Understand Network Management Protocols ——SNMP, NETCONF, RESTCONF
Updated at Feb 10th 20241 min read
The Overview of SNMP, NETCONF, RESTCONF
As the challenges of configuring network devices with traditional CLI continue to increase, network management protocols have emerged. Network management is an important component of modern IT operations and service delivery. Over time, as networks grow, new applications and services are added. In order to better deal with the various needs of complex networks, we need to understand different network management protocols to ensure the stability and reliability of the network.
Basic concepts of SNMP, NETCONF, RESTCONF
NETCONF (Network Configuration Protocol) and RESTCONF are modern network management protocols designed to offer better security and functionality than their older counterpart, SNMP (Simple Network Management Protocol). The following will explain the concepts of the three separately.
What is SNMP ?
SNMP is a network management oriented protocol that was designed early on to manage TCP/IP networks. Its simplicity and scalability make it a standard management protocol for many network devices, allowing network administrators to manage and monitor the performance, configuration, and health of devices on the network. There are currently three versions of SNMP:
SNMP v1: The first version, which communicates with managed devices in plaintext. It supports three interaction modes: read-only, read-write, and trap.
SNMP v2: Introduces improvements in performance, security, and communication methods between devices.
SNMP v3: Enhances security with stronger authentication mechanisms and additional security features.
What is NETCONF ?
NETCONF is an XML-based network configuration protocol. It provides a structured way to manage devices and opens the API interface, which can realize programmable network operations and solve some shortcomings of SNMP in configuration management.
What is RESTCONF ?
RESTCONF is a network management protocol based on a RESTful architecture that uses the HTTP protocol for communication. RESTCONF is designed to be simple and easy to use, while taking advantage of RESTful features such as statelessness and uniform resource identification.
How Does SNMP, NETCONF, RESTCONF Work?
The first step in network management is collecting information from the network that is being managed. The information comes from network devices, such as routers, switches and wireless access points. Data can also be collected via software-based agents in a virtual or cloud service that provides visibility into network and application data traffic flows. There are different working principles of network management protocols to deal with the various needs of complex networks:
SNMP
The SNMP protocol operates through communication between a central management station and managed agents. The SNMP manager retrieves information or sends control commands via SNMP messages. The key components of this process include:
SNMP Manager: Oversees multiple devices within a network, performing read and write operations to manage them.
SNMP Agent: Runs on network devices and typically requires manual activation. Acting as the SNMP agent, it processes requests from the SNMP manager, executes the necessary configurations, and returns a response with the results.
SNMP MIB (Management Information Base): Defines and organizes the managed resources on a device. The SNMP manager and agent communicate using the structured data within the MIB.
NETCONF
NETCONF follows a client-server architecture, using Remote Procedure Calls (RPC) for communication between the client and server. The client can be a Python script or an application, while the server typically refers to a network device. The key components of a NETCONF implementation include:
NETCONF Agent: Runs on the network device, handling incoming RPC requests and proactively sending notifications for critical events.
NETCONF Client: Manages network devices using the NETCONF protocol and receives alerts from the agent.
Datastore: NETCONF defines multiple types of datastores, each storing device configurations and states at different operational stages.
RESTCONF
The RESTCONF protocol is built on top of NETCONF, leveraging a RESTful API approach to update and modify network configurations while using HTTP for communication.

SNMP vs NETCONF vs RESTCONF: Differences
Each of these three protocols has its own unique features and use cases. SNMP is a more traditional protocol that monitors and manages devices through MIB. NETCONF is an XML-based protocol that provides a structured approach to configuration management. RESTCONF, on the other hand, adopts a RESTful architecture and utilizes HTTP, making it more aligned with modern web development practices. Here are the key differences among them:
Data Modeling
Protocol | Data Modeling Language | Transmission Format | Features |
SNMP | MIB | - | Poor compatibility, MIB libraries are chaotic, requiring the definition of private MIB libraries |
NETCONF | YANG | XML | Higher usability, scalability, and flexibility, making management more efficient |
RESTCONF | YANG | XML/JSON | More lightweight, better readability, and well-suited for the web development ecosystem |
Security Features
Protocol | Authentication & Encryption | Granular Access Control | Other Security Features |
SNMP | - v1/v2c lacks encryption
- v3 supports authentication and encryption | Basic access control | v1/v2c is vulnerable to eavesdropping and unauthorized access attacks |
NETCONF | SSH/TLS encryption, providing stronger encryption and authentication mechanisms | NACM (Network Configuration Access Control Model) | Supports atomic transactions and error rollback |
RESTCONF | HTTPS encryption, offering stronger encryption and authentication mechanisms | RBAC (Role-Based Access Control) | Naturally aligns with web security standards |
Application scenario
Protocol | Typical Application Scenarios |
SNMP | Device monitoring: CPU, memory, interface status
Fault detection: Real-time alerts via Trap messages |
NETCONF | Configuration updates: Static routes, ACLs, etc.
Device status queries: GET operation |
RESTCONF | (Web application integration: HTTP/JSON
Cloud platform automation: Integration with cloud-native toolchains |
Conclusion
In conclusion, SNMP, NETCONF, and RESTCONF operate based on specific protocols and communication models. SNMP is still widely used for its simplicity and compatibility with older network devices, but the security benefits of NETCONF and RESTCONF make them more suitable for modern network management.
The choice of protocol depends on factors such as the network environment, requirements, and preference for automation and modern standards. PicOS® data center switches support SNMP, sFlow, and gNMI, providing comprehensive network visibility. They also offer a wide range of standardized programmable interfaces and automation tools, such as Ansible, OpenFlow, and NETCONF, to enable automated and flexible network configuration, simplifying IT network operations.