SNMP vs. CMIP
Ravneet Johal
Kamyar Partovi
CS 158B: Project
Friday, March 25, 2005
1.Introduction
Network management is essential to success for companies, especially during this era of the information age. Exchanging information has become more efficient and has saved companies time and money. Information exchange is done electronically and that means there is a need for some type of network infrastructure. When there is a need for a network infrastructure, there is a need for a network manager. When there is a need for a network manager, there is also a need for interfaces and management systems that will help the network manager manage the infrastructure. And when there is a need for interfaces and managements systems, there is a need for protocols. This paper discusses two important protocols, which are Common Management Information Protocol (CMIP) and Simple Network Management Protocol (SNMP). They are both used widely for network management purposes. In this paper, first a broad overview of both CMIP and SNMP are given. Then SNMP and CMIP are both compared and contrasted.
2.Common Management Information Protocol (CMIP)
Common Management Information Protocol (CMIP) is an interface for network management in the Open Systems Interconnection (OSI) Reference Model. It was created around 1988 by the Internet Activities Board (IAB), the department that was responsible for all Internet research and development in the United States at the time (Burke 2004). Some large corporations invested with the government on developing CMIP so that they can have the benefit of having a secure and efficient network management protocol for themselves. CMIP is used with Common Management Information Services Element (CMISE), which supports information exchange between network management stations and management agents and also supports access to managed information in the managed objects (Protocol Dictionary 2005). CMISE is a very complicated protocol (and this is one of the reasons why CMIP is not widely used in networks today). This network management protocol makes use of Remote Operations Service Element (ROSE) to send and receive protocol data units (PDUs) (Burke 2004). Both CMIP and ROSE are application layer protocols.
The protocol ROSE is an interface between all distributed applications and CMIP within the OSI Reference Model. It is capable of providing remote operation capabilities, allows interaction between entities within an application, and if a remote operations service was requested, it allows the receiving entity to attempt the operation and report the results to the requesting entity (Wikipedia 2001). Basically, CMIP passes the PDUs to ROSE so that the PDUs can be distributed to the appropriate destination. CMIP and ROSE both reside in the Management Process sector of the OSI Reference Model figure shown in Figure 1.
3.Simple Network Management Protocol (SNMP)
In early 1988, when the need of a tool to manage a network such as the Internet was felt, the IAB started to design concepts of the Simple Network Management Protocol (SNMP). The purpose of designing SNMP was to make a basic network management device that can be applied simply and easily. The Simple Network Management Protocol (SNMP), which is located in application layer, is part of the Transmission Control Protocol / Internet Protocol (TCP/IP) network architecture. SNMP is responsible for exchanging data between network devices. A network administrator uses SNMP to manage network performance and to detect and fix any network related problems.
SNMP has three important mechanisms, which are: managed devices, agents, and network-management systems (NMSs). The managed device is responsible for colleting and storing data, and these data are accessible to NMS by using SNMP. An agent is responsible for managing data and translating them to a correct form that can be used. NMS implements the applications that monitor managed devices.
According to Cisco System documentation, SNMP has several commands that are used for managing devices and collecting the data. Those commands are read, write, trap and traversal operation. The read command is used for monitor devices. The writecommand is used for controlling devices. The trapcommand sends a report to NMS for any events that happen, and traversal operations are responsible to decide what management device supports which variable.
Security is a very important issue in SNMP because it does not have any verification ability, and this matter caused SNMP to be open for a big security threats in high risk. These threats could be modification of data and time and leaking the data.
4. Comparing CMIP and SNMP
What CMIP is to the OSI Reference Model is what SNMP is to the Transmission Control Protocol/Internet Protocol (TCP/IP) network architecture (Burke 2004).
