SNMP (Simple Network Management Protocol) and Netflow are both popular protocols with admins, prized for their ability to give visibility over the network and in some cases discern the cause of network performance issues, network bottlenecks, system resource allocation issues and more. On the Netflow side of things, third-party software vendors like ManageEngine can greatly enhance the usability and capability of the protocol, while SNMP network monitoring applications like PRTG, Solarwinds or alternatively open-source Observium, Nagios and LibreNMS take the lead in delivering a comprehensive in-depth network and system monitoring solution.
Unfortunately, however, the close relationship between the two protocols, especially when it comes to software offerings, has birthed some misconceptions. While it’s common to see SNMP and Netflow as more or less interchangeable, there are some significant and key differences between the two that make them suited for very different use cases.
Let’s take a quick look at what we’ve got covered in this article:
The Simple Network Management Protocol (SNMP) surfaced as early as 1988, with its roots in its predecessor, the Simple Gateway Monitoring Protocol, which was defined in 1987. SNMP was born out of pure necessity – before its existence, network admins didn’t have much visibility over their infrastructure at all. After the crash of the ARPAnet, on the 27th of October 1980, and as the number of complex components in networks began to snowball, it was clear a solution was needed.
However, though SNMP was initially built by a group on university researchers as a temporary solution, it quickly evolved, has remained very relevant even today. It’s not considered part of the application layer of the Internet Protocol Suite and OSI model and exists across three major versions (through SNMPv1 still tends to be the most commonly used).
Though SNMP’s name suggests management, it’s more commonly used for the monitoring of different types of network equipment, both on a network and hardware level. Typically, a monitoring server (e.g Nagios, Observium) known as a SNMP Manager monitors devices on the network, with each system holding a software snmp agent that reports information back to the manager:
Illustrating how SNMP works