Getting Started Guide: SNMP Polling
This guide will walk you through the process of configuring SNMP polling in NetFlow Optimizer. SNMP (Simple Network Management Protocol) complements NetFlow data by providing detailed device-level metrics, such as CPU utilization, memory usage, and interface status. This combined view of flow data and device health gives you a comprehensive understanding of your network's performance.
Why SNMP Polling?
NetFlow provides valuable insights into network traffic flow, showing who is talking to whom and how much data is being transferred. However, it doesn't always reveal why performance issues might be occurring. SNMP polling fills this gap by collecting vital device statistics. For example, high bandwidth usage on a link might be due to legitimate traffic, or it could be caused by a failing interface. SNMP data can help you quickly pinpoint the root cause.
Introduction to SNMP Monitoring in NFO
NFO leverages the Simple Network Management Protocol (SNMP) to collect vital performance data, network details, and alerts from your devices. As part of your current NFO license, you are entitled to SNMP Basic, which offers foundational monitoring to complement your NetFlow visibility.
For advanced security, automation, and large-scale management, we offer the SNMP Pro tier. Before proceeding with configuration, please review the capabilities included with your current license level below.
| Capability | SNMP Basic (Included with NetFlow License) | SNMP Pro (Paid Tier) |
|---|---|---|
| Protocol Support | SNMPv2c | SNMPv2c & SNMPv3 |
| Secure Polling/Traps | No (v2c is clear-text) | Full Encryption & Authentication |
| Device Configuration | Manual device entry only | Automated Discovery |
| Management | Individual device lists only | Device Grouping |
| Trap Management | Receive Traps (SNMPv2c) | Receive Traps (SNMPv2c & SNMPv3) |
If your environment requires secure SNMPv3 protocol support, automated device discovery, or centralized management via Device Groups, you will need to have the SNMP Pro license.
Planning: Automated Device Classification
In diverse networks, different vendors (Cisco, Palo Alto, Juniper) use different Object Identifiers (OIDs) for metrics like CPU and Memory. Traditionally, this required manual mapping.
NFO eliminates this complexity by using built-in Automatic Device Classification.
- Zero-Touch Grouping: When devices are discovered, NFO identifies the vendor and model, automatically assigning them to a Device Group (e.g., Cisco Router) and a Device Type (e.g., router).
- Smart OID Assignment: NFO automatically associates the correct vendor-specific OIDs with these groups. You only need to define custom OID sets if you have unique, non-standard monitoring requirements.
How Device Groups Work
- Discovery & Auto-Classification: As NFO scans your network (via Auto-discovery), it uses built-in rules to classify teh device.
- Automatic OID Mapping: Once classified, the device is automatically linked to the appropriate OID set for its vendor.
- Manual Overrides (Optional): If you need to move a device to a specific device group or assign a custom device type, you can still do so manually or by creating a custom Classification Rule.
How Automated Monitoring Works
NFO takes the manual labor out of SNMP setup by using an intelligent Auto-Discovery and Classification engine.
- Run Auto-Discovery: Simply define your network subnets. NFO scans your infrastructure and identifies every SNMP-enabled device.
- Automatic Classification: Using built-in classifcation rules, NFO automatically assigns each device to a Device Group (e.g., Cisco Router, FortiGate) and a Device Type (e.g., firewall).
- Instant Metric Collection: NFO automatically applies the correct Vendor-Specific OID Sets to your devices. You get CPU, Memory, and Interface metrics immediately without looking up a single OID.
- Optional Customization: While the defaults work for 95% of environments, you can still create Custom Classification Rules or Manual Groups if you need to organize devices by location or project.
Benefits of the Automated Approach
- Immediate ROI: Go from "Scanning" to "Dashboards" in minutes, not days.
- Vendor Accuracy: No more "na" or "MISSING" data caused by using the wrong OIDs on the wrong hardware.
- Scalability: As you add new routers or switches, NFO detects and configures them automatically without manual intervention.
Prerequisites
- A working installation of NetFlow Optimizer.
- Network connectivity between NetFlow Optimizer and the devices you want to monitor.
- SNMP credentials (community strings for SNMPv2c, user/authentication details for SNMPv3) for the devices. We strongly recommend using SNMPv3 for enhanced security.
Quick Start: Setting Up SNMP Polling
Setting up SNMP in NFO is designed to be a streamlined process. While deep configuration options are available in the NFO Administration Guide, you can get started by following these three primary steps:
Step 1: Configure Credentials
Provide NFO with the SNMPv2c community strings or SNMPv3 authentication details for your network.
- Where: SNMP Management > Credentials
Step 2: Launch Auto-Discovery
Define your network ranges and run a discovery scan. NFO will automatically:
- Identify SNMP-capable devices.
- Classify them by Vendor and Type (e.g., Cisco Router, Palo Alto Firewall).
- Assign them to the correct groups and apply built-in OID sets.
- Where: SNMP Management > Auto-discovery
Step 3: Enable Monitoring Modules
Activate the SNMP Custom OID Sets Monitor (Module 10103) to begin collecting standard health metrics like CPU, Memory, and Interface status using NFO's pre-configured, vendor-specific OIDs.
- Where: Modules > Utilities > SNMP Custom OID Sets Monitor