The Simple Network Management Protocol (SNMP) originated as a means for managing TCP/IP (Transmission Control Protocol/Internet Protocol) and Ethernet networks. Today, SNMP is a generally accepted standard for monitoring and control of heterogeneous networks. Using SNMP, network administrators can address queries and commands to network nodes and devices. SNMP monitors network performance and status; controls operational parameters; and reports, analyzes and isolates faults. The protocol accomplishes these functions by transporting management information between “managers” and “agents.”
An agent is a component housed within a managed network device such as a router, gateway, or server. Each agent stores management data and responds to the manager's requests for this data, and may send a “trap,” a special unsolicited SNMP message, to the manager after sensing a prespecified condition. A manager is a component housed within a network management station. The manager queries and controls agents using various SNMP commands, which are transported as Protocol Data Units (PDUs). Five SNMP commands are defined in SNMP version 1: GetRequest, GetNextRequest, SetRequest, GetResponse and Trap. Agents inspect and retrieve the management data after receiving either a GetRequest or a GetNextRequest PDU from a manager. Managers use GetRequest for retrieving single values of the managed objects. The GetNextRequest is issued by the manager to begin a primitive block transfer and the agent returns the selected data with a GetResponse PDU. Managers use SetRequest commands for instructing agents to alter variables.
SNMP utilizes a virtual information store (e.g., an object database) that is referred to as Management Information Base (MIB). The MIB store is accessible to agents and manipulated via SNMP for network management. A MIB data structure defines a device's observable (e.g., discoverable or collectible) variables and controllable parameters. A router MIB, for example, may contain fields for CPU utilization, up/down status for each interface, error rates on interfaces, congestion metrics (e.g., buffer levels, latency or packet discard rates) and the like.
The manager is charged with, among other things, monitoring network performance and status, controlling operational parameters, and reporting, analyzing and isolating faults in its managed domain. A good example of an SNMP network management station (and hence a manager) is Hewlett-Packard's Network Node Manager (NNM) product.
Another protocol for network performance monitoring and troubleshooting is ICMP (Internet Control Message Protocol). The ICMP protocol supports ping or echo messages, which are round-trip messages to a particular addressed network device and then back to the originator. By issuing a ping to a network device, a manager can determine whether the network device is online or offline (i.e., up or down) on the basis of whether the ping message is returned to the manager. Because the ICMP protocol or other ping messages are universally supported, the manager can in this way determine the most important piece of status information (i.e., up/down status) for network devices that do not support the SNMP protocol.
A manager can be directed to collect specific network data via SNMP or ICMP. In other words, a manager can be directed to issue certain GetRequest or GetNextRequest commands to a particular agent. Typically, these directions are contained in a data collection configuration file, which specifies the nodes and MIB variables to request as well as when to make the request.
Data collection configuration files can be prepared manually, but manual preparation is disadvantageous in several respects. Manual configuration is time consuming and error prone. The disadvantages are compound when the data collector is a network provider, who provides networks and/or network services to its customers, such as a on-line service provider (OSP), Internet service provider (ISP) or company's own IT (information technology) group (whose “customers” are other groups of the same company). Any time a new customer is added, a customer removed, service expanded, or performance metric changed, a new or different data collection configuration is likely needed. It is unlikely that a network administrator would always remember to perform the configuration change—much less always perform the change correctly.
Automatic data collection configuration is better. A version of Hewlett-Packard's NNM provided automatic SNMP data collector configuration. Though providing some improvement over purely manual configuration, the automatic configuration feature of this product was suboptimal. In particular, automatic configuration was limited to a fixed set of SNMP metrics and did not support a customer model or unique or flexible sets of SNMP variables. In addition, its support of device type filtering was very limited. That is, one could not conveniently configure data collection from all of particular type of device (e.g., all servers or all routers). Furthermore, one could not conveniently configure data collection based on a customer-to-node mapping.