Snmp - VMware VCENTER APPLICATION DISCOVERY MANAGER 6.1.1 User Manual

Chapter 5 Discovery
A similar scenario might also occur with other types of servers, depending on how they are installed.
However, often this is not an issue: for example, in the default installation of the Apache web server under Red
Hat Linux, all configuration information is stored in a location that is readable by the general public (under
the /etc branch of the file system). In such cases, no group memberships are required for ADM to be able to
read this detailed configuration.

SNMP

The Simple Network Management Protocol (SNMP) is a popular and standard protocol for remotely
monitoring and managing various types of network nodes. Managed network nodes are often regular servers,
but other network devices such as network switches and network printers can also be managed using SNMP.
SNMP is based on the notion of agents running on the managed network nodes. An agent is a software
component, installed on the managed node that can answer remote queries about the state of the managed
node. The remote component that makes such queries is termed the SNMP manager. A typical SNMP
deployment includes many SNMP agents installed on the various managed nodes, and a single SNMP
manager that collects information from all of them.
The main differences among the three versions of SNMP (1, 2, and 3) are the security mechanisms. Versions 1
and 2 rely on a fairly primitive mechanism of community strings, each defining a different set of SNMP
operations that is performed. Version 3 introduces more advanced authentication and privacy mechanisms,
based on usernames and passwords. SNMP agents are built into most modern operating systems, but might
need to be turned on or configured to be able to provide relevant information. The information that is obtained
from the SNMP agent is defined in modules called Management Information Base (MIB). The core MIB, which
is available in most agents, is called MIB‐2, and it supplies system and hardware information.
Detail Discovery with SNMP
ADM can act as an SNMP manager and collect information from any host that has an SNMP agent running on
it. All versions of the SNMP protocol are fully supported. For versions 1 and 2, community strings are used.
For version 3, you can select the authentication and privacy modes in compliance with this newer standard.
SNMP Agent Deployment Recommendations
Firewall Settings
By default, SNMP queries are performed on UDP port 161 of the agent, although this can be changed if desired.
If there is a firewall between the ADM appliance and the monitored network, this port needs to be open for
connections that are initiated by the ADM appliance.
Linux and Net-SNMP
The SNMP agent that is built into Linux distributions is Net‐SNMP (http://net‐snmp.sourceforge.net). This
agent runs as a service called "snmpd" and is located in the services directory /etc/init.d/.
The default Net‐SNMP configuration allows the use of the public community string with SNMP version 2, to
query the SNMP agent for particular system configuration items. However, this default configuration only
allows access to a portion of the standard MIB‐2 information base. Specifically, it does not allow querying the
list of network interfaces, which is a very important piece of information.
To allow Net‐SNMP to also report this missing information, it is recommended that you modify the Net‐SNMP
configuration file in /etc/snmp/snmpd.conf. Add the following line to the section of the file that has lines
starting with "view":
view systemview included .1.3.6.1.2.1.2
Windows
Windows 2000 is usually installed with its own SNMP agent. If it is not, it is quickly installed by selecting:
Control Panel > Add/Remove Programs > Add/Remove Windows Components > Management and
Monitoring Tools > Details > Simple Network Management Protocol.
By default, this server supports the "public" community string for querying system information.
VMware, Inc. 39