This document summarizes the present and desired network management approaches for the Nelson Mandela African Institute of Science and Technology (NM-AIST) network to cope with expected expansion. It discusses the five functional areas of network management according to the ISO (International Organization for Standardization) model - fault management, configuration management, performance management, security management, and accounting management. For each area, it provides an overview of the current approach at NM-AIST and recommendations for improvements to effectively manage current and future growth of the network.
ADVANCED MULTIMEDIA PLATFORM BASED ON BIG DATA AND ARTIFICIAL INTELLIGENCE IM...IJNSA Journal
The proposed work describes the design of a multimedia platform managing users and implementing cybersecurity. The paper describes in details the use cases of the whole platform embedding Big Data and artificial intelligence (AI) engine predicting network attacks. The platform has been tested by Tree Ensemble algorithm classifying and predicting anomalous server logs of possible attacks. The data logs are collected in Cassandra Big Data System enabling the AI training model. The work has been developed within the framework of a research industry project.
HOST AND NETWORK SECURITY by ThesisScientist.comProf Ansari
Network management means different things to different people. In some cases, it involves a solitary network consultant monitoring network activity with an outdated protocol analyzer. In other cases, network management involves a distributed database, auto polling of network devices, and high-end workstations generating real-time graphical views of network topology changes and traffic. In general, network management is a service that employs a variety of tools, applications, and devices to assist human network managers in monitoring and maintaining networks.
Managing enterprise networks with cisco prime infrastructure_ 1 of 2Abdullaziz Tagawy
Network Management is define as monitoring, testing, configuring, and troubleshooting network components to meet a set of requirements defined by an organization.
The requirements include the smooth, efficient operation of the network that provides the predefined quality of service for users.
To accomplish this task, a network management system uses hardware, software, and humans.
A review on software defined network security risks and challengesTELKOMNIKA JOURNAL
Software defined network is an emerging network architecture that separates the traditional
integrated control logic and data forwarding functionality into different planes, namely the control plane and
data forwarding plane. The data plane does an end-to-end data delivery. And the control plane does
the actual network traffic forwarding and routing between different network segments. In software defined
network the networking infrastructure layer is where the entire networking device, such as switches and
routers are connected with the separate controller layer with the help of standard called OpenFlow
protocol. The OpenFlow is a standard protocol that allows different vendor devices like juniper, cisco and
huawei switches to be connected to the controller. The centralization of the software defined network
(SDN) controller makes the network more flexible, manageable and dynamic, such as provisioning of
bandwidth, dynamic scale out and scale in compared to the traditional communication network, however,
the centralized SDN controller is more vulnerable to security risks such as DDOS and flow rule poisoning
attack. In this paper, we will explore the architectures, the principles of software defined network and
security risks associated with the centralized SDN controller and possible ways to mitigate these risks.
Network Management System (Contact: info@exceleron-communications.com)Nadeem Khan
NMS designed and developed by world's top telecom experts, catering for the exact needs of a network. Better than top brands available in market. We offer flexibility, innovation and cost effective solution to all Network Management related tasks.
A network management system (NMS) refers to a collection of applications that enable network
components to be monitored and controlled.
network management systems have the same basic architecture, a
ADVANCED MULTIMEDIA PLATFORM BASED ON BIG DATA AND ARTIFICIAL INTELLIGENCE IM...IJNSA Journal
The proposed work describes the design of a multimedia platform managing users and implementing cybersecurity. The paper describes in details the use cases of the whole platform embedding Big Data and artificial intelligence (AI) engine predicting network attacks. The platform has been tested by Tree Ensemble algorithm classifying and predicting anomalous server logs of possible attacks. The data logs are collected in Cassandra Big Data System enabling the AI training model. The work has been developed within the framework of a research industry project.
HOST AND NETWORK SECURITY by ThesisScientist.comProf Ansari
Network management means different things to different people. In some cases, it involves a solitary network consultant monitoring network activity with an outdated protocol analyzer. In other cases, network management involves a distributed database, auto polling of network devices, and high-end workstations generating real-time graphical views of network topology changes and traffic. In general, network management is a service that employs a variety of tools, applications, and devices to assist human network managers in monitoring and maintaining networks.
Managing enterprise networks with cisco prime infrastructure_ 1 of 2Abdullaziz Tagawy
Network Management is define as monitoring, testing, configuring, and troubleshooting network components to meet a set of requirements defined by an organization.
