Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.
4.2.1. SNMP and Flow Data
SNMP (Simple Network Management Protocol):
| Component | Function |
|---|---|
| Agent | Software on monitored device that collects and exposes data |
| Manager/NMS | Central system that polls agents and receives traps |
| MIB | Management Information Base—database schema of manageable objects |
| OID | Object Identifier—specific item to query (CPU utilization, interface errors) |
| Trap | Unsolicited alert from agent to manager (link down, threshold exceeded) |
| Community string | Password (v1/v2c only) |
SNMP Versions:
- v1/v2c: Community strings in plaintext—insecure but widely deployed
- v3: Authentication (verifies identity) and encryption (protects data)—recommended
Flow Data (NetFlow, sFlow, IPFIX): Records metadata about network conversations—source/destination IP, ports, bytes transferred, duration. Useful for:
- Traffic analysis (what's consuming bandwidth)
- Security monitoring (unusual traffic patterns)
- Capacity planning (trending over time)
Written byAlvin Varughese
Founder•15 professional certifications