WEBVTT

00:00.270 --> 00:05.700
Understanding the simple network management protocol is absolutely critical for you to pass the security

00:05.700 --> 00:06.800
plus exam.

00:06.810 --> 00:11.880
However I've covered it so beautifully in the network plus I'm just going to go ahead and play my network

00:11.880 --> 00:14.790
plus video that I did on S&amp;P.

00:14.790 --> 00:15.640
Let's take a look.

00:15.660 --> 00:20.430
Now you may not believe this but I Mike Myers am a lazy person.

00:20.460 --> 00:22.380
No no it's true I am well.

00:22.440 --> 00:24.500
OK let me let me qualify that.

00:24.690 --> 00:31.740
The ultimate goal in my opinion of a good network administrator is their ability to sit in a chair the

00:31.740 --> 00:33.970
entire day and never get up.

00:34.050 --> 00:39.840
Now in order to do that especially when I have a more complicated network I'm going to have to be getting

00:39.840 --> 00:46.380
up a lot if I have to deal with switches or routers or printers or individual host systems.

00:46.380 --> 00:52.320
There are times when I'm going to have to get up so in order to alleviate this we use something called

00:52.440 --> 00:56.420
simple network management protocol or S&amp;P.

00:56.580 --> 01:05.310
S&amp;P is a tool which allows us to administer and manage network devices from hopefully a single source

01:05.310 --> 01:10.620
where we can do whatever we need to do now in order to see how this works.

01:10.710 --> 01:14.670
We're going to have to break down a bunch of terms that you're going to be seeing on the network plus.

01:14.700 --> 01:20.710
So the first thing we need to do is let us know who's who in the zoo as an MP if we're going to have

01:20.710 --> 01:24.510
it as an MP network while you're going to have to have devices to talk to.

01:24.510 --> 01:27.050
So let's start with this printer right here.

01:27.050 --> 01:32.290
Now this printer isn't just like some little home printer some big powerful laser printer.

01:32.290 --> 01:35.290
It probably serves 100 different people in an office.

01:35.290 --> 01:41.550
Now as an MP works great with SMP printers but we have to do stuff to it to make it as an MP capable.

01:41.550 --> 01:48.090
The first thing we need to do is we apply something called an agent now an agent is software built into

01:48.090 --> 01:53.100
the printer from the factory that gives it the ability to do SMP.

01:53.160 --> 01:57.150
When we talk to the printer via SMP we're really talking to the agent.

01:57.300 --> 02:03.200
So this is a device it's on the network now it's going to be on the network and it's a TCAP IP network.

02:03.330 --> 02:12.160
Well it's going to need certain ports so individual devices use UDP 1:06 one they listen on UDP 1:06

02:12.200 --> 02:17.610
one if they're unencrypted and if they're encrypted they use less and then it's going to be UDP port

02:17.820 --> 02:21.060
1 0 1 6 1 that's what they listen on.

02:21.060 --> 02:28.410
So now that I've got this device that is SMP capable we use the term managed device so this is a managed

02:28.410 --> 02:32.700
device and it's capable of communication via SMP.

02:32.710 --> 02:34.620
Now that's only half of the equation.

02:34.750 --> 02:39.550
The other half is that we've got to have some device that we can use to actually talk to these devices.

02:39.610 --> 02:41.940
So here I've just got a particular system.

02:41.980 --> 02:48.290
Now this system I'm going to task as the system upon which I will do all the talking to SMP devices.

02:48.370 --> 02:51.680
So we call that an S and P manager.

02:51.730 --> 02:53.560
Now that's just the system itself.

02:53.710 --> 02:59.050
More importantly is that it's running some kind of software some kind of utility some kind of application

02:59.350 --> 03:06.520
that is an SNP tool and this is the interface that I use to communicate with my manage devices and we

03:06.520 --> 03:12.000
call that a network management station or just an m s.

03:12.130 --> 03:18.380
And since he's also part of the TZP IP network Well he's going to be on UDP port 1 6 2.

03:18.520 --> 03:23.790
And if he's encrypted it will be again Teale s and it will be UDP port 1 0 1 6 2.

03:23.830 --> 03:25.540
Keep in mind these are listening ports.

03:25.540 --> 03:26.170
OK.

03:26.390 --> 03:31.780
Now these are the basic pieces that make up an S&amp;P network.

03:31.780 --> 03:36.940
Now let's talk about how we're going to communicate between in this particular example these two guys

03:36.940 --> 03:38.770
right here.

03:38.870 --> 03:44.130
So it's given arbitrary command So let's say via the end and as I talked to this manage device and I

03:44.130 --> 03:46.260
go Hey how many pages are printed.

