Loading...
SNMP Trap
SNMP Trap is a notification mechanism within the Simple Network Management Protocol (SNMP). It allows network devices such as routers, switches, servers, and firewalls to send unsolicited alert messages—called traps—to a management system when predefined conditions occur. This enables real-time monitoring and rapid response to network events including failures, threshold breaches, or configuration changes..
Simple Network Management Protocol (SNMP) is a widely used protocol for managing devices on IP networks. Port 162 is specifically designated for receiving SNMP Trap messages. Unlike typical SNMP queries that poll devices (handled over port 161), traps are asynchronous notifications initiated by the device itself to inform the management station about significant events without being solicited first. This helps administrators gain real-time insights into network status.
SNMP Traps typically use UDP due to its connectionless nature, which reduces overhead and allows rapid delivery of alerts. However, TCP is also supported in certain implementations to ensure reliability when required. These traps can convey a broad range of information, including hardware failures, high CPU utilization, link status changes, or intrusion detections—making it an essential part of proactive network management.
Management systems configure rules to parse incoming trap data, correlate events, and trigger automated workflows or escalate alerts. SNMP versions 1, 2c, and 3 support traps, with version 3 adding additional security features such as authentication and encryption to protect transmitted data against tampering and unauthorized access.