The SNMP is a widely deployed protocol that is commonly used to monitor and manage network devices. Presently, SNMP is one of the most ubiquitous services running on Internet-based hosts extensively. However, hundreds or even thousands of different devices that rely on SNMP have been found to be vulnerable to security compromises. One version of the SNMP namely SNMPv2c, has advantages over the simple SNMP.
The SNMPv2c version has enjoyed success as a management solution, but it has multiple shortcomings, the most notable of which is that it lacks strong security. Some of the security threats are:                Masquerading        Modification of Information.        Message Stream Modification.        
The only security features generally used in SNMPv2c are the community strings which are sent without any encryption which could be extracted easily by intruders by sniffing the packets. It is noted that SNMPv3 offers a certain degree of privacy. SNMPv3, in order to provide enhanced privacy and security features adopts a User-Based Security Model (USM) for authentication and privacy. Two different keys are used one for privacy called encryption key or privKey and one for Authentication called authKey, but all the privacy and enhanced security is achieved at the cost of network overhead. In particular, eventhough SNMPv3 offers security it however introduces tremendous overhead into the network.
The other security alternative currently used for SNMP is IPSec. As known, IPSec is a connection oriented service. Establishing such connection oriented services for occasional UDP (User Datagram Protocol) based SNMP queries is not cost effective at times.