300 likes | 423 Views
Keeping Tabs on Your Network. Rich Brown Dartware, LLC 20 May 2005. First, a Horror Story Types of Management Tools What is SNMP? Dartmouth’s Net Management InterMapper demo Questions. A Horror Story. What happened… How could it have been prevented?. What is Network Management?.
E N D
Keeping Tabs on Your Network • Rich Brown • Dartware, LLC • 20 May 2005 First, a Horror Story Types of Management Tools What is SNMP? Dartmouth’s Net Management InterMapper demo Questions
A Horror Story • What happened… • How could it have been prevented?
What is Network Management? • A set of tools that: • Help you know what’s happening in your net • Help you administer your network • Make you look good with your customers... • By actually doing a good job
Network Management System E-mail, Pagers & Sounds Web Pages/ Remote Views Strip Charts Diagram of the network Log Files Servers Routers & Switches Wireless gear Environmental Sensors Power Systems Monitoring System
Types of Management Tools • Fault Management • Configuration Management • Security Management • Performance Management • Accounting Management • Asset Management • Planning Management • Content Management
What is SNMP? • SNMP is a protocol (set of rules) for conveying management or status information from devices such as servers, workstations, routers, switches, radios and other gear to a management station. • Two ways to get data from a device • Management station “pulls” data from a device being tested (the SNMP Agent) • Agent “pushes” a trap to the management station • The data values are defined by a MIB
What’s a MIB? • “Management Information Base” • MIB defines the kinds of data a device tracks • MIBs for various devices • Router or Switch: traffic (packet & byte counts) & error counts (receive, transmit, discards, etc) • Web Server MIB shows pages served, 404s, 401s, etc. • Mail Server MIB shows messages processed, queue lengths • Environmental sensors: temperatures, switch closures, water on floor, door alarm, others • Typical Radio MIB: RSL, BER, number of subscribers, bandwidth, inside/outside temperature, etc.
What’s an OID? • “Object Identifier” • The “name” of the variable • Always starts with 1.3.6.1… • 1.3.6.1.2.1… for standardized MIBs • 1.3.6.1.4.1… for vendor specific MIBs
Four Basic SNMP Operations • Get • Retrieves the value of a MIB variable stored on the agent machine (gauge, counter, string, or address of another MIB variable) • GetNext • Retrieves the value of the “next” MIB variable • Set • Changes the value of a MIB variable • Trap • An unsolicited notification sent by an agent to a management application (typically a notification of something unexpected, like an error)
Traps • Traps are unsolicited reports that are sent to a management system by an SNMP agent process • When an interesting event occurs, an agent generates a trap message and sends it to a designated network address • Many events can be configured to signal a trap, like a network cable fault, failing NNIC of hard drive, a general protection fault, or a power supply failure
Ports & UDP • SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages • Like FTP, SNMP uses two well-known ports to operate: • UDP Port 161 SNMP Get/Set Messages • UDP Port 162 SNMP Trap Messages
Advantages of using SNMP • Standardized • Widely supported by many vendors • Distributed management access • Lightweight protocol
SNMP Management Solutions • Open Source • Nagios, Big Brother, MRTG, perl scripts • Commercial SMB • InterMapper, WhatsUp Gold, IPMonitor • Commercial Enterprise • OpenView, Tivoli, Unicenter, BMC Patrol
Dartmouth’s Net Management • A variety of tools... • InterMapper • Aruba wireless monitoring tools • Spam filtering • NAT for entire campus
InterMapper Demo • InterMapper is a fault management tool • Monitors network equipment and servers 24x7 to alert the manager about troubles • Some performance management tools • Get a demo from http://www.intermapper.com
Questions • Ask now, or e-mail me • Rich.Brown@dartware.com
Bonus Slides • These slides didn’t fit into the presentation, but we kept them for your information...
Why is it Important? • To give Good Service and be professional • A management system helps you to: • Know about problems before the phone rings • Know how your network’s configured—documentation • Know how your network is operating • Know about network limits before you hit the wall • You can start small • Fault and Performance Management are critical • Implement other tools as your network grows
Types of Network Management • Fault Management: Reactive and proactive network fault management • Performance Management: Number of packets dropped, timeouts, collisions, CRC errors, response times • Configuration Management: Inventory, configuration, provisioning • Planning Management: Analysis of trends to help justify a network upgrade or a bandwidth increase • Security Management: SNMP doesn't provide much here • Accounting Management: Cost management and chargeback assessment • Asset Management: Statistics of equipment, facility and administration personnel
Benefits of using SNMP • Vendor Neutral Tools for Monitoring • Universal Support • Monitor lots of interesting information
Client Pull & Server Push • SNMP is a client “pull” model • The management system (client) “pulls” data from the agent (server) • SNMP also provides “server push” model • The agent (server) “pushes” out a trap message to a (client) management system
Fault Management • Discover that a problem exists • Notify the responsible parties • Isolate the problem; show what is working • Possibly fix the problem
Configuration Management • Configure critical devices consistently • e.g. Routers and Servers • Take inventory of important software on workstations • Update computers automatically
Security Management • Controlling access to information on the network • Setting up accounts; testing passwords • Firewalls & Intrusion Detection Systems
Performance Management • Collecting and analyzing data about use • Setting thresholds for alarms • Simulating alternatives to find maximum performance • Study trends and make predictions
Accounting Management • Tracking individual or group use of network resources • Billing for use • Controlling use of network
Stand-alone vs. Platform • Stand-alone programs solve specific problems; can be well-targeted and inexpensive; usually are easy to set up; but often duplicate notification, logging, databases, etc. • Platforms provide base services plus plug-in modules; unified notifications, logging, databases; but can be very expensive to buy and hard to set up
Which ones do I need? • Everyone needs security management tools: at least a firewall and access control • This will become true at your home when you get cable modem or DSL service • Fault management tools give timely warnings • For the other tools, it depends…