One of the primary drivers that lead people to Opmantek is their desire to transition their event management to become less reactive and more proactive. Gartner’s IT Service Management Maturity Model stresses the need to become proactive while your business is in its infancy, this will aid in making your IT a valuable asset to your company, not as an expense.

A great way to start this transition is to change your perception of event management, specifically, take control over events earlier and automating your remediation. Two key concepts that will assist in this and talked about in this blog are opEvent’s automated remediation and opConfig’s virtual operator.

Proactive Event Management

The first step in transitioning your event management into a proactive format is by handling your events before the end-users raise them. This is a significant change to prepare thoroughly for, because you may be initially swamped with open events. However, if you are using opEvents as your event management platform, this will be significantly reduced, opEvents uses event correlation and deduplication natively and will combine your related events. (This is further expanded on in this article).

Automated Remediation

Once you start looking at events proactively, you will have more events coming through your system; this is where automation will play an integral role in managing your network. opEvents allows you to add scripts that will run as soon as an event has occurred; this will help with automatic remediation. This can be used to serve a variety of purposes such as using scripts to automatically remediate events with a replicable solution process or providing information at the time of the incident, rather than at a later stage.

Event Status

Inside opEvents, on the events themselves, there is event status that can be used to signify the stage in the event management process that the event is in. This helps the tools that your team is using, while also providing a service desk that gives you usable information.

Virtual Operator

opConfig’s Virtual Operator can be used to help create jobs comprised of command sets that can be used to troubleshoot nodes that have been identified with opEvents. These actions are templates that the virtual operator uses that saves you from having to create commonly run jobs. It also gives operators easy access to run commands on remote systems without giving them full access to the machines. This will help your team troubleshoot any events without compromising any security measures that are in place.

Next Steps:

• Download opEvents and opConfig on our Virtual Machine and start monitoring nodes with a free lifetime license.
• Read more about Deduplication and storm control in opEvents.
• Read more about Event Correlation.
• Watch this webinar series on how to truly optimize opEvents and opConfig for your environment.
• Read our Solution Guide – Event Consolidation Based on Location.

What is Windows Management Instrumentation (WMI)?

Windows Management Instrumentation (WMI) represents an all-encompassing platform developed by Microsoft, designed to unify the administration of devices and applications within a network environment powered by Windows computing systems. It provides users with valuable information about the status of local or remote computer systems, making it an indispensable tool for administrators managing various Windows operational environments. WMI, a key component of Microsoft’s management infrastructure, comes pre-installed on Microsoft’s newest operating systems and is designed to reduce the maintenance and cost of managing enterprise network components.

WMI provides a consistent model of the Windows operating systems, configuration, and status in enterprise networks, offering a COM API that allows access to management information about the status of local or remote computer systems. Developers and IT administrators can write WMI scripts or applications to automate administrative tasks on remote computers, with management applications or scripts able to perform operations or get data through WMI in a variety of programming languages. Its flexible and extensible architecture provides support for new devices, applications, and other enhancements, making WMI a powerful and flexible tool for managing and monitoring the Microsoft Windows operating system.

Introduction to Windows Management Instrumentation (WMI)

Windows Management Instrumentation (WMI) is a powerful feature of the Microsoft Windows operating system. It is a part of the infrastructure for management data and operations on Windows-based operating systems. WMI represents a collection of guidelines established by Microsoft, designed to streamline the administration of devices and applications within a network environment that utilizes Windows computing systems. It provides users with information about the status of local or remote systems and computer systems.

Understanding the WMI Architecture

The WMI architecture is a flexible and extensible architecture that is designed to provide a unified way of accessing management information in an enterprise environment. At the heart of the WMI architecture are the WMI providers. WMI providers act as intermediaries between the WMI service and the managed objects in the Windows Driver Model. They supply the WMI service with data from managed objects and handle requests to change the state of managed objects.

The WMI repository is a crucial component of the WMI infrastructure. It stores the static data and the definitions of all WMI classes, which are the templates for the instances of management data. The WMI repository also stores the definitions of all the WMI namespace namespaces, which are logical divisions of the WMI class hierarchy.

WMI vs. Other Management Protocols

Windows Management Instrumentation (WMI) is often compared to other management protocols like the Simple Network Management Protocol (SNMP). While both protocols are very fast and highly efficient, they go about their business in very different ways. For managing Windows devices, WMI is probably the better option, while SNMP is widely supported by networking vendors like Cisco, Juniper, Huawei, and Unix/Linux operating systems.

