HPSIM, handling Snmptraps across NAT

HP SIM is short for "Hewlett Packard - Systems Insight Manager" essentially its free "Java based" Network Manager bundled with a SQL Express or PostgreSQL database, which installs on a Windows or Linux operating system.

You can think of it as a Web portal with a database backend that discovers and then collects computer and network device information using a variety of protocols. And then provides a central place to disseminate reports, run tools, schedule tasks, and send out notifications regarding "collections" of networked computers and devices that it "manages".

In an old world view, its somewhat like an old fashioned "SNMP Network Manager" with WBEM, SSH, WSMAN, Ping and various custom protocols added on.

When you log in your presented with a traditional three pane with familiar Windows Application menu bar design. The Left Navigation pane is divided into two parts; and Upper Summary "Dashboard" and a lower "Collections" tree. The right Center pane is the main workspace for working on a "Collection".

When you first login the Center pane is focused on a special "Home" page which has a couple optional parts for "Finish the Installation" and "Did you Know?" images - which can be turned off by going to the [Menu]>[Options]>[Home page settings...] and unchecking the [x] Show "Do this now.." and [x] Show "Did you know.." -- or you can choose to always open the Home page on a collection.

Aside from installing SIM, the next thing you do is "discover" computers or network devices to "Manage" -- you do this by using the "Discovery task"

But before you can use the "Discovery task" you have to prime it, by configuring a target, and then "pulling the trigger" so to speak to launch it. It then proceeds to interrogate the "Target" and tries to profile it with various protocol tests, in such a way that it can classify and add the "Target" to one of its "Collections".

You configure the "Discovery task" by going to the [Menu]>[Options][Discovery] page and Clicking on [Edit]

That loads a additional form to the frame at the bottom where you can input more information to configure the Discovery task.

There are a lot of optional bits you can configure, but the important ones are an [ IP address ] and a [ Credential ]. Clicking on [ Credential ] lets you enter in information to authenticate a query from the SIM to the target for a particular protocol.

The default "Credential" page hides a lot of the details --  I usually click on the "hard to see"  [  Show advanced protocol credentials  ] and the tabs then usually make sense.

As a matter of history -- SNMP was one of the first Network Management protocols and uses a "Community" string for a password, originally meant for LAN management "only" it flings the password across the network in plain text. SNMPv1 was the original version, followed by SNMPv2 which attempted to secure the password better and provide access restrictions with different "views" on the end point Management Information Base (MIB or database schema). SNMPv2c was a watered down version which relaxed some requirements and became more widely adopted. SNMPv3 may be the last version which brought the most change and isn't well supported by many computers and network devices.

WBEM was an effort to bundle the same things under new "management" (sic) and brought a new Common Information Model (CIM) database schema per computer/device and a WSMAN effort to handle accessing data and performing tasks on a computer or network device.

All of these protocols potentially have different requirements for authentication or "passwords" and thats what the credentials tabs are all about, providing those credentials - so that when the Discovery task tries to use those against a target it can access the target.

Saving the changes concludes configuring the Discovery task and it can then be "scheduled" -- which I almost never do -- or "Run"

The view changes to that of "Task Results" and updates as the Discovery task progresses, informing the user of the success or failure of playing "20 questions" with the computer/device in an attempt to Identify and classify the end point, so that it can put it into a "Collection".