May 2007


This whitepaper looks at the role of SNMP (Simple Network Management Protocol) in managing systems using Isode's messaging and directory servers. It explains why SNMP support is provided, the sub-agent architecture used by Isode products, and approaches to deploying SNMP monitoring.

Creative Commons License

Goals of Isode Monitoring & Management Tools

Isode provides a number of GUI tools, such as MConsole (Message Console) shown below to enable sophisticated monitoring and control of the Isode server products. These Isode GUI tools have three basic roles:

  1. To enable monitoring of the Isode servers.
  2. After a problem has been flagged, to help identify the details of the problem and its cause, and to enable appropriate configuration, parameter changes where needed.
  3. To enable the operator to view events, both errors and informational.



Operator Requirements and SNMP

For many deployments, it is important that a system operator watches the Isode servers to ensure correct operation and to rapidly respond to any problems. Isode's own tools are appropriate for this task, particularly where an operator is dedicated to the Isode servers.

In most deployments, where problems in one component (e.g., a network failure) will have effects on others, an operator will be expected to monitor many applications, servers and network components. Using a different monitoring system for each component is problematic, as:

  1. Each monitoring application is different.
  2. There is a real problem in managing "screen real estate".

The solution to this is to use a general purpose monitoring tool. The most popular tools make use of the Internet Standard SNMP (Simple Network Monitoring Protocol), which is supported by many network components and applications. A wide range of Management Consoles, such as HP Openview, use SNMP.

Isode does not use SNMP in its own management tools as SNMP does not provide appropriate functionality. Isode provides SNMP capabilities to integrate with third party monitoring tools. The key goal is to enable operators to be rapidly made aware of any problems. Isode tools can then be used for detailed diagnosis and problem resolution.

Isode's SNMP Architecture

Isode's SNMP approach supports monitoring and events. These are described separately, as they relate to the same processes with different information flow.

SNMP Monitoring

Isode's SNMP Architecture

SNMP Monitoring works by the Management Console using SNMP to query an SNMP agent to retrieve information on the managed applications. The Management Console then presents this information to the operator, drawing operator attention to general system status and to problems.

Isode uses as sub-agent model for support of SNMP. This works by having a single Master Agent on a server, that will respond to external queries. Then the master agent interacts with sub-agents associated with each of the monitored servers. This enables the Management Console to get information from the application. Isode uses the Internet Standard AgentX protocol (RFC 2741) to communicate between the master agent and sub-agent. Full sub-agent and AgentX support is included with the Isode servers.

AgentX is widely supported by SNMP master agents, and the standard SNMP agent on most Unix platforms supports AgentX. For other platforms, Isode recommends the widely used Net-SNMP master agent. On Windows, the Net-SNMP master agent will support Windows sub-agents (using a Windows API) and will also support the Windows master agent as a sub-agent (using SNMPv2c).

There are a number of benefits to using a sub-agent architecture:

  • SNMP functionality in the subagent only needs to deal with application specific information.
  • Communication to the master agent with a single standard protocol reduces application monitoring complexity, and thus increases performance and resilience.
  • Support of various SNMP versions and SNMP security can be handled by the master agent. A good master agent should support SNMPv1, SNMPv2, SNMPv2c and SNMPv3.
  • Many Management Consoles can only handle a single SNMP agent on one IP address, and use of a master agent is key to supporting this.
  • Isode subagents are tightly integrated with the application primary process. This gives efficient access to management information and highly resilient reporting of any server failure. In the event of a server crash, the tightly coupled subagent will also fail, and this will be detected by the master agent.

Event Monitoring

All Isode server products and management tools support Isode’s event system, which defines events of varying severity, and provides multiple channels for sending event (file, syslog, Windows event). This is described in the Isode white paper Operational Monitoring and Control of Systems using Isode Servers.

A configurable selection of Isode events may be sent over protocol by any Isode process to an Isode Server Watch Daemon. The Server Watch Daemon may be on a remote system, and there may be multiple Server Watch Daemons on one server. The Server Watch Daemon performs a number of functions:

  1. It can use file based logging, to provide a central mechanism for event logging.
  2. It can send each event by email to a configured recipient (planned).
  3. It can send each event by XMPP to a configured Instant Messaging recipient (planned).
  4. It will store a configurable length history of events received.
  5. It will make the events available by SNMP using the AgentX protocol to communicate with the master agent.

The SNMP support enables an SNMP Management Console to examine recent Isode events. SNMP NOTIFICATIONS, commonly referred to as TRAPs are supported, so that any Management Console that registers for NOTIFICATIONS will receive one when a new Isode event arrives at the Server Watch Daemon.

Isode MIB Support

The SNMP framework enables monitoring of an enormous variety of network components and applications by use of the MIB (Management Information Base) concept. A MIB defines the variables that are available in the application to be monitored using SNMP. A MIB provides a list of variables and tables, that look complex at first sight, but are generally a quite logical representation of useful information. There are three Internet Standard MIBs of particular importance to Isode, that are collectively known as the MADMAN (Mail And Directory MANagement) MIBs. These are:

  1. Network Services Monitoring MIB (RFC 2788) defines a generic MIB that is appropriate to any application that can make a network connection. It provides information on the basic application status, and information on active connections, including how long the connection has been running and the protocol. Isode supports this MIB for all of its server products: M-Switch, M-Vault, M-Box, and M-Store X.400. This MIB provides basic status and network information, which is supplemented by two specific MIBs.
  2. Mail Monitoring MIB (RFC 2789) defines additional information for a message switch. This includes information on messages queued, and historical information on messages transferred in and out over various channels. This MIB is implemented in Isode's M-Switch product.
  3. Directory Server Monitoring MIB (RFC 2605) defines additional information for a directory server, and in particular information on the various directory operations performed, so that directory operation rate and performance can be monitored. This MIB is implemented in Isode’s M-Vault product.

There is also an Isode MIB used by the Server Watch Daemon, to hold information on Isode events.

MIBs contain much detailed information. This can be understood by reading the MIB definitions Isode’s implementation can be observed using a MIB Browser, that simply connects with SNMP to examine the MIB contents, and interpret them in terms of the MIB definitions. MIBs are defined in a standard format, and a management console will usually import these to help render the information in a useful manner. Isode recommends the Unbrowse MIB browser, available from as shown below browsing the Directory MIB.

Management Console & Web Integration

Isode's SNMP support provides straightforward integration with Management Consoles, such as HP OpenView (below), enabling a network operator to have detailed information on status and performance of the Isode servers. This type of system will enable flexible monitoring, giving a variety of views and information.


While this will be ideal for larger systems, there are some deployments where a simpler cross application and network type of monitoring is needed. A useful way to achieve this is to use a Web to SNMP tool. There are a variety of these available, and one recommended by Isode is Cacti.This can be used to display key performance information enabling "at a glance" checking of the general health of multiple components.

In the image below Cacti is displaying information from M-Switch, running at Isode's Head Office in Hampton.



This paper has given an overview of Isode's SNMP architecture, and how it can be used to support basic monitoring using a Web interface, and general purpose integration with Management Consoles such as HP Openview.