The Common Management Information Protocol (CMIP) uses the same Management Information Base (MIB) that SNMP uses. The only difference is that there are more objects and variables to comprehend and to work with. CMIP is more efficient and more detailed than SNMPv1 and SNMPv2. So it is not a surprise that with more variables in the MIB that CMIP is more detailed. Since CMIP is more detailed and has more functionality (which should be considered a good thing), there is a tradeoff because CMIP takes up more system resources (which is considered a bad thing). In CMIP, the variables or operations are seen as very complex and sophisticated data structures, with many attributes (Tyler 2005). These include: operation attributes, which represent the operation characteristics (its data type, whether it is writable); operation behaviors, what actions of that operation can be triggered; and notifications, where the operation generates an event report whenever a specified event occurs (eg. a terminal shutdown would cause an operation notification event) (Tyler 2005). As a comparison, SNMP only employs the operation attributes and the notifications (Trap messages) (Tyler 2005).
CMIP consists of 11 operations and SNMP only supports 5. The list of some of the CMIP operations and what they do:
M-ACTION - requests an object to perform an action of some sort.
M-CANCEL-GET – cancels the previous M-GET command.
M-CREATE - creates specified objects.
M-DELETE- deletes specified objects.
M-EVENT-REPORT – when an event occurs, allows network agents to announce it.
M-GET - reads value of an object.
M-SET - adds, removes or replaces specified objects.
The other four operations that CMIP supports are M-Action-Confirmed, M-EventReport-Confirmed, M-Set-Confirmed, and M-Linked-Reply. Most of these operations are confirmed and that just means that they expect a reply back once they are sent.
Both SNMP and CMIP provide network management details to the network manager. They both help the network manager solve problems. They both plan the capacity of the network and they both also make reports for the network manager. Basically both of these protocols have the same task: help the network manager manage his or her network.
Although the two network management protocols have the same goal, they take different paths to attain that goal. One big difference between these protocols is the security. SNMP uses a community name, which is not even encrypted. CMIP is used for its security, as it supports authorization, access control, and security logs. In terms of data access, SNMP retrieves individual items of information while CMIP retrieves a collection of information (Colorado St. 2005). Also, SNMP is more focused, while CMIP deals with classes of data that must be constrained (Colorado St. 2005). SNMP uses polling (where the management station asks the management agents for status) and CMIP uses reporting, where a management agent reports to the management station of its status (Colorado St. 2005). CMIP uses more space and system resources than SNMP, which makes CMIP a more robust protocol. SNMP uses UDP datagrams while CMIP uses connection-oriented sessions. Since CMIP seems to be more complicated and robust at the same time, it seems just right to use CMIP in Wide Area Networks (WANs) and SNMP in Local Area Networks (LANs). SNMP is widely used because of its simplicity. CMIP has powerful capabilities with just one single request and it also provides better reporting of unidentified network conditions. Even though Abstract Syntax Notation One (ASN.1) is used to program CMIP (just like SNMP), it is still harder to program because of the complexity of the functionality of the variables in CMIP. CMIP is object-oriented. This is analogous to high-level programming languages (CMIP) and assembly language (SNMP).
5. Conclusion
In our opinion, SNMP and CMIP are different protocols that should not be compared. That is because they do the same thing for different types of network infrastructures. SNMP and CMIP are somewhat like two different religions. Religious people usually worship some type of God. A person in a religion would try to attach itself to God by sacrificing (e.g. celibacy) or providing services (e.g. help the poor). In our case, SNMP and CMIP (acting as the religious people in two different religions) both try their best to attach themselves with the network manager (acting as God) by providing services (such as remote operation of networks) and sacrifices (such as security in SNMP and easy implementation in CMIP). SNMP would sacrifice security so that it would be easier for the network manager to manage while CMIP would sacrifice the ease of implementation just so that the network manager can do more things.
6. Bibliography
CMIP (2001). Wikipedia. Retrieved March 22, 2005, from
Tyler. (unknown date). SNMP & CMIP. Tyler’s Homepage. Retrieved March 22, 2005, from
Network Management Notes. Retrieved by the March 22, 2005, from
Burke, J. Richard (2004). Network Management Concepts and Practice: A Hands-on Approach. New Jersey: Pearson Education, Inc.
CMIP. (unknown date). Protocol Dictionary. Retrieved March 22, 2005, from
1