Working with WMI

Working with WMI involves using the WMI command line, WMI Query Language (WQL), and WMI scripts. The WMI command line tool, also known as WMIC, is a command-line interface to the WMI API. It allows administrators to perform various system management tasks from the command prompt. For example, to access WMI from the command prompt, type WMIC and press Enter.

WMI scripts are used to automate administrative tasks and manipulate management data. These scripts can be written in any language that supports Microsoft ActiveX scripting, including:

• VBScript
• Perl
• Windows PowerShell

WQL is a subset of SQL with extensions to support WMI events and other features specific to the WMI system. WMI queries are used to retrieve management data from the WMI repository. There are three types of WMI queries: Data Queries, Event Queries and Schema Queries.

Data Queries

Data queries are the most common type of WMI Query Language (WQL) query. They are used to retrieve data from the WMI repository. Data queries can be used to retrieve instances of a specific class or to retrieve instances that meet certain criteria. For example, a data query might retrieve all instances of the Win32_Process class (which represents processes running on a Windows system), or it might retrieve only those instances where the Name property is “notepad.exe”.

See below for a data query example that requests the event log file named “Application” from all instances of Win32_NTLogEvent.

Event Queries

Event queries are used to subscribe to events in WMI. An event in WMI is a significant occurrence in a managed object that might be of interest to management applications. For example, an event might be generated when a process starts or stops, when a disk drive becomes full, or when a network connection is lost. Event queries can be used to subscribe to these events and be notified when they occur.

There are two types of event queries: intrinsic event queries and extrinsic event queries. Intrinsic event queries subscribe to events that are automatically generated by WMI when instances of a class are created, modified, or deleted. Extrinsic event queries subscribe to events that are explicitly generated by a WMI provider.

See below for an example event query by an event consumer request notification when a new instance of a class derived from Win32_NTLogEvent is created.

Schema Queries

Schema queries are used to retrieve information about the schema of the WMI repository. The schema of the WMI repository is a set of definitions for all the classes, properties, methods, and events that are available in WMI. Schema queries can be used to retrieve information about these definitions.

For example, a schema query might retrieve the definition of the Win32_Process class, including the names and types of its properties and the signatures of its methods. Schema queries can also be used to retrieve information about the relationships between classes, such as the inheritance relationships between classes and the associations between instances of different classes.

The following example schema query shows the syntax.

Advanced WMI Features

WMI provides a higher level of representation of systems, supporting properties, events, and methods on top of the object classes used by SNMP. The WMI system classes providers supply the WMI service with data from managed objects and handle requests to change the state of managed objects. The WMI provider class defines the methods for a provider.

WMI also supports remote management. The WMI service acts as a server component, allowing management applications to connect to it remotely. This feature is particularly useful for managing remote computers in a Windows enterprise network.

WMI in Network Monitoring and Management

WMI plays a crucial role in network monitoring and software management systems. It provides an in-depth analysis of devices, including current configuration parameters, status values, CPU load, memory usage, software and hardware audits, application availability, and operating system failures. WMI can be used to monitor any desktop or server running the Windows operating system in public, private, or hybrid environments.

Security Considerations in WMI

Security is a critical aspect of any management infrastructure. WMI provides several security features to protect the management of data. For example, WMI uses the Distributed Component Object Model (DCOM) for remote access, which provides a robust set of security features. It also allows administrators to set permissions on WMI namespaces and classes, ensuring that only authorized users can access the management data.

WMI Monitoring Tools

There are several WMI administrative tools available that can help manage boot configuration data and monitor the WMI infrastructure. These tools provide a graphical user interface to display and manipulate the data in the WMI repository. Some tools also allow you to build scripts without any coding knowledge. Examples of such tools include WMI Explorer and WMI Event Viewer.

Future of WMI

The future of WMI looks promising. With the continuous development of the Windows operating system, WMI is expected to become even more powerful and versatile. The latest versions of the Windows Server and supported Windows platforms come with enhanced WMI features, making it easier for administrators to manage enterprise network components.

Simplicity vs. flexibility

So which monitoring solution is right for you? The answer will depend on the size and complexity of your network, your management infrastructure standards, the skills of your network administrators, and your available budget.

