MG-SOFT SNMP Software Development Lab

MG-SOFT WinSNMP toolkit


The Windows SNMP API specification defines a programming interface for network management applications running on Microsoft Windows, Linux, Mac OS X and Solaris platforms, enabling those applications to make use of a logically external SNMP engine or service layer.

WinSNMP provides a single interface to which application developers can program and multiple SNMP software vendors can conform. This specification thus defines the procedure calls, data types, data structures, and associated semantics to which an application developer can program and which an SNMP software vendor can implement.

WinSNMP offers these major benefits, all intended to accelerate the development, dissemination, and use of SNMP network management applications:

  • SNMP enabling technology for functional network management applications (i.e., 'hides' ASN.1, BER, and SNMP protocol details).
  • SNMP service provider independence. A WinSNMP application will run against any compliant WinSNMP implementation.
  • Uniform SNMPv1, SNMPv2c and SNMPv3 USM and TSM support.
  • Thread-safe - MG-SOFT WinSNMP API implementation has been designed in a thread-safe manner and can be used from multi-threaded network management applications

MG-SOFT WinSNMP SDK provides an API for developing SNMPv1, SNMPv2c and SNMPv3 SNMP manager and agent applications running on Microsoft's supported 32-bit and 64-bit Windows operating systems (Windows 7, Windows Server 2008, Windows Server 2012, Windows 8.x, Windows 10, Windows Server 2016, Windows Server 2019, Windows 11, Windows Server 2022). Additionally, MG-SOFT also offers WinSNMP SDK for Linux (32-bit and 64-bit Intel x86 architectures) and for Apple Mac OS X (universal binaries for Intel x86 and x86_64 platforms). The WinSNMP API implements industry standard WinSNMP specification and provides database functions, communication functions, PDU functions, varbindlist functions, entity/context functions and utility functions. Within that, API supports both sending and receiving SNMP notifications (traps and informs).

The core WinSNMP API has been extended with only a few new functions in order to accommodate the SNMPv3 USM and TSM protocol features. MG-SOFT's WinSNMP API implementation supports the complete SNMPv3 User-Based Security Model (HMAC-MD5, HMAC-SHA1 authentication; CBC-DES, CFB-AES-128 privacy) and several extensions to USM (HMAC-SHA-2 authentication; CFB-AES-192, CFB-AES-256, CBC-3DES privacy; Diffie-Helman key ignition), as well as the Transport Security Model with support for SNMPv3 over TLS and DTLS protocols (using X.509 digital certificates), which provide strong security on the transport layer. For details please refer to the WinSNMP API documentation that installs along with SNMP Software Development Lab package.

WinSNMP API Version 4.0 and 3.0 have been designed in a manner preserving the full compatibility with older WinSNMP API specifications. The same WinSNMP-based application binary utilizing the WinSNMP V2.0 API will run successfully also when utilizing the WinSNMP API Version 3.0. Similarly, a binary utilizing the WinSNMP V3.0 API will run successfully also when utilizing the latest WinSNMP API Version 4.0, which incorporates extensions for SNMPv3 Transport Security Model (TSM) with support for SNMPv3 over (D)TLS. This means that the WinSNMP API Version 4.0 extension is completely orthogonal to older WinSNMP API specifications and that no modifications were made to any of the previously existing WinSNMP API functions that would change their expected behavior.

The main new feature introduced by the SNMPv3 protocol is security, including (a) authentication and privacy, (b) authorization and access control and (c) standards-based remote configuration of the above two (a and b).

The SNMPv3 engine implemented in the MG-SOFT's WinSNMP module conforms to the following SNMPv3 specifications that were published by IETF:

