Managed Device and an Agent. How Can

¶ … managed device and an agent. How can this concept apply to securing a computing environment? Simple Network Management Protocol, otherwise known as 'SNMP' is a form of network protocol that was developed to manage the servers, workstations, routers, switches and hubs known as nodes on an IP network. Managed devices are kinds of network nodes contain an SNMP agent and that resides on a managed network. A managed device collects and stores management information. An agent is a network management software module that resides within a managed device.

An agent has local knowledge of management information and translates that information into a form compatible with SNMP. Applications within this system can "monitor and control managed devices." (SNMP: Simple Network Management Protocol, Network Dictionary, 2003) In other words, the agent and management system can be used as screening devices by adding additional protocols that the user must know. For instance, the most current version of SNMP Version introduced a User-based Security Model (USM) for message security, through the use of more extensive password protection and deployment.

It also introduced what is known as a View-based Access Control Model (VACM) for access control, thus supporting the concurrent use of different security, access control, and message processing models. In contrast to the two earlier versions, the third version "also introduces the ability to dynamically configure the SNMP agent using SNMP SET commands against the MIB objects that represent the agent's configuration. This dynamic configuration support enables addition, deletion, and modification of configuration entries either locally or remotely.

(SNMP: Simple Network Management Protocol, Network Dictionary, 2003) How can remote monitoring used in conjunction with other security mechanisms to provide a well secure network environment? Remote Monitoring ensures that a network operator can monitor or alarm application configurations for large network enterprises, as opposed to more contained network installations and services. The idea of remote monitoring suggests that a network administrator can start or stop services or devices, add new services or devices, manage the run level and adjust the security permissions, auditing and owner, from a remote terminal.

This enables, for instance, if a network operator becomes aware of a potential virus spreading through a system, that from a remote location, the system can be shut down before the infiltration becomes problematic. With the ability to lock, shutdown, reboot as well as to create additional security processes from the location of remote computers, remote monitoring ensures that security and containment, even from a remote location, is possible, thus allowing for larger and more fully integrated systems, when combined with the remote monitoring of the administrator.

Remote monitoring does not mean, of course, that a system can eschew more traditional security devices such as virus protection systems, firewalls, and network passwords. However, it is a valuable, additional protection in spread-out systems to ensure that large.