One of the major advantages of SNMP is that it is easy to deploy and configure even on larger networks. It can also be used to manage all devices on the network regardless of the manufacturer. Many SNMP tools are also free which helps keep costs down. The downside is that standard SNMP features are very basic.

If you require more sophisticated data and configuration options and you operate a large Windows OS environment, then WMI is the way to go. This will provide you with a powerful framework to streamline the monitoring and management of your Windows OS environment. The downside is more complexity and increased operational overhead.

Deep Dive into WMI Providers

WMI providers are a critical component of the Windows Management Instrumentation (WMI) infrastructure. They act as intermediaries between the WMI service and the managed objects in the Windows operating system. WMI providers supply the WMI service with data from managed objects and handle requests to change the state of managed objects.

Each WMI provider is associated with one or more WMI classes, which are templates for instances of management data. These methods can be used to retrieve data, change the state of a managed object, or trigger an action on a managed object.

WMI providers are implemented as COM objects and are loaded into the WMI service process when needed. They can be written in any language that supports COM, but most are written in C++ for performance reasons.

Understanding the Two Types of WMI Providers

WMI providers are essential components of the Windows Management Instrumentation (WMI) infrastructure. They act as intermediaries between the WMI service and the managed objects in an enterprise environment. There are two primary types of WMI providers: instance providers and event providers. Each type plays a unique role in the WMI infrastructure.

Instance Providers

Instance providers are responsible for supplying data for instances of WMI classes. They manage the static data that represents the current state of a managed object. For example, an instance provider for a disk drive might supply data about the drive’s current capacity, free space, file system, and other properties.

Instance providers handle requests from the WMI service to retrieve or modify the properties of a managed object. When a management application makes a request to read or write a property of a managed object, the WMI service forwards the request to the appropriate instance provider.

Instance providers are also responsible for implementing the methods of a WMI class. When a management application invokes a method on a managed object, the WMI service calls the corresponding method in the instance provider.

Event Providers

Event providers, on the other hand, notify WMI when events occur. An event can be any significant occurrence in a managed object that might be of interest to management applications. For example, an event provider for a disk drive might generate an event when the drive becomes full.

Event providers are responsible for detecting events and delivering event notifications to the WMI service. When an event occurs, the event provider creates an instance of an event class to represent the event and delivers the instance to the WMI event registration service. The WMI service then forwards the event to any management applications that have registered to receive such events.

Event providers can generate two types of events: extrinsic events and intrinsic events. Extrinsic events represent significant occurrences that are not directly associated with a change in a managed object’s state, such as a user logging on or off. Intrinsic events represent changes in the state of a managed object, such as a change in a property value.

Both instance providers and event providers play crucial roles in the WMI infrastructure. Instance providers manage the static data that represents the current state of managed objects, while event providers notify WMI when significant events occur. Together, they enable WMI to provide a comprehensive and flexible framework for managing and monitoring the Windows operating system.

Microsoft Windows Operating System and WMI

The Microsoft Windows operating system is deeply integrated with WMI. WMI is a part of the infrastructure for management data and operations on Windows-based operating systems. It supplies management data and provides a unified way of accessing management information in an enterprise environment.

WMI comes preinstalled with the Windows operating system and is available on all Windows platforms, including Windows Server and Windows Vista. It provides a way for the operating system to expose management data and operations to management applications.

The operating system interface exposes many of its features through WMI classes. For example, the operating system might expose a WMI class for each logical or physical component of a system, such as a disk drive, a piece of memory, or a network adapter. Management applications can use these classes to manage the corresponding components.

WMI also plays a crucial role in the Windows operating system’s event logging system. The Event Log Provider in WMI provides access to the event logs on a local or remote system. This allows management applications to retrieve event log entries and to be notified when new events are logged.

Conclusion

Windows Management Instrumentation (WMI) is a powerful tool for managing and monitoring the Windows operating system. It provides a flexible and extensible architecture for accessing management data and automating administrative tasks. Whether you’re managing a small network of computers or a large enterprise network, WMI tools can help streamline your operations and improve your efficiency.

With the right knowledge and tools, you can leverage WMI to its full potential. Whether you’re using the WMI command line, writing WMI queries, or creating WMI scripts, there’s a wealth of resources available to help you get the most out of WMI. And with the ongoing development of the Windows operating system and WMI, you can expect even more powerful features and capabilities in the future.

