securely provides management visibility to the resources within cordoned-off zones like the DMZ. Your existing NMS can now be leveraged to manage devices with unsupported SNMP versions and critical resources like eCommerce servers within the DMZ without compromising security.
SimpleSnmpProxy is made up of “iProxy” that runs on intranet side. It does the protocol translation and demultiplexing when communicating with intranet devices. For managing devices in the restricted zone, the “iProxy” communicates over an encrypted TCP connection with a “zProxy” that runs within the restricted zone. Only a single port/rule is required to be added to the firewall to enable UDP based management traffic like SNMP, NetFlow, sFlow and sysLog to be securely forwarded to the management and collector systems in the intranet. Support for IP Mapping, where virtual IPs are added to the iProxy, is also available.
Scenarios
Some of the many scenarios where SimpleSnmpProxy can prove most useful:
- You need to forward events like SNMP traps across firewalls.
- You need to have packets like traps, syslog, netflow collected from muliple devices and forwarded to one or more managers.
- You need to send SNMP requests across firewalls to manage a server in the DMZ.
- You need to hide the real IPs on your network and yet provide third party NMS apps limited access to management data.
- You need to have a SNMPv1/v2 NMS manage a SNMPv3 device.
- You need to have a SNMPv3 inform forwarded to a SNMPv2 manager.
- You need to have a SNMPv3 NMS supporting DES, manage a SNMPv3 device supporting AES.
- You need to manage devices in different remote sites having the same IPs.
Benefits
- Translation of all versions of SNMP(v1/v2c/v3) requests and traps/notifications.
- Forwarding of traps, informs, sylog, netflow and sflow packets to one or more managers/collectors.
- Leveraging your existing intranet NMS to securely manage critical resources int restricted zones.
- Proactively monitor the status/events of DMZ resources without compromising security.
- Just a single port/rule allowing encrypted TCP traffic, enables management of restricted zones like DMZ.
- Same solution works for securely managing remote offices over restricted WAN links.
Features
- iProxy can be co-located on the same machine as the NMS.
- Redundant zProxies are also supported.
- DES based encryption is included. Use of SSL with openSSH is also easily configurable.
- Traps and Syslog events received from the restricted zone can be securely forwarded.
- Netflow/sFlow packets received from the restricted zone can be securely forwarded to specified collectors.
- can be securely forwarded to specified collectors. Virtual IPs can be added to the iProxy to simplify NMS support for proxied resources and for hiding real IPs.
- A local, easy to use, graphical utlity is included for configuration along with a command line utility.
System Requirements
SimpleSnmpProxy is available on
- Microsoft Windows 7/8/2008/2012
Introduction to SNMP
This short tutorial will quickly introduce you to the various concepts in Simple Network Management Protocol (SNMP). and help you make informed decisions regarding your upcoming SNMP project.
SimpleSoft - an Industry Leader
Resources
- Video
- Product Updates
- Blogs
- White Paper