SNMP2/SNMP2C Compatibility with SNMP3

I am new to SNMP protocol and have the following compatibility question.

Our company is an mixed environment and are running both SNMP2/2C and SNMP3. Basically we have a network Monitoring tools called Whatsup Gold Premium. Whatsup Gold is configured to use SNMPv3 to Scan or using the MIB walker to explore our servers (Mainly Windows 2012r2 machine) and network devices (Cisco Swtiches).

My question is whether SNMPV3 is backward compatible with SNMPV2. In other word, can I use a SNMPV3 Management host to monitor both SNMPV3 and SNMPV2 enabled host/device or will there be a conflict ?

Thank you so much for your advice in advance.

Regards
Patrick
patricktamAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gheistCommented:
No, they are different protocols, completely incompatible. v2 device will not interpret v3 packets and vice versa.
0
btanExec ConsultantCommented:
Indeed v3 is a big change from 2c and below. SNMP version 3 adds both encryption and authentication, and hence setup is more complex than just defining a community string unlike those supporting just older version.  

By default, WhatsUp Gold has a 2 second timeout for SNMP requests, and retries failed SNMP requests once. It will poll through the profile on the string and credential till it works, I do not recall it will enumerate among snmp version though other scanner may do so. Maybe the newer version has does that ...

Reference an v11 paper (pdf) -
SNMPv3 reports the same data as v2, but uses a different authentication scheme. Instead of community strings, v3 devices require a username and password to poll to the device. In addition, users can be configured on the v3 device to have the data packets encrypted before they are sent to a device requesting the SNMP information.
Also from v14.4 release note pertaining to FIPS 140-2 encryption, only those SNMPv3 credentials with encryption using SHA authentication and AES128 encryption are allowed. Note that when WhatsUp Gold is installed on a FIPS 140-2 compliant operating system, it automatically start in FIPS 140-2 mode. Separately, you can configure it in FIPS 140-2 mode (e.g. Configure > Program Options, then select the General category).
0
eeRootCommented:
SNMPv2 and SNMPv3 are very different.  But you should be able to list both v2 and v3 credentials in Whatsup Gold and have it scan the network using both types of credentials.  It's common for networks to have a mix of older and newer devices that use different SNMP protocols and different credentials.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
patricktamAuthor Commented:
Thank you so much for your details advice.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Management

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.