The requirements include the smooth, efficient operation of the network that provides the predefined quality of service for users.
To accomplish this task, a network management system uses hardware, software, and humans.
A review on software defined network security risks and challengesTELKOMNIKA JOURNAL
Software defined network is an emerging network architecture that separates the traditional
integrated control logic and data forwarding functionality into different planes, namely the control plane and
data forwarding plane. The data plane does an end-to-end data delivery. And the control plane does
the actual network traffic forwarding and routing between different network segments. In software defined
network the networking infrastructure layer is where the entire networking device, such as switches and
routers are connected with the separate controller layer with the help of standard called OpenFlow
protocol. The OpenFlow is a standard protocol that allows different vendor devices like juniper, cisco and
huawei switches to be connected to the controller. The centralization of the software defined network
(SDN) controller makes the network more flexible, manageable and dynamic, such as provisioning of
bandwidth, dynamic scale out and scale in compared to the traditional communication network, however,
the centralized SDN controller is more vulnerable to security risks such as DDOS and flow rule poisoning
attack. In this paper, we will explore the architectures, the principles of software defined network and
security risks associated with the centralized SDN controller and possible ways to mitigate these risks.
Network Management System (Contact: info@exceleron-communications.com)Nadeem Khan
NMS designed and developed by world's top telecom experts, catering for the exact needs of a network. Better than top brands available in market. We offer flexibility, innovation and cost effective solution to all Network Management related tasks.
A network management system (NMS) refers to a collection of applications that enable network
components to be monitored and controlled.
network management systems have the same basic architecture, a
Network management is the process of administering and managing computer networks. Various services provided by this discipline include fault analysis, performance management, provisioning of networks, maintaining the quality of service, and so on.
Functions and features network managementFlightcase1
Network management is the process of administering and managing computer networks. Various services provided by this discipline include fault analysis, performance management, provisioning of networks, maintaining the quality of service.
A SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKSijdpsjournal
Monitoring functionality is an essential element of any network system. Traditional monitoring solutions
are mostly used for manual and infrequent network management tasks. Software-defined networks (SDN)
have emerged with enabled automatic and frequent network reconfigurations. In this paper, a scalable
monitoring system for SDN is introduced. The proposed system monitors small, medium, and large-scale
SDN. Multiple instances of the proposed monitoring system can run in parallel for monitoring many SDN
slices. The introduced monitoring system receives requests from network management applications,
collects considerable amounts of measurement data, processes them, and returns the resulting knowledge
to the network management applications. The proposed monitoring system slices the network (switches and
links) into multiple slices. The introduced monitoring system concurrently monitors applications for
various tenants, with each tenant's application running on a dedicated network slice. Each slice is
monitored by a separate copy of the proposed monitoring system. These copies operate in parallel and are
synchronized. The scalability of the monitoring system is achieved by enhancing the performance of SDN.
In this context, scalability is addressed by increasing the number of tenant applications and expanding the
size of the physical network without compromising SDN performance.
In software-defined networking (SDN), network traffic is managed by software controllers or application programming interfaces (APIs) rather than hardware components. It differs from traditional networks, which use
switches and routers to control traffic. Using SDN, you can create and control virtual networks or traditional hardware networks. Furthermore, OpenFlow allows network administrators to control exact network behavior
through centralized control of packet forwarding. For these reasons, SDN has advantages over certain security issues, unlike traditional networks.
However, most of the existing vulnerabilities and security threats in the traditional network also impact the SDN network. This document presents the attacks targeting the SDN network and the solutions that protect against
these attacks. In addition, we introduce a variety of SDN security controls, such as intrusion detection systems (IDS)/intrusion prevention system (IPS), and firewalls. Towards the end, we outline a conclusion and perspectives.
[White paper] detecting problems in industrial networks though continuous mon...TI Safe
Automation networks offer a range of real-time applications and data, making necessary the continuous monitoring of the quality of services. The parameters of QoS (Quality of Service) seek to address priorities, bandwidth allocation and network latency control. There are several QoS parameters to characterize a computer network, and that can be used for monitoring purposes.
Each SCADA network, in a healthy state, presents a specific QoS which rarely changes given the repetitive process of the IACS operations. The continuous monitoring of QoS parameters of an automation network may anticipate problems such as malware contamination and equipment failures like switches and routers. It is very important to be aware of these changes in behavior in order to receive alerts and promptly handle them, avoiding incidents that could compromise the operation of the network and be financially or environmentally costly.
