470 likes | 1.25k Views
Network Management Basics. Network management requirements OSI Management Functional Areas Network monitoring: performance, fault, accounting Network control: configuration, security Standardization in network management Practical issue: introduction to SNMP. Network Management Requirements.
E N D
Network ManagementBasics • Network management requirements • OSI Management Functional Areas • Network monitoring: performance, fault, accounting • Network control: configuration, security • Standardization in network management • Practical issue: introduction to SNMP
Network ManagementRequirements Example of approach • Controlling strategic assets • Controlling complexity • Improving service • Balancing various needs: performance, availability, security, cost • Reducing downtime • Controlling costs
Network ManagementOSI functional areas • Fault management • Detect the fault • Determine exactly where the fault is • Isolate the rest of the network from the failure so that it can continue to function • Reconfigure or modify the network in such a way as to minimize the impact • Repair or replace the failed components • Tests: connectivity, data integrity, response-time, ….
Network ManagementOSI functional areas • Fault management • Monitoring network and system state. • Responding and reacting to alarms. • Diagnosing fault causes (i.e., fault isolation and root-cause analysis). • Establishing error propagation. • Introducing and checking error recovery measures (i.e., testing and • verification). • Operating trouble ticket systems. • Providing assistance to users (user help desk). • Self-identification of system components. • Separate testability of components.
Network ManagementOSI functional areas • Fault management The following technical capabilities and important aids for fault management can assist in fault analysis: • Self-identification of system components. • Separate testability of components. • Trace facility (i.e., keeping records of switched message traffic or labeling messages • for the purpose of traceability or special compatibility reports). • Error logs. • Message echoes at all protocol layers (i.e., at transmission links and on an endto- end basis), such as “heartbeat” or “keep alive” messages that detect failure. • Retrieval possibilities for memory dumps. • Start possibilities (which can also be initiated and monitored centrally) for selftest.
Network ManagementOSI functional areas • Fault management • ping and trace route analysis of network reachability. • Triggering of planned resets and restarts (directed to specific ports, port groups,and components). • Availability of special test systems (e.g. interface checkers, protocol analyzers, hardware monitors for line supervision). • Support of filter mechanisms for fault messages or alarms and event
Network ManagementOSI functional classification • Performance management: • What is the level of capacity utilization? • Is there excessive traffic? • Has throughput been reduced to unacceptable levels? • Are there bottlenecks? • Is response time increasing? • Indicators: availability, response time, accuracy service throughput, utilization efficiency
Network ManagementOSI functional classification • Performance management: • Vertical QOS mapping (e.g. speech quality) • Horizontal QOS mapping (e.g. protocols) • Establishing QoS parameters and metrics. • Monitoring all resources for performance bottlenecks and threshold crossings. • Carrying out measurements and trend analysis to predict failure before it occurs. • Evaluating history logs (i.e., records on system activity, error files). • Processing measurement data and compiling performance reports. • Carrying out performance and capacity planning. • Description of reactions to changes of the QoS parameters mentioned earlier.
Network ManagementOSI functional classification • Configuration and Name Management: • A description of a distributed system • The process of configuration • Installation of new hardware/software • Tracking changes in control configuration • Who, what and why? - network topology • User interface of the configurator • Location of configuration • Storage of configuration • Validity of configuration • The result of a configuration process
Network ManagementOSI functional classification • Configuration and Name Management: • Revert/undo changes • Change management • Configuration audit • Does it do what was intended • Tools for Configuration Management
Network Management OSI functional classification • Security management • Passive attacks: theft of information (passwords, etc.). • Active attacks: masquerades (i.e., users pretending to be someone else, or • repeating, giving priority to or delaying message; (unauthorized access, viruses, Trojan horses, denial-of-service attacks). • Malfunctioning of resources. • Faulty or inappropriate behavior and incorrect response operation. • Security services: generating, distributing, storing of encryption keys for services • Exception alarm generation, detection of problems • Backups, data security • Security logging
Network Management OSI functional classification • Break down of security management tasks • Conducting threat analyses. • Defining and enforcing security policies. • Checking identity (authentication based on signatures, certificates). • Carrying out and enforcing access controls. • Guaranteeing confidentiality (encryption). • Ensuring data integrity (message authentication). • Monitoring systems to prevent threats to security. • Reporting on security status and violations or attempted violations.
Network ManagementOSI functional classification • Accounting management • Identifying consumers and suppliers of network resources - users and groups • Mapping network resources consumption to customer identity • Billing
Organizational Aspects of Management • Specifying interfaces between domains to enable the exchange of management • information and the invocation of management actions. • Planning and establishing a management infrastructure. • defining procedures for implementing the management processes • the tool functionality required. • Establishing an operational and organizational structure for carrying out management.
Organizational Aspects of Management • Organizational structure of a particular company (teams, groups, • departments, operating areas). • Geographical conditions (country, location, campus, building). • Business areas. • Data processing–related aspects (e.g., LAN/WAN, central/distributed DP) • Types of resources (hardware, system software, applications software, data, operating materials, premises, technical infrastructure).
Management Information • Manager • Agent • Management Agent • Establishing a Common Terminology Between Manager and Agent • Same meaning of objects and term
Management Information • Management information base • The Managed Device as a Conceptual Data Store • The MIB is not the same as a database • One kind of information • One aspect • Physical aspect • Logical aspect • Manager can manipulate the information in MIB • Managed object (MO) • Real resource
Management Information • Categories of Management Information • State information • current state of physical and logical resources • current alarm conditions • Current CPU load, and utilization of bandwidth and memory. • Physical configuration information • device type • physical configuration in terms of cards and available ports • MAC addresses • configuration information changes only rarely • Stored
Management Information • Categories of Management Information • Logical configuration information • IP addresses • telephone numbers • logical interfaces • can be changed by management applications and administrators • startup configuration information • transient configuration information
Management Information • Categories of Management Information • Historical information • This includes historical snapshots of performance-related state • It is not the part of MIB • It is simply “data” that is stored at the device The Difference Between a MIB and a Database • Footprint • general-purpose processing capabilities. • Specific management requirements • Real effects • Real world resource • Characteristics of the contained data
Management Information • Categories of Management Information • The Relationship Between MIBs and Management Protocols • SNMP • Structure of Management Information (SMI) • MIB does not depend on any particular management protocol • HTML • Protocol is depended on MIB
Network Management Some ideas • Managed objects: functions provided by the network • Element Management Systems (EMS): managing a specific portion of the network (may manage async lines, multiplexers, routers) • Managers of Manager Systems (MoM): integrate together information from several EMS
Network Management Standards • Internet approach: Simple Network Management Protocol (SNMP, secure SNMP, SNMP v2) • OSI approach: CMIP - common management information protocol, CMIS - common management information service (user interface) We concentrate on SNMP
Network Management Proprietary solutions • The world of Microsoft PC software:Windows NT + several (or hundreds) of PCs with Windows 95 (98??) • Solution: Microsoft SMS software:full control over workstations (Windows95) from central NT serversoftware configuration, updates, full inventory • NT world - incorporates SNMP mechanisms