MG-SOFT SNMP Master Agent
Supporting SNMPv1, SNMPv2c and SNMPv3 protocols
MG-SOFT SNMP Master Agent is a secure and transparent replacement for the SNMP service running on Microsoft Windows operating systems.
The major advantage of MG-SOFT SNMP Master Agent over Microsoft SNMP service is that along the SNMPv1 and SNMPv2c protocols implemented in Microsoft SNMP service, it also implements the secure SNMPv3 protocol, offering strong authentication and SNMP packets content encryption, compliant with the current SNMP protocol standard published by IETF.
MG-SOFT SNMP Master Agent implements SNMP extension API interface compatible with Microsoft SNMP extension API, which means that all SNMP sub-agents designed and implemented to run under Microsoft SNMP service will continue to run also under MG-SOFT SNMP Master Agent, the same sub-agent binaries, without a need to modify or recompile them.
The addition of the secure SNMPv3 protocol to all MS Windows operating systems (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2012, Windows 8, Windows 10) will significantly enhance their overall security, especially system's remote SNMP management and monitoring security.
|Secure replacement for the SNMP service on Windows|
|If you configure MG-SOFT's SNMP Master Agent to respond only to the SNMPv3 protocol queries, ignoring SNMPv1 and SNMPv2c queries, you significantly improve the security of the server or workstation running the SNMP agent.|
Replacing Microsoft's SNMP service with MG-SOFT SNMP Master agent introduces the following major advantages:
The main advantage of MG-SOFT's SNMP Master Agent over Microsoft's SNMP
service is significantly improved overall security of the server or
workstation running the SNMP Master Agent.
Microsoft's SNMP service supports only insecure SNMPv1 and SNMPv2c protocols, while MG-SOFT's SNMP Master Agent, in addition to SNMPv1 and SNMPv2c protocols, also supports the secure SNMPv3 protocol.
Another important advantage is the ease of the software deployment.
The software installer replaces the existing SNMP service with MG-SOFT's SNMP Master Agent, while all SNMP subagents (SNMP Agent Extensions) remain in place and continue to operate under MG-SOFT's SNMP Master Agent just as they were operating under Microsoft's SNMP service. The added value is support for the secure SNMPv3 protocol on the network side.
Microsoft's SNMP service and MG-SOFT SNMP Master Agent both, to tell it in
the most simplified manner, act as an "interface" between network on
one side and SNMP sub-agents on the other side. The main difference betwen
Microsft's SNMP service and MG-SOFT's SNMP Master agent is that Microsoft
SNMP service, on the network side supports only SNMPv1 and SNMPv2c protocols
while MG-SOFT SNMP Master Agent in addition to SNMPv1 and SNMv2c protocols
also supports the secure SNMPv3 protocol.
When using the OS-supplied insecure SNMPv1 or SNMPv2c protocols for managing your workstations and servers, malicious visitors can, without taking much effort, remotely reconfigure such computer, which could be quite harmful.
SNMPv3 protocol introduced significant security enhancements over previous SNMP protocol versions. It uses strong authentication methods (MD5 or SHA1 hashing algorithms) and the payload of the SNMP packets can be encrypted (DES or AES128 privacy algorithms). Protocol supports any combination of these authentication and privacy (encryption) algorithms. In other words, the SNMPv3 protocol implements authentication and network packet encryption that prevents unauthorized access described in the previous paragraph.
You can configure MG-SOFT's SNMP Master Agent to respond only to the SNMPv3 protocol queries, ignoring SNMPv1 and SNMPv2c queries. In such way you significantly improve the security of the server or workstation running MG-SOFT's SNMP agent. Strong authentication will prevent unauthorized read and write access to the SNMP agent and encrypted SNMP Packets on the network will hide the contents from malicious visitors who may, by a chance, sniff such packets on the network.
MG-SOFT SNMP Master Agent Configurator
In the SNMP Master Agent Configurator you can enter or change the SNMP Master
Agent SNMPv3 security access parameters, so that only remote SNMP managers knowing
these parameters will succeed in contacting and managing the SNMP Master Agent
running on that particular workstation or server.
MG-SOFT SNMP Master Agent is a secure and transparent replacement for Microsoft's SNMP service. Transparent means that no changes whatsoever are required in the existing subagents and in the master agent configuration. To deploy the MG-SOFT SNMP Master Agent, you only need to shutdown Microsoft's SNMP Master Agent (service) and start MG-SOFT's SNMP Master Agent. While starting, MG-SOFT SNMP Master Agent reads Microsoft agent's configuration parameters from the system registry and loads all listed subagent DLL modules.
At any time you can then reconfigure SNMP security access parameters in MG-SOFT's
SNMP Master Agent by using the supplied agent configuration tool.
MG-SOFT SNMP Master Agent architecture
For the purpose of this clarification, let's say that SNMP Master Agent is an application that has two interfaces, a network interface and a SNMP agent extension API interface.
The network interface is where the master agent 'speaks' SNMP protocol
on the network level in order to 'talk' to SNMP managers.
The added value here is that MG-SOFT SNMP Master Agent supports all SNMP protocol versions, including the secure SNMPv3 protocol, while Microsoft's SNMP service supports only insecure SNMPv1 and SNMPv2c protocols.
On the network interface MG-SOFT SNMP Master Agent unpacks and decodes SNMP packets sent in SNMPv1, SNMPv2c or SNMPv3 protocol, extract meaningful information from the packets and pass it to relevant subagent dll modules for processing through the SNMP Agent Extension API (for example, to get a value of certain OID that is implemented in that particular subagent dll module). Once the subagent returns the requested value through the Extension API, SNMP master agent creates a PDU in the same SNMP version as it was in the incoming packet and sends to the originating SNMP management system.
The SNMP Extension-Agent API functions define the interface between the SNMP
service and SNMP extension-agent DLL modules. Applications use the API
functions to resolve the variable bindings that are specified by incoming
The SNMP Agent Extension API is used for connecting subagents (blue boxes on the agent architecture figure) to the SNMP Master agent in order to exchange (receive or set) the relevant data with the managed workstation or server.
Subagents are implemented as dll modules, and are completely un-related to the SNMP version "spoken" by the master agent and they don't require any modifications when the SNMP protocol version in the master agent is changed. This means that there is no need for any modification in the existing extension DLL modules, i.e., the same binaries that are used with Microsoft's service will run also with MG-SOFT's agent.
For the purpose of SNMPv3 interoperability and conformance testing with your SNMPv3 management software, MG-SOFT provides a copy of the SNMPv3 Master Agent running on the Internet.
The SNMP Master Agent is configured for responding to various authentication and privacy configurations. Please find full details on how to access the SNMP Master Agent on the MG-SOFT SNMPv3 Implementation page.
This copy of the MG-SOFT SNMP Master Agent runs on Windows XP computer and is using the standard Microsoft's inetmib1.dll extension dll, as Microsoft supplied it with the OS.