What is SNMPv3?
SNMPv3 (Simple Network Management Protocol version 3) is the secure variant of the SNMP protocol and is used for Monitoring and management of network equipment, including Switches, Routers, Firewalls, and industrial OT devices.
SNMPv3 provides authentication, encryption, and access control, making it suitable for modern Cybersecurity requirements within industrial networks.
π§ How does SNMPv3 work?
- SNMPv3 uses the User-Based Security Model (USM):
- Users are defined with permissions, authentication methods, and encryption
- Communication takes place over UDP ports:
- Port 161 for polling
- Port 162 for traps (notifications)
- SNMPv3 offers three security levels:
- noAuthNoPriv: no security (comparable to SNMPv2)
- authNoPriv: authentication without encryption
- authPriv: both authentication and encryption
Examples of algorithms used:
- Authentication: SHA, MD5
- Encryption: AES, DES
π Application of SNMPv3 in OT networks
- Secure monitoring of industrial Switches, Drives, HMIs, Firewalls
- Collecting device status, temperature, connection status, and log data
- Sending SNMP traps for faults or failures in critical OT equipment
- Integration with SIEM systems for advanced incident detection
- Securely managing network equipment in Zones in line with the Purdue Model
SNMPv3 is recommended in OT environments where uptime, visibility, and security are essential.
π SNMPv2 vs. SNMPv3
| Aspect | SNMPv2 | SNMPv3 |
|---|---|---|
| Security | No encryption or user management | Encrypted, user- and role-based management |
| Community Strings | Yes, plaintext (e.g. βpublicβ) | No β users and profiles |
| Ease of use | Simple but unsafe | Slightly more complex but much safer |
| Recommended for OT? | Only in segmented, isolated networks | Yes β for production environments with connectivity |
| Standardisation | Common in legacy systems | IEC 62443-compatible security model |
π Security aspects
- Always use authPriv for maximum protection (SHA + AES)
- Restrict access to SNMPv3 via ACLs, VLANs, and Firewalls
- Remove old SNMPv1/v2 configurations or set traps only on SNMPv3
- Log all SNMP activity with SIEM or Syslog
- Choose strong passwords for SNMPv3 users and configure roles carefully
SNMPv3 is a minimum requirement for secure monitoring in modern OT networks.
π In summary
SNMPv3 is the secure standard for network monitoring and management in industrial installations. It prevents sensitive network data from being sent unencrypted and provides an auditable, scalable security structure.