The growing role of machines alongside humans has always been a point of discussion in our constantly evolving workforce, so where does automation come in?

Automation can be defined as the process of carrying out tasks through the use of technology, with minimal human supervision. As a result, it can improve overall safety and reduce the margin of human error, leading to an increase in productivity. In fact, an article by Harvard Business Review cites academic research on automation estimating that 47 percent of occupations in the United States could be automated within 20 years. Now that technology is advancing even more rapidly than ever, how can the process of automation help you in your career?

1. It can lead to further job opportunities

Sharon Hunneybell explored how process automation can lead to the creation of new jobs, opening up future roles for automation analysts, integration architects, and data quality analysts. If you’re a part of this field and you’re interested in working with the latest and greatest in technology, it’s a good idea to start figuring out how you can stay ahead of the crowd. In order to make manual and repetitive tasks a thing of the past, try figuring out how automating processes can integrate with your current business practices. Automating your workload can help you free up time to onboard staff with efficiency.

2. It can help source talent

If you’re part of a HR department, automation can help you search for talented staff much more quickly and onboard them with more efficiency. Case in point, Marcus points out that AI can help find in-house talent, which UnitedHealth Group currently uses through an algorithm that can identify leadership qualities among its pool of employees. This information can also be used to identify and nurture early-career employees for leadership roles. Not only will this save time, but it also ensures that your top-performing candidates are adequately recognized. During the onboarding process, automation can also benefit you through the creation of custom onboarding packages such as online forms, key checklists, and welcome e-mails for new hires. This ensures that they’re aware of any important security measures at work and that they’re ready to hit the ground running.

3. It can improve security and operations

IT teams and security operations are vital aspects of any business. Among their most time-consuming tasks involve operations and maintenance. However, an article on IT processes on EnterpriseTalk states that “IT professionals themselves believe that almost 20 percent of their current daily tasks could be automated by AI.” For instance, conditional access can be granted to certain employees so that security screening can be innovated, as well as software installation, batch processing, and server monitoring. Start exploring how robotics process automation (RPA) will work in your organization by downloading the Opmantek Virtual Machine today and activating your free license for up to 20 devices. If you would prefer to have an engineer walk you through the software, you can also request a demo.

Evidently, automation provides countless benefits for the day-to-day aspects of almost every role in your team. You can maximize profits, keep operational costs down, and free up time for your highly-skilled employees to perform more challenging tasks or shift into other roles. Now it’s time to take that step forward and explore how automation can best be integrated into your business practices.

In today’s digital world, businesses are expanding and their digital needs are more complex than ever. For this reason, enterprise network infrastructures have to cope with more demands and have greater functionality. An enterprise network usually has one or more main locations, which branch out and connect to other remote locations. Below we outline our 10 top predictions for enterprise network infrastructures for 2020 and beyond, as well as offer some infrastructure management advice.

1. Application delivery

To manage increasing digital demands in 2020, enterprise application delivery networks need to simplify their infrastructure. An application delivery network provides application security and visibility for applications on enterprise networks, in order to meet increased demands, application delivery must be updated to be cloud-based and replace hardware application servers with simplified, modern public cloud services, as these can be used and scaled much more efficiently.

2. Big data and analytics

As more and more devices and locations are connecting to an enterprise network infrastructure, there are numerous points where the infrastructure could be compromised and hacked. Big data may seem like a network vulnerability, but in 2020 big data could be the solution to cybersecurity issues. As the data center collects more data, the network will more efficiently be able to identify when the enterprise IT environment is under malicious attack or trying to be accessed from an unauthorised user. We predict operations management will also increase in 2020 as more businesses will discover the importance of managing big data.

3. AI (Artificial Intelligence)

For more advanced enterprise network infrastructures, cognitive/artificial intelligence will enable enhanced traffic management, and allow greater automated processes to take place. Compared to traditional data, AI has different networking requirements that indicate if enterprise networks want to streamline their workflow with AI, they must ensure they adapt and alter their networking landscape in 2020.

4. Hybrid clouds

Hybrid clouds began as a mix of applications that existed both in enterprise networks and public clouds, hybrid clouds will become much more advanced in 2020 as the number of cloud services and applications a business uses will increase. Businesses will, therefore, need to adopt a more advanced hybrid cloud strategy by carefully selecting the cloud technology they use and organising that technology to ensure their hybrid cloud is fast and efficient.

