SNMP vs. NetBeez

Intro to SNMP

The Simple Network Management Protocol (SNMP) is an Internet Standard used to request information from a device like a router, switch, or server, about the status of its resources, such as CPU, memory, and network interfaces. The type of information that can be obtained from a specific network device varies based on vendor and model. Each vendor publishes a set of management information base (MIB) files that describe what parameters can be queried from a specific device. The MIB files are then imported into the NMS to collect information and monitor such devices.

cbgpRouteTable OBJECT-TYPE
    SYNTAX          SEQUENCE OF CbgpRouteEntry 
    MAX-ACCESS      not-accessible
    STATUS          current
        "This table contains information about routes to
        destination networks from all BGP4 peers.  Since 
        BGP4 can carry routes for multiple Network Layer 
        protocols, this table has the Address Family 
        Identifier(AFI) of the Network Layer protocol as the 
        first index. Further for a given AFI, routes carried
        by BGP4 are distinguished based on Subsequent Address 
        Family Identifiers(SAFI).  Hence that is used as the
        second index.  Conceptually there is a separate Loc-RIB
        maintained by the BGP speaker for each combination of 
        AFI and SAFI supported by it."
        "RFC-1771: A Border Gateway Protocol 4 (BGP-4),
         RFC-2858: Multiprotocol Extensions for BGP-4,
         RFC-2547: BGP/MPLS VPNs"
    ::= { cbgpRoute 1 }

Example of SNMP MIB: here is the snippet of the for the Cisco ISR 1000 router.

SNMP Architecture

The protocol relies on a software agent that runs on each monitored device and replies to queries from a network management server (NMS). The NMS, also called SNMP poller, periodically requests each device utilization values of its resources to get a status update and verify that it’s working properly. If the value of one or more resources reported by the agent exceed a threshold set by the administrator, the server will generate an alert for the network administrator. An SNMP agent uses port UDP 161 to receive requests from a poller. SNMP can also be used to apply configuration changes to devices and, if needed, to send notifications, called traps, to an SNMP trap receiver when an event that requires administrative attention happens on the device itself. An SNMP trap could be generated if, for example, the network interface of a router goes down or if a BGP neighbor becomes unreachable. By default, SNMP traps are sent via UDP to port 162.

snmp trap black and blue chart

SNMP limits and NetBeez

Network monitoring tools based on SNMP are needed to detect unavailability and performance degradation issues of network devices that could negatively affect the status and performance of network services. Knowing the status of network devices is necessary, but not sufficient to assure availability and performance of network services offered to the users. SNMP monitoring tools can tell you if a router or switch is working, but can’t tell you if users are having connectivity or quality performance to web and cloud applications. For this reason, an SNMP poller and trap receiver should be complemented by a set of dedicated sensors that perform active tests against applications like DNS servers, web servers, and cloud applications. These tests are used to verify that users are having a good experience with the network and application. This is the goal of NetBeez. NetBeez relies on hardware (Ethernet and WiFi) and software sensors that are configured to continuously perform tests like ICMP, DNS, HTTP, and Traceroute. These tests can detect end-user experience issues derived by network and application degradation like packet loss, increased network latency, increased DNS and HTTP response time.


Type of Information


Round-trip-time, packet loss, host unreacheable


DNS query time, DNS failure rate, DNS service down


GET time, GET failure rate, web server unavailable and other HTTP error codes


Download speed, upload speed


TCP/UDP throughput, packet loss, jitter

Network Monitoring Sensors Location

An important factor of active monitoring tools like NetBeez is the location of the sensors. When implementing this monitoring solution, you should have enough observation points to get a complete view of the network. Each network location where there are users (e.g. offices) or applications (e.g. data centers), should include one or more sensors. To deploy sensors in a Wide Area Network (WAN), you can use single-board computers like the Raspberry Pi, the Utilite, or the Upboard. These platforms are also useful to monitor wireless networks, which are intrinsically more challenging to monitor and support than wired networks. On the other side, if you need to monitor a set of applications in a data center, the monitoring sensors can be provisioned as virtual appliances or software containers.

Network Type

Sensor Options

Remote office location

Single-board computer, virtual appliance, dedicated workstation with software package, Cisco ISR virtual service, …

Data center or cloud



Single-board computer with WiFi card

I hope this article helps in explaining the utility of SNMP and how it differs from active monitoring solutions like NetBeez. If you want to learn more about SNMP, you can start with the this SNMP Wikipedia article. As for NetBeez, you can test it yourself by requesting a free account or scheduling a demo for a customized product tour.