In addition to the monitoring of network traffic, it is also necessary to monitor resource consumption of critical servers, such as the processing (CPU), memory, storage capacity and hard disk failures, among others.
This work aims to establish a method by which SCADA security professionals can differentiate and qualify any problems that may be occurring through continuous monitoring of the automation network performance parameters giving a more behavioral approach than current signature-based ones.
We presented a series of tests conducted in our laboratories in order to measure the performance of a simulated automation network parameters using a small SCADA network sandbox. First we measured the normal operating parameters of the network and reap its main graphics obtained with the proper tools. In a second step we practiced several attacks against the simulated automation network. During all attacks we collected the operating parameters of the network and its main graphics.
At the conclusion of the work we compared the graphs of the network in healthy state with the graphs of the network with the security incidents described above. We detailed how the network parameters were affected by each kind of incident and built a table showing the way the main parameters of an automation network were affected by the attacks
It includes provisioning of network, network operations, their installation and management. It also contains various groupings which help to manage a network.
A novel resource efficient dmms approach for network monitoring and controlli...ijwmn
In this paper, we propose a novel Distributed MANET Management System (DMMS) approach to use cross layer models to demonstrate a simplified way of efficiently managing the overall performance of individual network resources (nodes) and the network itself which is critical for not only monitoring the traffic, but also dynamically controlling the end-to-end Quality of Service (QoS) for different applications. In the proposed DMMS architecture, each network resource maintains a set of Management Information Base (MIB) elements and stores resource activities in their abstraction in terms of counters, timer, flag and threshold values. The abstract data is exchanged between different management agents residing in different resources on a need-to-know basis and each agent logically executes management functions locally to develop understanding of the behavior of all network resources to ensure that user protocols can function smoothly. However, in traditional network management systems, they collect statistical data such as resource usage and performance by spoofing of resources. The amount of data that is exchanged with other resources through management protocols that can be extremely high and the bandwidth for overhead management functions increases significantly. Also, the data storage requirements in each network resource for management functions increases and become inefficient as it increases the power usage for processing. Our proposed scheme targets at solving the problems.
Implementation of data security used in this research using metarouter as its method. Metarouter is a virtual network device that connects computers as if in a network. Metarouter is made to make it easier to monitor network activity simultaneously. This study aims to develop data security management on metarouter. Testing conducted by Denial of Service attacks based on DOS flooding metarouter aimed at port 80 and port 22. To recognize Denial of Service attacks it is necessary to monitor the network by performing log analysis stored on mikrotik.The benefits of log analysis are expected to facilitate in data monitoring and network management.
Network Management Fundamentals - Back to the BasicsSolarWinds
Let's get Back to the Basics of Network Management. In this slideshare, we will walk you through the Fundamental Protocols of Network Management, Windows Management Protocols, Flow Based Protocols, Cisco IP Service Level Agreements and the Network Management Framework.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
PHP Frameworks: I want to break free (IPC Berlin 2024)
Present and desired network management to cope with the expected expansion, nm aist study case.
1. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol.3, No.8, 2013
43
Present and Desired Network Management to Cope with the
Expected Expansion, NM-AIST Study Case.
Shadrack Stephen Madila, George Sizya Germinous, Sarah Nyanjara Magoti
ICT department, Moshi University College of Co-operative and Business Studies
P. o. box 474 Moshi, Tanzania
Abstract
The network management as defined by the International Standards Organization (ISO) has five functional areas
of network management. In this work we explore all functional areas for the present and desired network
management to cope with the expected expansions. We provide recommendations on each functional area to
increase the overall effectiveness of current and future management tools and practices for the NM-AIST
(Nelson Mandela African Institute of Science and Technology) network. The design guidelines for future
implementation of network management tools are also explored.
ABBREVIATIONS
o NMS – Network Management System.
o ISO–International Standards Organization
o SNMP – Simple Network Management Protocol.
o MIB – Management Information Base.
o SLA- Service Level Agreement
o CORBA – Common Object Request Broker Architecture and
o RMON- Remote Monitoring.
o IOS – Internetworking Operating System.
o IDS – Intrusion Detection System.
o IPS – Intrusion Prevention System.
o NM-AIST- Nelson Mandela African Institute of Science and Technology
Introduction
The ISO network management model's five functional areas include [1]:-
I. Fault Management for detection, isolation, notification, and correction of faults encountered in the
network.
