320 likes | 354 Views
CIS - 516 ENTERPRISE NETWORK MANAGEMENT Chapter 1 Large Enterprise Networks Hao Nguyen Jan 2005. Managing Enterprise Networks The necessary minimal components required for making a system manageable are: MBIs Agents/entities-host on network devices to provide management
E N D
CIS - 516 ENTERPRISE NETWORK MANAGEMENT Chapter 1 Large Enterprise Networks Hao Nguyen Jan 2005
Managing Enterprise Networks • The necessary minimal components required for making a system manageable are: • MBIs • Agents/entities-host on network devices to provide management facilities • Scripts for manipulating MIB objects • Java/C/C++ software modules for manipulating MIB objects • MIBs provide a detailed description of the managed data objects. Typically, the description of each MIB object consist off: • Accessibility (read-only, read write, not-accessible) • Status (mandatory, deprecated) • Description
Managing Enterprise Networks (cont.) • Agents (or entities in SNMPv3) are software components that implement the MIB and map the objects to real data on the NE, provide the managed object definitions for underlying systems: • Serial interfaces • Serial interface attributes such as bit rate, word size, and parity • IP address • Standards based consolidation of management systems can help enterprises to achieve the following: • Fewer and simpler user interfaces for managing network systems • Reduction in the time required for IT staff training • Faster resolution of NEs problems, such as switch interface • congestion
Manageability • For the number of reasons, not all NEs lend themselves to flexible, integrated, centralized management. This tend to add to the cost of ownership and arises for range of reasons: • The NE is a legacy device with proprietary management • infrastructure • The NE implements only SNMPv1 with support for set operations • The NE implements only SNMPv1 without support for set (a set • operations is an update to a network-resident manage object • operations) • The NE supports SNMPv3, but it has been poorly implemented • The NE supports SNMP3 but has a number of low quality MIB • modules • An NE is considered to have good manageability if it supports a • well implemented SNMPv3 agent and a high-quality MIB
Operating and Managing Large Networks • Some important aspects of enterprise network management are: • Availability of NEs, interfaces, links, and services • Discovery and inventory management • Monitoring the status of NEs, interfaces, links, virtual circuits, • VLANs, and so on • Measuring traffic levels and checking for network congestion • Configuration – VLAN setup, SAN volume setup,storage • allocations, remote control software • Service level agreement (SLA) reporting, SLA verification • between an enterprise and SP • Security control – resistance to attacks from both sides of the • firewall • Scalability – handling increased numbers of users, traffic, NEs, • Disaster recovery
Layers 2, 3, and 2.5 • The primary protocols that SNMP implements are the • User Datagram Protocol (UDP) and the • Internet Protocol (IP).SNMP also requires Data Link • Layer protocols such as Ethernet or TokenRing to • implement the communication channel from the • management to the managed agent. • Layer 2 and VLANs • Layer 2 network that is logically divided in to VLANs
Layers 2, 3, and 2.5 (cont.) • The layer 2 technology has the following general characteristics: • Path through the network can be resered either manually (by using • ATM PVCs or MPLS LSPs) or using signaling (such as ATM • PNNI, MPS LDP/RSVP-TE). • Path can be assigned different class of service, a crucial • component for SLAs. • Layer 2 forwarding is fast because address can be looked up with • hardware assistance. This is no longer an advantage of layer 2 • devices because line-rate forwarding is now also possible with • layer 3 devices (., routers) • ATM layer 2 forwarding allows for traffic policing where contract • non-complaint cells can be tagged or dropped • DiffServ, policing and shaping are also available at layer 3
Layers 2, 3, and 2.5 (cont.) • Layer 3 • An IP network with an intermediate WAN that crosses an SP • network • Layer 2.5 (or Sub-IP) • MPLS operates at what is often called layer 2.5, that is, not • quite layer 3 but also higher than layer 2 • MPLS can also be deployed on router and brings numerous • benefits to IP networks • VoIP traffic would need a higher class of service than email traffic • Traditional IP routing protocols, such as OSPF, IS-IS, and BGP4 • Traffic engineering becomes possible. This help a void congested
Port and Interface • Interfaces some times referred to as logical ports • Routing such as OSPF, IS-IS, BGB-4 • Signaling, such as RSVP-TE and LDP • MPLS • IP
Why use Network Management? • There are a number of reason why network management is a crucial • enterprise and SP component • NEs don’t tend to have an over view of an entire network; • management systems do • An IMS maintains useful records and audit trails of past • configuration actions • If NEs don’t support SNMP, then and NMS can facilitate a • superior CLI • NMS can facilitate network wide service like traffic engineering, • QoS, planning, modeling, and backup/restore