03:46.260 --> 03:52.470
And since it's a printer the S&amp;P it will respond back by saying Well 15 pages are ok doesn't really

03:52.470 --> 03:56.070
say sir I just thought that was funny but it will respond.

03:56.070 --> 04:01.070
Now the important thing to remember is that S&amp;P is not just for printers.

04:01.200 --> 04:06.670
So for example if I'm trying to talk to a switch in this example and I ask him how many pages are printed.

04:06.780 --> 04:12.420
Well he's going to say it because you know he doesn't have any pages to print so it's very important

04:12.420 --> 04:20.250
that when we're talking about setting up SMP networks that we have some way to talk properly to different

04:20.250 --> 04:21.530
devices.

04:21.750 --> 04:27.510
The secret to this is built into every managed device is something called a management information base

04:28.080 --> 04:32.520
or MIB not Man in Black Management Information base.

04:32.520 --> 04:39.180
So again this was built in at the factory and it's really a database that we query to be able to talk

04:39.180 --> 04:43.370
to that particular device different devices have different MIB.

04:43.500 --> 04:49.440
So if you want your enemy to talk to one particular type of device Well if you have a fancy and it may

04:49.440 --> 04:50.910
have some basic commands built in.

04:50.920 --> 04:58.470
But we normally do that as part of setting up an end and this is we're going to download from somewhere

04:58.470 --> 04:59.520
on the Internet.

05:00.400 --> 05:06.180
A command set that allows us to query every particular device on our managed network.

05:06.370 --> 05:06.970
OK.

05:08.260 --> 05:10.640
That's how the communication takes place.

05:10.640 --> 05:13.360
Now let's talk about some of the communications we actually do.

05:13.360 --> 05:18.250
There's lots of these but the network plus really only covers three and they're the big ones anyway

05:18.250 --> 05:19.560
so that's good.

05:19.570 --> 05:28.240
The first one is called Get now get is the standard query use with s and MP a get consists of the EMIs

05:28.570 --> 05:36.640
sending a get to a message device and then that device in turn making some kind of response and then

05:36.640 --> 05:38.770
we can ask things like how many pages have been printed.

05:38.770 --> 05:43.070
And that would be a great example of a get and then a get response.

05:43.570 --> 05:45.980
That's not the only way to talk to a device.

05:46.210 --> 05:52.660
The other thing we can do is something called a trap now a trap is something that we actually set up

05:52.690 --> 05:54.670
on the devices itself.

05:54.670 --> 06:00.250
There are things that happen in a network I don't want to wait for a query with this printer starts

06:00.250 --> 06:01.140
to overheat.

06:01.180 --> 06:06.180
What if I have a switch that half of the ports are suddenly overloaded with the data.

06:06.280 --> 06:12.010
I want to be able to set up on my manage devices some way to go hey I got an issue and I want you to

06:12.010 --> 06:13.510
know about it right now.

06:13.540 --> 06:15.160
So that's what a tramp is all about.

06:15.160 --> 06:23.650
We set it up on the manage devices and then the trap is then sent whenever it hits a particular value

06:23.980 --> 06:25.330
to the name S itself.

06:25.420 --> 06:35.230
OK so we got get we got trap the last one it's called Walk walk is kind of like a batch process of gets.

06:35.290 --> 06:40.930
There are situations where you want to ask a lot of stuff from a managed advice and that's where we

06:40.930 --> 06:42.050
use the term walk.

06:42.070 --> 06:45.760
Now what by itself is kind of an uncommon term even though that's what we hear on the network.

06:45.760 --> 06:52.180
Plus the more common thing is what we call as an MP walk which is a actual Linux utility you can rent

06:52.180 --> 06:55.590
it from your command prompt and you can talk to your devices.

06:55.650 --> 07:03.610
So SMP walk is this big batch of good and it looks something like this so you can see this is just one

07:03.710 --> 07:09.610
SMP walk in and it's responding as though I had sent a whole bunch of gets in one big batch and there

07:09.610 --> 07:12.180
are situations where we would need that as well.

07:13.870 --> 07:20.210
OK now that we understand the basic pieces of SMP what I want to talk about now is versions.

07:20.300 --> 07:26.720
S&amp;P has been around for a really long time and there's three different versions of SMP with names like

07:26.720 --> 07:29.660
S&amp;P version 1 version 2 and version 3.

07:29.670 --> 07:32.180
Now you need to understand what the differences are.

07:32.180 --> 07:36.230
First of all version 1 was the first version out of the block and it works great.