II. Configuration Management for configuration aspects of network devices, reconfiguration and
documentation.
III. Performance Management for monitoring and measuring various aspects of performance such as
capacity, traffic, throughput and response time so that overall performance can be maintained at an
acceptable level.
IV. Security Management for controlled access to network devices and corporate resources by authorized
individuals.
V. Accounting Management for controlled usage of network resources.
The following figure outlines a reference architecture that should be a minimal solution for managing a data
network. This architecture includes a Call Manager server for managing Voice over Internet Protocol (VoIP); it
also shows how to integrate the Call Manager server into the NMS topology.
2. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol.3, No.8, 2013
44
Fig. 1: Reference Architecture for NMS The network management architecture
The network management architecture include the following :-
I. Simple Network Management Protocol (SNMP) platform for fault management.
II. Performance monitoring platform for long term performance management and trending.
III. Server for configuration management, syslog collection, and hardware and software inventory
management (documentation).
Some SNMP platforms can directly share data with the server using Common Information Model/eXtensible
Markup Language (CIM/XML) methods. CIM is a common data model of an implementation neutral schema for
describing overall management information in a network/enterprise environment.
XML is a markup language used for representing structured data in textual form. XML is similar in concept to
HTML, but whereas HTML is used to convey graphical information about a document, XML is used to represent
structured data in a document.
Fault Management
The goal of fault management is to detect, isolate, notify users of, and (to the extent possible) automatically fix
network problems to keep the network running effectively. Because faults can cause downtime or unacceptable
network degradation, fault management is perhaps the most widely implemented of the ISO network
management elements.
Network Management Platforms
Network management platform deployed manages an infrastructure that consists of multivendor network
elements. The platform receives and processes events from network elements in the network [1]. Commonly
available functions in a standard management platform include:-
I. Network discovery
II. Topology mapping of network elements
III. Event handler
IV. Performance data collector
V. Management data browser
Network management platforms can be viewed as the main console for network operations in detecting faults in
the infrastructure. The ability to detect problems quickly in any network is critical. Network operations personnel
can rely on a graphical network map to display the operational status of critical network elements such as routers
and switches.
Network management platform such as HP OpenView can perform a discovery of network devices. Different
colors on the graphical elements represent the current operational status of network devices. Network devices
can be configured to send notifications, called SNMP traps, to network management platforms. Upon receiving
the notifications, the graphical element representing the network device changes to a different color depending
on the severity of the notification received. These notifications are placed in a log file. It is particularly important
that the most current Management Information Base (MIB) files be loaded on the SNMP platform to ensure that
the various alerts from devices are interpreted correctly.
A number of network management platforms are capable of managing multiple geographically distributed sites.
This is accomplished by exchanging management data between management consoles at remote sites with a
management station at the main site. The main advantage of a distributed architecture is that it reduces
3. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol.3, No.8, 2013
45
management traffic, thus providing a more effective usage of bandwidth.
A recent enhancement to management platforms is the ability to remotely manage the network elements using a
web interface [1]. This enhancement eliminates the need for special client software on individual user stations to
access a management platform.
A typical enterprise is comprised of different network elements. However, each device normally requires vendor
specific element management systems in order to effectively manage the network elements. Therefore, duplicate
management stations may be polling network elements for the same information. The data collected by different
systems is stored in separate databases, creating administration overhead for users. These limitations prompt the
adoption of standards such as Common Object Request Broker Architecture (CORBA) to facilitate the exchange
of management data between management platforms and element management systems.
CORBA specifies a system that provides interoperability between objects in a heterogeneous, distributed
environment and in a manner that is transparent to the programmer.
Fault Detection and Notification
The purpose of fault management is to detect, isolate, notify, and correct faults encountered in the network.
Network devices are capable of alerting management stations when a fault occurs on the systems. An effective
fault management system consists of several subsystems. Fault detection is accomplished when the devices send
SNMP trap messages, SNMP polling, remote monitoring (RMON) thresholds, and syslog messages. Upon
receipt of alerts corrective actions can be taken. A periodic review of configured traps ensures effective fault
detection in the network.
