As a network admin, one of your important tasks is to stay on top of the availability and performance of different devices within your network, so you can plan and make the necessary changes or fixes to ensure the smooth functioning of your network as a whole.
SNMP is a protocol that greatly eases this job for you. It sends messages to different SNMP-enabled devices within the network and gathers the necessary information to give you deeper insights into the workings of any device.
These messages are called SNMP Get-Requests.
Now there are specific rules for sending these GET-messages and one such rule is the presence of an SNMP Read-only community string.
What is an SNMP Community String?
An SNMP Community String is similar to a user ID or password that is sent along with each SNMP Get-Request to get access to the devices’ information.
If the community string is correct, you’re given access to the devices’ statistics and if the string is wrong, the devices simply ignore the request and do not respond to it.
Network vendors today ship their devices with a default value of “public” for their SNMP Community String and network administrators should change this value to prevent intruders from hacking into the network.
Types of SNMP Community String
Broadly speaking, there are three types of community strings and they are:
Read-only Community string
This string validates a request and fetches only the “read-only” information from devices. Tools like Intermapper use this type of string to provide its map view.
Read-write Community string
You can read and write using this string. Besides reading information from devices, you can use this string to modify values and settings on the device. This is a powerful and yet a vulnerable option that should be used with caution.
SNMP Trap Community string
This string accompanies unsolicited messages sent from a device to indicate any abnormal conditions or problems in the device.
Now that you know what is an SNMP community string and its importance to your network, let’s quickly see how you can configure it.
How to Configure an SNMP Community String?
Here is a step-by-step guide on how you can configure an SNMP community string in Windows.
- Log into your server with your admin credentials.
- Navigate to Windows Key -> Administrative Tools -> Server Manager
- Select Manage -> Add Roles and Features and click on it.
- Keep navigating through multiple screens by clicking “Next”. Finally, verify if the SNMP Services are installed in your system. If it is, click on the “Cancel” button to exit the screen. If your SNMP is not installed, contact your computer’s support team right away.
- After you exit, start again. Navigate to Windows Key -> Administrative Tools -> Services
- Right-click on SNMP Service and click on Properties
- Navigate to the Security tab and click on the community string you see on your device.
- Set the community name and community rights. Ideally, keep it Read-only as it is the safest option. Choose Read-write option only when you want to modify any values in the device.
- Give a random character string and make sure you remember it. Note it down if you have to, though it is not the most ideal security choice. This connection string should be about 8 to 10 characters long.
- Click the Add button.
And that’s it! You’re good to go now.
If you have an older operating system, the steps are slightly different. Let’s also see how to configure this SNMP Community String in Windows 2003.
- Log into your server with admin credentials.
- Click on Start ->Control Panel ->Administrative Tools ->Computer Management
- Expand Services and Applications and navigate to Services
- Double click on SNMP Service
- Click the Security tab and enter the string name. Make sure to keep it Read-Only.
- Finally, click on Add
If you notice, it is fairly simple to set up an SNMP Community String in any device to give you the power to monitor the availability and performance of your devices at any time.