07:36.260 --> 07:40.850
And I say works because there's still a lot of devices out there that use it as an MP had a fairly limited

07:40.850 --> 07:45.370
command set compared to later versions and it had absolutely no encryption at all.

07:45.380 --> 07:51.830
So as an MP version two came along fairly quickly afterwards discovered that encryption might be a good

07:51.830 --> 07:56.240
thing where people can plug into your network and turn off routers and things like that.

07:56.240 --> 07:58.400
They discovered encryption is a good idea.

07:58.460 --> 08:03.470
So SMP version 2 came along which slightly expanded the command set but more importantly it was the

08:03.470 --> 08:06.320
first time it had some encryption.

08:06.320 --> 08:13.100
It was good but the encryption was a little weak S&amp;P version 3 which is the ultimate version of SMP

08:13.280 --> 08:16.510
uses a very robust T.L. less form of encryption.

08:16.640 --> 08:21.830
And it could do really robust SMP that's the version you're going to be using.

08:22.010 --> 08:26.540
Now people worry about this a little bit and you really shouldn't because like what if my router is

08:26.540 --> 08:27.690
only using version 2.

08:27.710 --> 08:31.610
Well other than slightly weaker encryption you're OK.

08:31.700 --> 08:38.960
One end in this can talk version 1 to 1 managed of Isaac doc version 2 to another device version 3 to

08:38.960 --> 08:39.590
another.

08:39.590 --> 08:46.320
So it's common within an enterprise to have different versions of SMP and it's OK.

08:46.890 --> 08:47.460
All right.

08:47.600 --> 08:49.200
Well I think we've talked enough.

08:49.220 --> 08:51.170
Let's do some real SMP.

08:51.170 --> 08:58.090
So what I'd like to do right now is we're going to get into a Cisco switch which is SMP capable.

08:58.130 --> 09:05.000
We're gonna light up SMP on the switch and then we're going to actually set up an end in this Talk to

09:05.000 --> 09:06.860
the switch and get some output.

09:06.860 --> 09:11.120
So the first thing we're going to do is get started right here on my Cisco switch.

09:11.210 --> 09:17.690
You can see that I've already started up puttee and I've logged into my switch and I'm going to go ahead

09:17.720 --> 09:21.260
and start SMP on this particular switch.

09:21.260 --> 09:23.690
So I've gone ahead and enabled it.

09:23.700 --> 09:27.740
I'm in it config t ready to go so I have to type in this command

09:30.770 --> 09:35.660
so I type in as an empty server and then I type in the word community.

09:36.600 --> 09:38.320
See I spelled it right this time.

09:40.290 --> 09:43.920
And then I'm willing to give it the name of the community I'll explain what the community is.

09:43.920 --> 09:49.890
And just a second and then I'm going to type in our show and I'll explain what that is.

09:49.890 --> 09:55.380
When we hit communities I hit enter here and you can see that it's accepted the command we have now

09:55.470 --> 10:04.590
turned on as an MP on our manager device starting as an MP On-Demand device is fairly trivial you could

10:04.590 --> 10:10.560
say we ran one command and it's up and cooking but there were a couple of things in that command that

10:10.650 --> 10:11.780
we need to talk about.

10:11.880 --> 10:18.090
First of all is the word community a community is simply an organisation of managed devices so you can

10:18.090 --> 10:24.510
set up a community for all the first floor switches or you can set up a community for all of the devices

10:24.510 --> 10:25.820
that are in our network.

10:25.830 --> 10:31.830
A community is a tool that we use for organisations so you need to set up a community and say that that

10:31.830 --> 10:33.540
particular switch is a member of.

10:33.540 --> 10:35.420
In this case total home.

10:35.790 --> 10:38.920
Now the second thing you saw was our O or Read-Only.

10:39.180 --> 10:46.770
S&amp;P is not just for monitoring stuff it's also for queering stuff and making changes and the Read-Only

10:46.800 --> 10:50.480
versus read write is a setting that you put on the device to go.

10:50.520 --> 10:57.180
Listen I'm going to let you only be read only so nobody can make changes to you or I can set up for

10:57.180 --> 11:00.990
read right so that if we want to make changes from an and unless we can.

11:00.990 --> 11:05.970
Bottom line is you're going to have to not only turn on an MP you're going to have to define a community

11:06.390 --> 11:10.500
and you're going to have to define as read only or read right now.

11:10.500 --> 11:12.730
That was easy ready for the fun part.

11:12.750 --> 11:15.280
We're going to configure and M-S now.

11:15.300 --> 11:20.760
Now there's a Brazilian and then this is out there and I'm not going to try to claim one over another.