The current NM-AIST network does not have any Fault Management mechanism installed, yet. But fault
detecting device is a proposed solution and this will serve well the purpose to monitor the faults as they occur on
the network, detect, isolate, and notify the users of the network and for some simple issues, automatically fix
them.
This is a necessity because the NM-AIST network is growing and is likely to grow to the extent when it will be
impossible to manually find the fault devices and fix them.
Furthermore, Fault detection and monitoring of network elements can be expanded from the device level to the
protocol and interface levels. For a network environment, fault monitoring can include Virtual Local Area
Network (VLAN), asynchronous transfer mode (ATM), fault indications on physical interfaces, and so forth.
Protocol-level fault management implementation is available using an element management system such as the
CiscoWorks2000 Campus Manager.
As the network grows, an event management system that is capable of correlating different network events
(syslog, trap, log files) may be considered. This architecture behind an event management system is comparable
to a Manager of Managers (MOM) system. This allows personnel in the network operations center (NOC) to be
proactive and effective in detecting and diagnosing network issues. Event prioritization and suppression allow
network operation personnel to focus on critical network events.
Configuration Management
The goal of configuration management is to monitor network and system configuration information so that the
effects on network operation of various versions of hardware and software elements can be tracked and managed.
Configuration Standards
Naming conventions for network devices, starting from device name to individual interface should be planned
and implemented as part of the configuration standard. A well defined naming convention provides personnel
with the ability to provide accurate information when troubleshooting network problems. The naming
convention for devices can use geographical location, building name, floor, and so forth. For the interface
naming convention, it can include the segment to which a port is connected, name of connecting hub, and so
forth. On serial interfaces, it should include actual bandwidth, local data link connection identifier (DLCI)
number (if Frame Relay), destination, and the circuit ID or information provided by the carrier.
Configuration File Management
Additional of new configuration commands on existing network devices requires verifying the commands for
integrity before actual implementation takes place. An improperly configured network device can have a
disastrous effect on network connectivity and performance. Configuration command parameters must be checked
to avoid mismatches or incompatibility issues.
So far, in the NM-AIST networking environment; the configurations for the devices are done using only the built
in software that comes with the devices; for instance the Internetworking Operating System (Cisco IOS) that
comes with Cisco devices. And they are performed remotely using the terminal programs using either telnet or
ssh protocols for remote access of the devices. The changes made on the routers and switches can be tracked
using the features built in the IOS but this is limited only to manage the configurations on the devices.
The dynamic listing of all the devices in the network, and the software versions in the various devices are not
4. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol.3, No.8, 2013
46
supported at all in the current NM-AIST network.
For the expected expansion in the network management; the inventory management and the software
management mechanisms are to be implemented and they are of great necessity as detailed in the following
paragraphs.
Inventory Management
The discovery function of most network management platforms is intended to provide a dynamic listing of
devices found in the network. Discovery engines such as those implemented in network management platforms
should be utilized for such purposes.
An inventory database provides detailed configuration information on network devices such as models of
hardware, installed modules, software versions e.t.c. The up to date listing of network devices collected by the
discovery process can be used as a master list to collect inventory information using SNMP or scripting.
Software Management
Successful upgrade software on network devices requires a detailed analysis of the requirements such as memory.
The upgrade window to complete device maintenance is fairly limited for some organizations. In a large network
environment like the expected NM-AIST with limited expensive resources, it is recommended to schedule and
automate software upgrades after business hours.
Changes to software in network devices should be tracked to assist in the analysis phase when software
maintenance is required. With an upgrade history report readily available, the person performing the upgrade can
minimize the risk of loading incompatible software into network devices.
Performance Management
Service level agreements (SLA) are written between a service provider and their customers on the expected
performance level of network services. The SLA consists of metrics agreed upon between the provider and its
customers e.g. capacity, Traffic, throughput and response time.
Various interface statistics can be collected from network devices to measure the performance level. These
statistics can be included as metrics in the SLA. At the device level, performance metrics can include CPU
utilization, buffer allocation (big buffer, medium buffer, misses, hit ratio), and memory allocation.
There is no mechanism that is running currently in the NM-AIS network to for performance management. There
is, however a proposal to purchase and deploy Riverbed Bandwidth manager that is meant to measure the
network performance, to limit the bandwidth usage and monitor the performance of the other installed
applications on the network.
In addition to this Bandwidth Manager to perform all those management tasks; SNMP will still play an important
role in monitoring, measuring and reporting the performance of the devices and applications on the network as
discussed below.