  • Structure and Identification of Management Information for TCP/IP-based Internets (SMIv1),
    (RFC 1155, May 1990).
  • A Simple Network Management Protocol (SNMPv1),
    (RFC 1157, May 1990).
  • Concise MIB Definitions (SMIv1),
    (RFC 1212, March 1991).
  • A Convention for Defining Traps for use with the SNMP (SMIv1),
    (RFC 1215, March 1991).
  • Introduction to Community-based SNMPv2 (SNMPv2c),
    (RFC 1901, Experimental, January 1996).
  • Structure of Management Information Version 2 (SMIv2),
    (RFC 2578, STD 58, April 1999).
  • Textual Conventions for SMIv2,
    (RFC 2579, STD 58, April 1999).
  • Conformance Statements for SMIv2,
    (RFC 2580, STD 58, April 1999).
  • Extension to the User-Based Security Model (USM) to Support Triple-DES EDE in "Outside" CBC Mode,
    (I-D, October 1999).
  • Diffie-Helman USM Key Management Information Base and Textual Convention,
    (RFC 2786, Experimental, March 2000).
  • Introduction and Applicability Statements for Internet Standard Management Framework,
    (RFC 3410, Informational, December 2002).
  • An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks,
    (RFC 3411, STD 62, December 2002).
  • Message Processing and Dispatching for the Simple Network Management Protocol (SNMP),
    (RFC 3412, STD 62, December 2002).
  • Simple Network Management Protocol (SNMP) Applications,
    (RFC 3413, STD 62, December 2002).
  • User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3),
    (RFC 3414, STD 62, December 2002).
  • View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP),
    (RFC 3415, STD 62, December 2002).
  • Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP),
    (RFC 3416, STD 62, December 2002).
  • Transport Mappings for the Simple Network Management Protocol (SNMP),
    (RFC 3417, STD 62, December 2002).
  • Management Information Base (MIB) for the Simple Network Management Protocol (SNMP),
    (RFC 3418, STD 62, December 2002).
  • Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework,
    (RFC 3584, BCP 74, August 2003).
  • The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model,
    (RFC 3826, Standards Track, June 2004).
  • Transport Subsystem for the Simple Network Management Protocol (SNMP),
    (RFC 5590, Standards Track, June 2009).
  • Transport Security Model for the Simple Network Management Protocol (SNMP),
    (RFC 5591, Standards Track, June 2009).
  • Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP),
    (RFC 6353, Standards Track, July 2011).
  • Translation of Structure of Management Information Version 2 (SMIv2) MIB Modules to YANG Modules,
    (RFC 6643, Standards Track, July 2012).
  • HMAC-SHA-2 Authentication Protocols in User-Based Security Model (USM) for SNMPv3,
    (RFC 7860, Standards Track, April 2016).



Develop your own SNMPv3 network management applications

Together with the MG-SOFT WinMIB module and MG-SOFT MIB Compiler, MG-SOFT WinSNMP offers capabilities that fully support developing network management software targeting Windows, Linux, Mac OS X and Solaris operating systems. In addition to that, SNMP EasyAgent SDK provides a straight-forward means for adding SNMP manageability to existing Windows applications.

MG-SOFT's SNMPv3 engine is programmatically accessible through the MG-SOFT WinSNMP API. MG-SOFT WinSNMP Toolkit has been released and its evaluation version is available for downloading. The package, among others, contains a sample project file containing the full source code for building the MG-SOFT SNMPv3 Micro MIB Browser. The source code illustrates numerous aspects of SNMPv3 USM and TSM API extensions and can be used as a base for developing more sophisticated SNMPv3 management applications.

MG-SOFT SNMPv3 Micro MIB Browser
MG-SOFT SNMPv3 Micro MIB Browser
(available in MG-SOFT WinSNMP Toolkit)



SNMPv3 protocol interoperability and conformance

An agent based on MG-SOFT SNMPv3 engine is available on the Internet for interoperability testing (note that SNMP-SET operation is disabled for security reasons). The following are the supported groups of SNMPv3 USM access parameters:

  1. Accessing the agent by using the SNMPv3 protocol without authentication and without privacy (security level: NoAuthNoPriv):

    IP Address: 212.30.73.70
    SNMP Port: 161
    ContextName: public
    UserName: noAuthUser

  2. Accessing the agent by using the SNMPv3 protocol with HMAC-MD5 authentication protocol and without CBC-DES privacy protocol (security level: AuthNoPriv):

    IP Address: 212.30.73.70
    SNMP Port: 161
    ContextName: public
    UserName: MD5_User
    Authentication Password: AuthPassword

  3. Accessing the agent by using the SNMPv3 protocol with HMAC-SHA authentication protocol and without CBC-DES privacy protocol (security level: AuthNoPriv):

    IP Address: 212.30.73.70
    SNMP Port: 161
    ContextName: public
    UserName: SHA_User
    Authentication Password: AuthPassword

  4. Accessing the agent by using the SNMPv3 protocol with HMAC-MD5 authentication protocol and with CBC-DES privacy protocol (security level: AuthPriv):

    IP Address: 212.30.73.70
    SNMP Port: 161
    ContextName: public
    UserName: MD5_DES_User
    Authentication Password: AuthPassword
    Privacy Password: PrivPassword

  5. Accessing the agent by using the SNMPv3 protocol with HMAC-SHA authentication protocol and with CBC-DES privacy protocol (security level: AuthPriv):

    IP Address: 212.30.73.70
    SNMP Port: 161
    ContextName: public
    UserName: SHA_DES_User
    Authentication Password: AuthPassword
    Privacy Password: PrivPassword

  6. Accessing the agent by using the SNMPv3 protocol with HMAC-MD5 authentication protocol and with CFB-AES-128 privacy protocol (security level: AuthPriv):

    IP Address: 212.30.73.70
    SNMP Port: 161
    ContextName: public
    UserName: MD5_AES128_User
    Authentication Password: AuthMD5-Password
    Privacy Password: PrivAES-Password

  7. Accessing the agent by using the SNMPv3 protocol with HMAC-SHA authentication protocol and with CFB-AES-128 privacy protocol (security level: AuthPriv):

    IP Address: 212.30.73.70
    SNMP Port: 161
    ContextName: public
    UserName: SHA_AES128_User
    Authentication Password: AuthSHA-Password
    Privacy Password: PrivAES-Password