How To Install, Configure and Use SNMP on Sever 2008
- select the contributor at the end of the page -
Prior editions of Windows XP and Windows Server 2003 included SNMP support, but only with IPv4, even if the IPv6 stack was installed. Unfortunately, that means that SNMP management from Server 2008 will not communicate with SNMP services still on Server 2003 regardless of whether IPv6 is implemented on those servers.
The good news, is that the updated TCP/IP stack in Windows Vista is capable of communicating with the new SNMP implementation.
Still, the new implementation of SNMP in Windows Server 2008 offers much for the enterprise level systems administrator. Although SNMP Services are no longer installed by default, installing and setting it up is a snap.
Why Use SNMP Services on Windows Server 2008?
Many organizations have installed proprietary management systems over the years. These systems often provide more functionality than SNMP does. However, SNMP is both non-proprietary, and interoperable.
These days, interoperable often means that something works on both Windows and Unix. However, in this case, interoperable means that it works on virtually any connected network device. This includes routers and other networking equipment as well as networked peripherals such as NAS devices and networked printers.
Couple this wide range with relatively simple setup and the fact that you don't have to pick and choose which devices to monitor to stay under a monitoring suite license count, and there are many uses for SNMP in most companies.
Installing SNMP on 2008 Server
The SNMP service is installed via the Add Features Wizard in Server Manager.
For Windows Server Core systems, SNMP services must be installed using the command prompt.
start /w ocsetup SNMP-SC
After installing the SNMP service, you configure the SNMP agent properties by right-clicking on the SNMP Service in the Services console and choosing Properties.
• Agent Tab
In the Agent tab you can set the usual SNMP attributes like contact, location, and so on.
• Traps Tab
The useful monitoring provided by SNMP comes from properly configured traps. Traps are configured via the appropriately named Traps tab. Here you configure the community name and address of the system to receive the traps.
• Security Tab
The Security tab is used to lock down the SNMP service to prevent any possible holes for hackers to exploit and to prevent the wrong people from receiving traps from the system. By default, the SNMP agent accepts packets from ALL hosts. This is something that will obviously need to be limited.
The remaining options should be configured within your enterprise's security and reporting scheme. Generally, the minimum security you want to use is to at least define the Accepted Community Names. Keep in mind that community names are case sensitive in SNMP.
• Option Tabs
Also, after installing SNMP in Server 2008, the SNMP option tabs will not show up until you have logged off and logged back on again. So, you won't be able to configure anything until after you log back in. This has caused a fair amount of confusion in the field.
If this is the server that will receive incoming traps, then your work is done at the server. Once the agents are configured, the data will flow back to the SNMP service where it can be used as necessary by administrators.
Configure SNMP Event Traps in Windows Server 2008
One nice feature of SNMP services is the ability to turn Windows level events into SNMP traps. This can be useful for many reasons, the most common of which, is the ability to monitor servers via a centralized monitoring station without any additional access rights.
This concept is particularly useful for environments where servers are monitored overnight or on weekends by lower-level system operators.
The system that already alerts them when devices (including Windows Servers in some cases) go dark on the network can also alert them to other events which may allow an administrator to head off trouble or to simply get advance notice of a potential situation.
To translate Windows events into traps, run the evntcmd command. Once configured, the Windows events will trigger traps that are received at the monitoring console.
There, the traps can be configured with an appropriate response. For example, certain traps could be ignored during business hours on the assumption other administrative tools will be alerting the appropriate admins. But, after hours, or on weekends, such traps might generate an alert that can prompt off-hours operators to take specific actions or to simply call or page the on-call systems administrator.
A timely alert to building volumes of bad sectors can be the difference between an easy fix, and a rushed full-scale hardware reconfiguration.
Is SNMP Right For Your Organization?
Remember that SNMP services are fairly low overhead with all of the real work being split among hundreds or thousands of agents. Additionally, SNMP agents can be configured for installation as part of the unattended install for incoming workstations. In all, SNMP can provide a lot of value for little extra work.