Performance Monitoring, Measurement, and Reporting
Different performance metrics at the interface, device, and protocol levels should be collected on a regular basis
using SNMP. The polling engine in a network management system can be utilized for data collection purposes.
Most network management systems are capable of collecting, storing, and presenting polled data. The response
time can be measured between the source and the destination or for each hop along the path. SNMP traps can be
configured to alert management consoles if the response time exceeds the predefined thresholds.
Performance Analysis and Tuning
In many networks user traffic increases rapidly and places a higher demand on network resources. Network
managers typically have a limited view on the types of traffic running in the network. Two technologies for that
matter, RMON probes and NetFlow, all from Cisco, provide the ability to collect traffic profiles.
Data gathered on network devices are exported to a collector. The collector performs functions such as reducing
the volume of data (filtering and aggregation), hierarchical data storage, and file system management.
Security Management
The goal of security management is to control access to network resources according to predefined policies so
that the network cannot be sabotaged (intentionally or unintentionally). A security management subsystem can
monitor users logging on to a network resource, refusing access to those who enter inappropriate access codes.
A good security management implementation starts with sound security policies and procedures in place. It is
important to use a platform with minimum configuration standard for all routers and switches that follow
industry best practices for security performance.
The Security mechanism that are implemented on the NM-AIST network presently include the configured
Firewall on the routers, the Access control lists to filter the communications in and out the network. And there
are plans to change the network management strategy from the workgroup to a domain system of managing the
network. This will ensure central management of users and devices on the domain by the use of the Active
Directory services.
Some more features can be deployed in order to manage the increased users and devices in the NM-AIST
5. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol.3, No.8, 2013
47
network that is expected to grow over the years. This includes some mechanisms for detecting and preventing
intrusions on the network (i.e. IDS and IPS – Intrusion Detection System and Intrusion Prevention System),
some mechanisms for Authentication, Authorization and Accounting should be implemented as well. The server
for this purpose that is generally referred to as AAA Server should be configured to serve the functions discussed
below.
Authentication
Authentication is the process of identifying users, which includes login and password dialog, challenge and
response, and messaging support. Authentication is the way a user is identified prior to being allowed access to
the router or switch. There is a fundamental relationship between authentication and authorization. The more
authorization privileges a user receives, the stronger the authentication should be.
Authorization
Authorization provides remote access control, including one time the user for each service that requests
authorization and authorization. It is an act of permitting access to a resource based on authentication
information in the AAA Model.
Accounting
Accounting allows for the collecting and sending of security information used for billing, auditing, and reporting,
such as user identities, start and stop times, and executed commands. Accounting enables network managers to
track the services that users are accessing as well as the amount of network resources they are consuming.
Accounting provides auditing and logging functionalities to the security model.
Accounting Management
Accounting management is the process used to measure network utilization parameters so that individual or
group users on the network can be regulated appropriately for the purposes of accounting or charge back. Similar
to performance management, the first step toward appropriate accounting management is to measure the
utilization of all important network resources.
Presently; Accounting Management is not in place at all in the NM-AIST network for controlled use of resources.
There are plans to utilize the Bandwidth Manager (Riverbed) that is yet to be purchased and deployed on the
network. Extensive accounting and billing systems are of great importance to cope with the expected expansion
of the network.
A usage based accounting and billing system is an essential part of any service level agreement (SLA). It
provides both a practical way of defining obligations under an SLA and clear consequences for behavior outside
the terms of the SLA.
NetFlow Activation and Data Collection Strategy
NetFlow (network flow) is an input side measurement technology that allows for capturing the data required for
network planning, monitoring, and accounting applications. NetFlow should be deployed on edge/aggregation
router interfaces for service providers or WAN access router interfaces for Enterprise customers.
Recommendations are made for a carefully planned NetFlow deployment with NetFlow services activated on the
strategically located routers. NetFlow can be deployed incrementally (interface by interface) and strategically
(on well chosen routers), rather than deploying NetFlow on every router on the network. Carefully
determinations on key routers and key interfaces where NetFlow should be activated based on the network traffic
flow patterns, network topology and architecture.
The key deployment considerations include:-
I. NetFlow services should be utilized as an edge metering and access list performance acceleration tool
and should not be activated on hot core/backbone routers or routers running at very high CPU
utilization rates.
