SNMPv1 - This protocol emerged in the year 1990, defined in RFC 1157, shows a way to manage and monitor compute networks to identify and solve problems. It is implementing in the application layer.


SNMPv2  - This protocol emerged in 1992, was implemented to improve security and performance. This protocol works under the concept of objects.


SNMPv3  -  This protocol handles security of access to the devices through authentication and encryption of data passing through the network.



The messages in the first version of the protocol include a string called a community name that is used as a simple mechanism for controlling access to information. Agents that implement this version of the protocol usually have two communities. Those that came by default in the protocol were "public", whose objects were only accessible for reading and "private", whose objects could be read or written.

It is true that the names of the communities could be changed, but all the security provided by the system is based on the fact that it is necessary to know the name assigned to a community to gain access to the information provided by its variables. The level of protection offered by the original version of the protocol is therefore very weak. In any network with SNMP an attack "Man in the middle" would find out the name of the community because all the messages circulated completely in clear.



The SNMPv2 framework, whose definition also does not contain any security standards, is associated with other administrative models under the concept of objects, objects that are grouped in MIBs. And three new versions of the protocol appear: SNMPv2c, SNMPv2 *, SNMPv2u.

The SNMPv2c (Community-based SNMPv2) version, the only improvement introduced is a greater flexibility of access control mechanisms, since it allows the definition of access policies consisting of associating a community name with a formed community profile By a MIB view and access rights to that view (read-only or read-write). The so-called view appear, which can be accessed by a specific community.

The SNMPv2 * version is the first to make changes in its administrative model to introduce the concepts of integrity and privacy as well as to improve the control of access to information. It provides adequate levels of security, but it did not reach the required level of standardization, and the protocol virtually did not see the light.

The SNMPv2u (User-based SNMPv2) version introduces the notion of user. This version has been used more, but this concept practically advanced a remodeling of the protocol, which finally gave rise to version 3.




The main novelty introduced in version 3 of the SNMP protocol is modularity. In this version an SNMP entity is considered composed by an engine and some applications. In turn the engine is divided into four modules: dispatcher, message processing subsystem, security subsystem and access control subsystem. It is observed, therefore, that in the version SNMPv3 the mechanisms used for the security (authentication and privacy) become independent. That is, a user-oriented view system is created instead of the VACM (View-based Access Control Model) community and is provided to the privacy protocol (DES / AES encryption of communications).