11:20.760 --> 11:24.630
The one I'm going to show you right here is kind of a fun one and it's a free one it's called cacti

11:25.020 --> 11:30.810
and it takes a little bit more screwdriver than certain iness but I like it and I'm comfortable with

11:30.810 --> 11:31.140
it.

11:31.170 --> 11:32.610
So and I've already got it installed.

11:32.610 --> 11:33.660
We just need to configure it.

11:33.720 --> 11:36.900
So let's take a look and see how cacti works.

11:36.900 --> 11:39.960
Welcome to my M-S.

11:39.980 --> 11:42.140
What do you look at it right here is just a virtual machine.

11:42.200 --> 11:45.050
I'm using Oracle virtual box because it's fun and free.

11:45.180 --> 11:49.950
And I'm running to buntu server and in here is my end of this.

11:49.950 --> 11:55.050
So what I want to do is I've got this guy up and running already took me awhile to get him configured.

11:55.140 --> 11:59.760
But the important thing I want you to catch right here is at the end and this is just running in a virtual

11:59.760 --> 12:05.270
machine it doesn't have to physically be on this particular computer.

12:05.280 --> 12:09.310
In fact it's very common it's just running on some virtual machine in the server room.

12:09.330 --> 12:11.510
What is kind of cool is how we access it.

12:11.670 --> 12:17.450
Like most of these all we do is we access it through a web page.

12:17.470 --> 12:23.680
So right here is the IP address for my Twichell machine and you can see that I'm in the cacti interface

12:23.680 --> 12:29.620
right now so when I want to do is I want to go connect to that switch that I set up a moment ago.

12:29.620 --> 12:35.710
So what I've done is I clicked on devices and I'm just going to hit add.

12:35.920 --> 12:38.090
Give it a description.

12:38.290 --> 12:46.290
My switch hostname or IP address I know the IP address and I can put in a template so a template is

12:46.350 --> 12:53.700
just give me some basic ideas how to talk to this guy so they have this generic SMP enabled host and

12:53.730 --> 12:55.420
couple more things I need to hit here.

12:55.590 --> 13:00.280
So the community I set my numbers.

13:00.630 --> 13:01.740
Total home.

13:02.010 --> 13:03.480
And I think we're pretty much ready to go.

13:03.480 --> 13:09.460
So let me go ahead and hit create and if I've done it right so save is successful.

13:09.460 --> 13:16.320
So what's happened now is the infamous now has a basic template and is aware and says yep there's a

13:16.320 --> 13:21.480
switch out there and I can talk to it now just because I'd made that connection what I need to now do

13:21.480 --> 13:27.600
is to create some kind of graphs I want to see what I can do with this guy now making a graph can take

13:27.600 --> 13:33.840
a little while so I'm going to kind of skip this part because luckily for you I've already made a bunch

13:33.840 --> 13:34.950
of these graphs.

13:34.950 --> 13:41.730
So as you look on the screen you can see that I've got things like for example on this one interface

13:41.730 --> 13:42.780
right here.

13:42.780 --> 13:49.140
This is Port 20 which is this is actually my way an interface so port 20 on this which plugs in to my

13:49.770 --> 13:55.860
firewall router and I can look at this and I can actually watch how heavy my traffic is.

13:55.860 --> 14:01.860
Over the course of this morning from around 9:00 a.m. till just a little bit after lunch.

14:01.860 --> 14:09.770
So this is one example of how we can set up and use an end in this.

14:09.970 --> 14:14.450
This is just a taste of the power that is SMP.

14:14.560 --> 14:16.640
Now I need to warn you about a couple of things.

14:16.720 --> 14:22.060
For example for me it's a lot of fun to be using cacti but it's only because I know it there's a lot

14:22.060 --> 14:27.280
of enemies out there for you to try and I invite you to play around a little bit with this.

14:27.280 --> 14:31.930
Secondly we've just done the lightest configuration with SMP.

14:31.930 --> 14:38.110
There are aspects of SMP that are really pretty complicated setting up encrypted as an MP for example

14:38.110 --> 14:39.740
can be a real challenge.

14:39.760 --> 14:43.370
The bottom line is we've certainly covered everything for the network plus.

14:43.570 --> 14:50.470
And then some SMP is a wonderful tool and the coolest part about SMP is that you'd be shocked at the

14:50.470 --> 14:55.550
number of switches and routers and devices and hosts that already support it.

14:55.570 --> 14:59.980
There's a pretty good probability that you can get out there play with S&amp;P a little bit because you've

14:59.980 --> 15:10.730
got all the stuff you need right now.