II. Understand application driven data collection requirements. Accounting applications may only require
originating and terminating router flow information whereas monitoring applications may require a
more comprehensive (data intensive) end to end view.
III. Understand the impact of network topology and routing policy on flow collection strategy. For example,
it is advisable to avoid collecting duplicate flows by activating NetFlow on key aggregation routers
where traffic originates or terminates and not on backbone routers or intermediate routers, which would
provide duplicate views of the same, flow information.
IV. Service providers in the transit carrier business (carrying traffic neither originating nor terminating on
their network) may utilize NetFlow Export data for measuring transit traffic usage of network resources
for accounting and billing purposes.
Configuration of IP Accounting
IP accounting provides basic IP accounting functions. By enabling IP accounting, users can see the number of
bytes and packets switched through on a source and destination IP address basis. Only transit IP traffic is
measured and only on an outbound basis. Traffic generated by the software or terminating in the software is not
6. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol.3, No.8, 2013
48
included in the accounting statistics. To maintain accurate accounting, the configuration maintains the
accounting databases.
IP accounting configuration also provides information that identifies IP traffic that fails IP access lists.
Identifying IP source addresses that violate IP access lists signals possible attempts to breach security. The data
also helps in identifying how the IP access list configurations should be verified. Users can then display the
number of bytes and packets from a single source that attempted to breach security against the access list for the
source destination pair. By default, IP accounting displays the number of packets that have passed access lists
and were routed.
Conclusion
Network Management Systems are essential in any network deployed. In this work, the significance of each
functional area of the ISO’s network management model in the management of the entire network has been
detailed giving the specifics for a present and desired network management for the Nelson Mandela African
Institute of Science and Technology as the case study. In order to cope with the expected expansion of Mandela;
the proposed solutions are inevitable.
New features of management platforms like the ability to remotely manage the network elements using a web
interface are very essential and eliminate the need for special client software on individual user stations to access
a management platform.
The adoption of standards such as Common Object Request Broker Architecture (CORBA) to facilitate the
exchange of management data between management platforms and element management systems is significant
especially when the enterprise is comprised of heterogeneous network element for interoperability.
The expected expansion of the network should among other things be able to support the desired applications
that are intended to support the communications and other academic related issues. These include such
applications as Video Conferencing, Voice over IP, and include other services for File transfer (FTP), Mail
services and web services from local servers for improved performance, security, management and
accountability.
References
[1] http://www.cisco.com/network Management best practice
[2] TANENBAUM, A.S.: Computer Networks, Fourth Edition, New Jersey - USA: Prentice Hall, 2003.
[3] LEE, T.T. and LIEW, S.C.: Principles of Broadband Switching and Networking, New Jersey – USA: John
Wiley & Sons Inc., 2010.
[4] CCNA Discovery 4: Designing and Supporting Computer Networks: Cisco Systems, Inc., 2007.
[5] LAMMLE, T.: Cisco Certified Network Associate Study Guide, Sixth Edition, Indianapolis, Indiana – USA:
Wiley Publishing, Inc., 2007.
7. This academic article was published by The International Institute for Science,
Technology and Education (IISTE). The IISTE is a pioneer in the Open Access
Publishing service based in the U.S. and Europe. The aim of the institute is
Accelerating Global Knowledge Sharing.
More information about the publisher can be found in the IISTE’s homepage:
http://www.iiste.org
CALL FOR JOURNAL PAPERS
The IISTE is currently hosting more than 30 peer-reviewed academic journals and
collaborating with academic institutions around the world. There’s no deadline for
submission. Prospective authors of IISTE journals can find the submission
instruction on the following page: http://www.iiste.org/journals/ The IISTE
editorial team promises to the review and publish all the qualified submissions in a
fast manner. All the journals articles are available online to the readers all over the
world without financial, legal, or technical barriers other than those inseparable from
gaining access to the internet itself. Printed version of the journals is also available
upon request of readers and authors.
MORE RESOURCES
Book publication information: http://www.iiste.org/book/
Recent conferences: http://www.iiste.org/conference/
IISTE Knowledge Sharing Partners
EBSCO, Index Copernicus, Ulrich's Periodicals Directory, JournalTOCS, PKP Open
Archives Harvester, Bielefeld Academic Search Engine, Elektronische
Zeitschriftenbibliothek EZB, Open J-Gate, OCLC WorldCat, Universe Digtial
Library , NewJour, Google Scholar