SimpleSnmpProxy™

Provides SNMP version translation in intranet and across firewalls

Download Demo » Datasheet » Contact Us »


Overview

Network Management Systems (NMS) using the Simple Network Management Protocol (SNMP) are widely deployed to manage today's corporate networks. As the three versions of SNMP (v1,v2c and v3) can all be found in these heterogeneous networks, sometimes there is a mismatch between the versions supported by the NMS and those supported by the device. In addition, firewalls which break up these networks into zones with varying levels of security are often set up to block UDP/SNMP traffic. This makes the resources in the cordoned off zones, invisible to the NMS.

SimpleSnmpProxy™ is an easy-to-deploy, software solution that provides version translation, event forwarding, and management visibility to firewalled resources. It provides protocol translation between the various versions of SNMP allowing an SNMPv1 NMS to manage a SNMPv2c or v3 device or SNMPv3 application to manage a SNMPv1 device. It also allows SNMP traps, informs, syslog, netflow and slow packets to be forwarded both in the intranet and from restricted zones to one or more specified managers/collectors. In addition, it securely provides management visibility to the resources within cordoned-off zones like the DMZ. Your existing NMS can now be leveraged to manage devices with unsupported SNMP versions and critical resources like eCommerce servers within the DMZ without compromising security.

SimpleSnmpProxy is made up of "iProxy" that runs on intranet side. It does the protocol translation and demultiplexing when communicating with intranet devices. For managing devices in the restricted zone, the "iProxy" communicates over an encrypted TCP connection with a "zProxy" that runs within the restricted zone. Only a single port/rule is required to be added to the firewall to enable UDP based management traffic like SNMP, NetFlow, sFlow and sysLog to be securely forwarded to the management and collector systems in the intranet. Support for IP Mapping, where virtual IPs are added to the iProxy, is also available.

If you need to not only translate but also configure users, passwords and privileges on SNMPv3 devices when using an existing SNMPv1/v2 NMS, please take a look at our SimpleSecureProxy product.

Scenarios

Some of the many scenarios where SimpleSnmpProxy can prove most useful:
  • You need to forward events like SNMP traps across firewalls.
  • You need to have packets like traps, syslog, netflow collected from muliple devices and forwarded to one or more managers.
  • You need to send SNMP requests across firewalls to manage a server in the DMZ.
  • You need to hide the real IPs on your network and yet provide third party NMS apps limited access to management data.
  • You need to have a SNMPv1/v2 NMS manage a SNMPv3 device.
  • You need to have a SNMPv3 inform forwarded to a SNMPv2 manager.
  • You need to have a SNMPv3 NMS supporting DES, manage a SNMPv3 device supporting AES.
  • You need to manage devices in different remote sites having the same IPs.

Benefits

  • Translation of all versions of SNMP(v1/v2c/v3) requests and traps/notifications.
  • Forwarding of traps, informs, sylog, netflow and sflow packets to one or more managers/collectors.
  • Leveraging your existing intranet NMS to securely manage critical resources int restricted zones.
  • Proactively monitor the status/events of DMZ resources without compromising security.
  • Just a single port/rule allowing encrypted TCP traffic, enables management of restricted zones like DMZ.
  • Same solution works for securely managing remote offices over restricted WAN links.

Features

  • iProxy can be co-located on the same machine as the NMS.
  • Redundant zProxies are also supported.
  • DES based encryption is included. Use of SSL with openSSH is also easily configurable.
  • Traps and Syslog events received from the restricted zone can be securely forwarded.
  • Netflow/sFlow packets received from the restricted zone can be securely forwarded to
    specified collectors.
  • Virtual IPs can be added to the iProxy to simplify NMS support for proxied resources and for hiding real IPs.
  • A local, easy to use, graphical utlity is included for configuration along with a command line utility.

System Requirements

SimpleSnmpProxy is available on:
  • Microsoft Windows 2000/XP/2003

Testimonials

Solutions

Device Simulators
    SimpleAgentPro
   SimpleAgent
   SimpleAgentEnterprise
Agent Testers
    SimpleTester
   SimpleTesterLite
   SimpleTesterPro
   SimpleTesterWG
   Test Suites
Vulnerability Probes
    SimpleSleuth
NTCIP
    SimpleTester
   SimpleMIBBrowser
   SimpleAgent
Development Tools
    SimpleMIBEditor
   SimpleMIBEditorPro
   SimpleSnmpTcl
Network Mgmt Tools
    SimpleSecureProxy    SimpleSnmpProxy    SimpleMIBBrowser

Which solution works for me?

Home | Solutions | Support | Downloads | News | Company | Languages | Privacy
©2010 SimpleSoft, Inc. All rights reserved.