5. Networking virtualisation

To help create enterprise network solutions, network virtualisation will increase in popularity and use. Network virtualisation can be used for different requirements such as path, device and service virtualisation. This will be useful to enterprise network architects, who can use virtualisation to determine what technologies and developement techniques will add value to a network.

6. Unified communications and collaboration

As enterprise networks become more complex, combining enterprise communication tools into a single interface or application will be an important trend in 2020. This will allow businesses to collaborate with greater ease, for example, move instant message chat over to conference calls and video calls instantly. This will be particularly important as remote working is set to grow even more in popularity in 2020.

7. WiFi

Businesses expect their enterprise network infrastructure to be faster, sleeker and more intuitive. They will, therefore, expect their wifi to be able to handle their new network demands, without creating any downtime. To support advanced bandwidth requirements, we expect there will be a rise of wireless site surveys conducted in 2020.

8. IoT (internet of things)

The IoT has great potential in 2020 to change how data is collected in an enterprise network. For example, as the IoT of a company grows, more and more data will be created. Not all of this data, however, is relevant to the central functions of a business and needs to be stored centrally. Management applications can be run throughout an IoT network and identify any data that needs to be stored centrally, ensuring a business doesn’t fill its enterprise network with irrelevant data.

9. Wireless LAN infrastructure

As the demand for high-performance networks will grow in 2020, more businesses will require custom wireless LAN infrastructures, to ensure they have the most reliable, robust networks possible. For example, infrastructures must be able to meet high demands (such as frequent video and voice calls) whilst providing security. Although more and more businesses will move towards wireless networks, integrated wired and wireless networks may need to be created as part of the transition process.

10. Infrastructure management

As all of the above-predicted trends suggest, enterprise network infrastructures are going to become more complex and have higher workload demands. For this reason, infrastructure management will be more important than ever. It is recommended that traditional infrastructure and workflow tools are integrated with leading practice such as Opmantek’s NMIS, opEvents, opConfig and Open-AudIT. These are not only going to revolutionise the way you see data but are some of the easiest products to use on the market. Don’t just trust us, see for yourself.

Can you afford to leave your infrastructure management to chance?

Rohit Mehra, vice president of Network Infrastructure at IDC, stated: “Digital transformation has simultaneously created pressure on enterprise networks to evolve to meet the increasing demands of the modern digital business while also creating a flurry of advanced technologies that help solve these challenges…it’s imperative that networking professionals recognize these trends and prepare their networks for the continued changes that will impact their environments moving forward.”

You can read more about Mehra’s thoughts on digital transformation, here.

In 2020, networks will need to be able to handle an increased number of apps and devices without creating any network downtime or harming user experience. It is therefore imperative you entrust your infrastructure monitoring and IT asset management to reliable tools and software. For more information about Opmantek and the services we provide, do not hesitate to get in touch with our team. One of our enterprise network experts will be happy to answer any questions you may have.

By noting the above 2020 predictions, you can ensure your enterprise network infrastructure stays working at optimum functionality and ahead of trends!

Network and system administrators looking to monitor and manage devices have a choice of two popular methods:

1. Simple Network Management Protocol (SNMP is part of the TCP/IP network protocol).
2. Windows Management Instrumentation (WMI), part of the infrastructure for management data and operations on Windows-based operating systems.

Both of these protocols are very fast and highly efficient, but they go about their business in very different ways. This can lead to confusion about which technology is best. So we created this Q&A article to answer the questions many network administrators have about each solution. Use the answers here to help you choose the right solution for your network, alternatively, contact us and we can help guide you to making the right decisions.
Ultimately for managing Windows devices while SNMP can be used, WMI is probably the better option, while SNMP is widely supported by networking vendors like Cisco, Juniper, Huawei and Unix/Linux operating systems.

Simple Network Management Protocol (SNMP)

Why use SNMP?

Modern computer networks are made up of complex groups of desktops, servers and networking equipment. These are often sourced from different manufacturers which can lead to problems managing and monitoring devices. SNMP was developed to solve this problem. It uses a standardised method for querying devices on the network, giving administrators the information they need to keep the network up and running.

How does SNMP work?

The concept of SNMP is quite simple. Each monitored device on the network contains an SNMP agent which collects information about object classes on the device. This information is then passed to the SNMP manager using either Polling or TRAPs.

How does SNMP polling work?

