SNMP Encoding

SNMP requests follow standardized encoding rules for translating management operations into data packets. At the communication level, an SNMP request is represented by an array of bytes in a UDP protocol packet. The SNMP components in the Java Dynamic Management Kit provide access to the byte encoding of these packets.

Your applications may customize the encoding and decoding of SNMP requests:

• On the manager side, after the request is translated into bytes, your encoding may add signature strings and then perform encryption.

• On the agent side, the bytes may be decoded and the signature can be verified before the bytes are translated into the SNMP request.

  A decoded SNMP request contains the manager's hostname and community string, the operation, the target object, and any values to be written. Like the context checking mechanism, you may insert code to filter requests based on any of these criteria.

In order to implement a secure SNMP management solution, you need to coordinate the security policy between the manager encoding and the agent decoding. However, SNMP request filtering may be performed unilaterally by the agent, to allow requests from unknown managers yet still be able to reject unauthorized operations.