Chapter 19: Network Management Business Data Communications, 4e
Network Management Requirements
Configuration and Name Management
A fault is an abnormal condition that requires management attention (or action) to repair
Fault is usually indicated by failure to operate correctly or by excessive errors
Users expect quick and reliable resolution
Reasons for accounting management:
Internal chargebacks on network use
User(s) may be abusing access privileges and burdening the network at the expense of other users
Users may be making inefficient use of the network
The network manager is in a better position to plan for network growth if user activity is known in sufficient detail.
initializing a network and grace-fully shutting down part or all of the network
maintaining, adding, and updating the relationships among components and the status of components themselves during network operation
Issues of concern to the network manager include:
What is the level of capacity utilization?
Is there excessive traffic?
Has throughput been reduced to unacceptable levels?
Are there bottlenecks?
Is response time increasing?
Network managers need performance statistics to help them plan, manage, and maintain large networks
generating, distributing, and storing encryption keys
monitoring and controlling access to networks
access to all or part of the network management information
collection, storage, and examination of audit records and security logs
Network Management Systems
Collection of tools for network monitoring and control, integrated in these ways:
A single user-friendly operator interface for performing most or all network management tasks
A minimal amount of separate equipment
consists of incremental hardware and software additions implemented among existing network components
Network Management System Architecture
Components of the NMS
All nodes run the Network Management Entity (NME) software
Network control host or manager runs the Network Management Application (NMA)
Other nodes are considered agents
Network Monitoring Systems
Simple Network Management Protocol (SNMP)
Designed in the mid-1980's as an answer to the communication problems between different types of networks.
Consists of a simply composed set of network communication specifications that cover all the basics of network management in a method that poses little stress on an existing network.
Each SNMP device (router, gateway, server) has an agent that collects information about itself and the message it processes, and stores that information in a database called the management information base (MIB) .
Role of SNMP
Transmission of a message
Receipt of a message
The network management software has access to these MIBs. A network manager can use this software to send control messages to individual devices or groups of devices asking them to report the information stored in their MIB.
Network information is exchanged through the messages called protocol data units (PDU's). The PDU can be looked at as an object that contains variables that have both titles and values.
Five types of PDU's employed to monitor a network:
two deal with reading terminal data,
two deal with setting terminal data,
and one, the trap, is used for monitoring network events such as terminal start-ups or shut-downs.
To see if a terminal is attached to the network, a user uses SNMP to send out a read PDU to that terminal.
If the terminal was attached to the network, the user would receive back the PDU, it's value being "yes, the terminal is attached".
If the terminal was shut off, the user would receive a packet informing them of the shutdown.
Released in 1992, revised in 1996
Addressed functional deficiencies in SNMP
Accommodates decentralized network management
Improves efficiency of data transfer
Released in 1998, addressed security deficiencies in SNMP and SNMPv2
Does not provide a complete SNMP capability; defines an overall SNMP architecture and a set of security capabilities for use with SNMPv2
Provides three important services: authentication, privacy, and access control
Common Management Interface Protocol (CMIP)
CMIP was designed to build on SNMP by making up for SNMP's shortcomings and becoming a bigger, more detailed network manager. Its basic design is similar to SNMP, whereby PDU's are employed as variables to monitor a network. CMIP however contains 11 types of PDU's.
The biggest feature of the CMIP protocol is that its variables not only relay information to and from the terminal (as in SNMP), but they can also be used to perform tasks that would be impossible under SNMP.
Problem: Too wonderful to be implemented.
Remote Monitoring ( RMON )
A standard that provides managers with real-time network and application data for LANs.
The major benefits of RMON:
Powerful Monitoring and Analysis
Historical Trending of the Local Segment
Traditional Protocol Decode Functions
Centralized Monitoring of Remote Sites
Event Creation on Reaching Predefined Thresholds
RMON is supported by SNMP
Newer version is RMON2
How RMON Works
Enables MIB information to be stored on the device itself or on distributed RMON probes that store MIB information closer to the devices that generate it.
No transmission from MIB to the central server until requesting the data.
RMON reduces network traffic.
*RMON and RMON2
*Multi-Router Traffic Grapher ( MRTG )
MRTG is a tool to monitor the traffic load on network-links.
MRTG generates HTML pages containing GIF images which provide a LIVE visual representation of this traffic.
MRTG is based on Perl and C and works under UNIX and Windows NT.
MRTG is being successfully used on many sites around the net. ( MRTG-Site-Map ).
Precision Guesswork's LANWatch32 Network Analyzer for Windows 95/NT is a software solution targeting the complex task of network analysis.