SNMP Polling is a remote synchronous query which can be actioned on-demand or automatically. The SNMP manager sends out a polling request to the SNMP agents on the network. The agents then respond by sending the required data to the SNMP manager.

What are SNMP TRAPs?

SNMP TRAPs are messages sent asynchronously from the device to the manager. The purpose of a TRAP is to notify the manager that something has changed on the device. Unlike other protocols, however, SNMP TRAPs are NOT acknowledged by the host. This can result in important messages being lost. To solve this problem INFORMs were introduced in SNMPv2.

When was SNMP created?

Early versions of SNMP were introduced in the early 1980s to solve issues with the officially sponsored OSI/IETF/NSF (National Science Foundation) effort. The first official specification for SNMPv1 appeared in 1988. This was improved significantly over the years until the introduction of SNMPv2 in 1992 which introduced support for 64bit counters.

When was SNMPv3 released?

Despite the success of SNMPv2, the protocol was found to have severe security limitations which restricted its use on publicly accessible networks. As a result, SNMPv3 was released in March 2002 which included SSH encryption and other performance enhancements.

What are SNMP commands?

SNMP commands give network administrators the ability to manipulate and configure devices using the terminal or command line. SNMP commands use a specific syntax which once learned can be used to send and receive SNMP TRAPs and INFORMs, perform write operations and retrieve data.

Which layer does SNMP operate on?

All SNMP messages are transported via the UDP protocol.  SNMP operates on layer 7, the application layer of the OSI layer model.

What are SNMP agents?

The agent sits on every piece of network equipment monitored by the SNMP manager. Its job is to collect information about the device and pass it to the manager either asynchronously by TRAP or synchronously when polled.

What are SNMP tools?

SNMP tools provide an easy way for network admins to simplify the monitoring and configuration of devices on the network. SNMP tools range in price and complexity with basic monitoring tools available for free. Most SNMP management tools are web-based and provide easy integration with other network management systems and ITSM software. This gives administrators the information they need to make intelligent decisions about the repair and maintenance of devices.

What are SNMP databases called?

The information collected by agents is stored in a unique SNMP database called the Management Information Base (MIB). There are two types of MIB, Scalar and Tabular. Scalar objects define single instances of a device while Tabular objects define multiple related objects such as desktops which are grouped.

Can SNMP v2 and v3 co-exist?

Yes, the latest version of SNMPv3 uses multi-lingual agents which are backwards compatible with previous versions. The latest version of the protocol also uses the same MIB language as earlier versions so the same MIB modules can be used without modifications.

What are TRAP messages?

TRAP messages consist of information sent from the remote monitored SNMP device to the SNMP manager. The information contained in the message is configurable and contains information such as temperature, disk usage, memory usage and CPU load of the device.

What are INFORMs?

INFORMs work in a similar way to TRAPs but when an SNMP manager receives an INFORM message it confirms receipt back to the device. INFORMs were introduced in SNMPv2 to solve the problem of acknowledgement by the host. INFORM messages should reduce the risk of critical warnings being lost.

What are community strings?

Community strings are used to authorise access to devices on the network. The Community String is sent with all SNMP requests and must match before the device responds with information. Community strings are only used in SNMPv1-v2. SNMPv3 uses username/password authentication combined with an encryption key.

What are counters?

Counters are one of the most commonly used variables in SNMP. They are typically used to measure frequency. For example, counters which measure the frequency of input and output traffic can be used to create an accurate measurement of network load on a device.

What are credentials?

Credentials are the information which needs to be entered when configuring a device on the network. The information required will depend on the size of the network and the version of SNMP being used.

What are views?

Views allow network administrators to control who has access to data contained in the MIB database. Once created, views are assigned to either SNMPv3 groups or SNMPv1-v2 communities. Views can either grant full access or restrict access to specified parameters.

What can SNMP monitor?

SNMP can be used to monitor most network devices including printers, servers, routers, switches, hubs, firewalls and WiFi access points. The agent can monitor bandwidth, CPU load, disk usage, memory usage, temperature and device failures out of the box. The agent can also be configured to monitor other metrics depending on the device such as ink levels on a printer.

Which SNMP version is best?

The best version for you will depend on the type of network you operate. If you have a publicly accessible network then you should use SNMP v3 which provides SSL encryption for data transmission. This has performance implications, however, so if you operate a private network protected by a firewall you may be better off using SNMP v2c.