Why Use Network Management? (cont.) • NMS enable fast access to faults. Some network faults can be • meaning fully processed only by an NMS • NMS assist in rebalancing networks after new hardware is add • Management system can provide network wide object support • for service profile
What Is Network Management? • Network management provides the means to keep network up • and running in as orderly a fashion as possible. Broadly speaking • the functional area required for effective network management are: • Fault • Configuration • Accounting • Performance • Security • The above points describe what we are known as the OSI • functional areas of network management, FCAPS
Who Produces Network Management Software? • Equipment vendors such as Cisco, Nortel, Hewlett-Packard, • and Alcatel generally provide SNMP agent on their device, • separately purchased, integrated management systems are also • available from these and many other organizations • These management systems typically run on UNIX • or Windows NT/2K platform and feature GUIs, and fairly • extensive FCAPS facilities
The Management System Pyramid • OSS • NMS • EMS OSS NMS EMS
Other Management Technology • Microsoft Systems Management Server (SMS) • Telnet-base menu systems • Series link-based menu systems • Desktop Management Interface (DMI)
Network Convergence and Aggregate Objects • From a network management perspective, VLANs are aggregate • object make up of: • Switches • Ports, MAC addresses, IEEE 802.1Q VLAN Ids • Links between separate VLANs • Use the term notification to mean any one of three different • things • Events • Faults • Alarms
SNMP: The De Facto Network Management Standard • The principal components of SNMP are: • Agent • Managers • MIBs • A communications protocol • SNMP Facilitates the Exchange of Network Information Between Devices
The SNMP Agent • SNMP agent are the entities that reside on manage devices. • Agent are the workhorses of management and provide the • following functionality: • Implementing and maintaining MIB objects • Responding to management operations such as requests • Generating notifications, both traps (acknowledged) and • informs (acknowledged) • Implementing security – SNMPv1 and SNMPv2 support • community-base security with clear-text passwords; • stronger security (authentication and encryption) is avaiable • with SNMPv3 • Setting the access policy for external managers
The SNMP Agent (cont.) • SNMPv3 also provides an access control framework, which • consists of: • MIB view • Access mode to managed objects either READ-ONLY or • READ-WRITE. A READ-ONLY • SNMP can be hosted on almost any computing device • Windows NT/2K machines • UNIX hosts • Novell NetWare workstations and servers • Many network devices, including hubs, router, switches, etc.
The SNMP Agent (cont.) • The agent listens on UDP port 161
The SNMP Agent (cont.) An SNMP-Managed Network Consists of Managed Devices, Agents, and NMSs
The SNMP Manager • SNMP managers are the entities that interact with the agent • Getting and setting the values of MBI objects instances • on agent • Receiving notifications from agents • Exchanging messages with other managers • Various mechanisms for accessing the EMS are allow including: • Series • Telnet • SNMP
The SNMP Manager (cont.) • Facilities offered by management systems are: • FCAP • A centralized database • Reporting • Support for many simultaneous client users • Topology discovery • A full featured, multilevel GUI representing the managed • network
The MBI • SNMP MIB Tables • The SNMPv1 SMI defines highly structured tables that are • used to group the instances of a tabular object • (that is, an object that contains multiple variables). • Tables are composed of zero or more rows, which are indexed • in a way that allows SNMP to retrieve or alter an entire row • with a single Get, GetNext, or Set command. • MIB Object Attributes • Syntax • Max-Access • Status
Criteria and Philosophy for standardized MIB • Objects have to be uniquely named • Objects have to be essential • Abstract structure of the MIB needed to be universal • For the standard MIB maintain only a small number of objects • Allow for private extensions • Object must be general and not too device dependant • Objects can not be easily derivable from their objects • If agent is to be SNMP manageable then it is mandatory • to implement the Internet MIB
SNPM Protocol Data Units (PDU) • Each SNMP message has the format • Version Number • Community Name - kind of a password • One or more SNMP PDUs - assuming trivial authentication
Summary The Simple Network Management Protocol has become the de facto standard for internetwork management. Because it is a simple solution, requiring little code to implement, vendors can easily build SNMP agents to their products. SNMP is extensible, allowing vendors to easily add network management functions to their existing products. SNMP also separates the management architecture from the architecture of the hardware devices, which broadens the base of multivendor support. Perhaps most important, unlike other so-called standards,SNMP is not a mere paper specification, but an implementation that is widely available today. END