You are on page 1of 7

Network management

The management of todays networks poses somecomplex problems. The initial decision of scope is a determinantof management complexity. Networking technologycan be viewed using the OSI seven layer model Most networks are managed up to the transport layer,however, much has been written about the cost of ownershipand desktop management, which implies management higher up the architecture. Once a decision about scope has been made, the approach becomes better defined. The ISO model separates network management into five specific areas: configuration, fault, performance,accounting and security. Each area has its own special requirements.

Functional network management


The ISO network management model partitions the functions of network management into five conceptual areas: Configuration Management. Fault Management. Performance Management. Accounting Management. Security Management. Configuration management Configuration management exists to collect and monitor configuration information so that the effects of changes in hardware and software can be managed. Once collected, this information provides the raw data from which a topographical view of the network may be constructed.

This view would typically include information such as: devices in the network, their version, location and unique identifiers; cabling in the network, its capacity and location; interconnections or physical relationships between devices. This information is presented typically via a graphical user interface. In the event of part of the network failing, the configuration of the network must be altered to provide alternative paths for the flow of information (re-routing) and thus, avoid interruption of service. Fault management This function is required to detect abnormal network behaviour. Fault management follows a sequence of actions: error detection, error diagnosis and error recovery. Error detection monitors such events as: alarm signals from network devices (when thresholds are exceeded or in the event of hardware failure), deterioration of performance, or application failures. Error detection facilities also include an error log for future analysis. Error diagnosis involves the analysis of detected errors in an effort to determine the cause of an error and a course of action to rectify it. Recent approaches to error diagnosis include the use of artificial intelligence techniques such as deductive reasoning Error recovery involves a range of measures proportional to the errors magnitude. Simple errors may require the fine tuning of a device on the network, where more serious errors may mandate the replacement of a faulty device. Persistent performance failures are usually an indicator of poor network health. Remedying such problems typically involves re-configuration of the problematic section of the network. Performance management Performance management is central to the long-term management of the network. By gathering statistical data about the behaviour of managed objects and traffic flows between them, trends in network performance can be predicted. Using analytical modelling [11] potential bottlenecks, may be discovered and scenarios (such as increased traffic at various points of the network) may be assessed. Thus, performance modelling provides valuable feedback on both the short and long-term health of the network. It facilitates the proactive upgrading and reconfiguration of the network to meet the changing needs of the users. Accounting management Accounting management is primarily concerned with determining the utilisation of network services by individuals or groups of users and regulating such usage according to policy. By regulating usage according to available resources, network services may be apportioned fairly amongst users while also reducing network congestion. The most immediate application of such facilities is commercial, i.e. charge the user based on their usage. A second dimension is to identify the urgency of service required by users and charge them according to demand.Such quality of service options provide users with increasedflexibility for their communications requirements.

Security management Network security requires that access to network resources be controlled by policies to prevent (intentional or accidental) sabotage. Further, access to sensitive information should be restricted to those with appropriate authorisation. Security management involves: definition of user-sets (varying levels of authorisation); identification of sensitive network resources; mapping sensitive network resources to user-sets; monitoring access points (firewalls are a security subsystem); logging unauthorised access attempts and intrusion detection.

SNMP defined
The Simple Network Management Protocol (SNMP) is a network management standard widely used in TCP/IP networks. SNMP provides a method of managing network hosts such as workstation or server computers, routers, bridges, and hubs from a centrally-located computer running network management software. SNMP performs management services by using a distributed architecture of management systems and agents. Because network management is critical for both auditing and resource management, SNMP can be used to:

Configure remote devices. Configuration information can be sent to each networked host from the management system. Monitor network performance. You can track the speed of processing and network throughput, and collect information about the success of data transmissions. Detect network faults or inappropriate access. You can configure trigger alarms on network devices when certain events occur. When an alarm is triggered, the device forwards an event message to the management system. Common types of alarms include a device being shut down and restarted, a link failure being detected on a router, and inappropriate access. Audit network usage. You can monitor both overall network usage to identify user or group access, and types of usage for network devices and services.

Figure 1. SNMP Architecture

The SNMP service


The simple network management protocol (SNMP) service supports computers running TCP/IP and IPX protocols. It is an optional service that can be installed after the TCP/IP protocol has been successfully configured. The SNMP service provides an SNMP agent that allows remote, centralized management of computers running:

Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 family

The SNMP agent also allows management of the following services:

Windows XP or the Windows Server 2003 family and Microsoft Windows 2000based WINS Windows XP or the Windows Server 2003 family and Windows 2000-based DHCP Windows XP or the Windows Server 2003 family and Windows 2000-based Internet Information Services Microsoft LAN Manager

To access the information that the SNMP agent service provides, you need at least one SNMP management system software application. The SNMP service supports but does not currently include SNMP management software. SNMP management software must be running on the host which acts as the management system. The SNMP architecture is composed of three major elements:

Managers (software) are responsible for communicating with (and managing) network devices that implement SNMP Agents (also software). Agents reside in devices such as workstations, switches, routers, microwave radios, printers, and provide information to Managers. MIBs (Management Information Base) describe data objects to be managed by an Agent within a device. MIBs are actually just text files, and values of MIB data objects are the topic of conversation between Managers and Agents.

Standard MIB Definitions


Depending on the origin (author) of a MIB, we can categorize MIBs into either:

Enterprise MIBs Or Standard MIBs

Enterprise MIBs are authored by non-standards-committee organizations, e.g., Cisco or HP. All such organizations must apply for a unique Enterprise ID issued by the Internet Assigned Number Authority (IANA). Enterprise MIBs are then organized under these unique IDs. Standard MIBs are authored by persons associated with the IETF. For example, a standard Printer MIB exists, and printer manufacturers commonly implement an Agent to support this MIB in addition to their own Enterprise MIBs.

Other Standard MIB examples include: 5

X.25 Modems DS1, DS3 Bridges ATM Token Ring Fiber Channel Fabric Element MIB Ping, Traceroute, Lookup MIBs Print Job Monitoring MIB ICMPv6 MIB Mail Monitoring MIB

SNMP is based on the manager/agent model of a network management architecture.

Strengths and Weaknesses


Strengths

Widespread popularity Many standard MIBs available Agents have low impact on monitored system resources Well suited to monitoring Many products available

Weaknesses

Not as comprehensive as some other protocols Not bandwidth efficient Complicated message encoding rules Security has been on on-going concern. SNMPv3 was developed in response to this issue. UDP, or other connectionless, protocol is used, which creates issues regarding verification of operations: Trap-Send verification (did it really reach the

Manager?); Verification (success) of any set operation to an Agent. However, cleverly designed MIBs and Manager logic can overcome these problems.

Applications
Here are some typical uses of SNMP:

Monitoring device performance Detecting device faults, or recovery from faults Collecting long term performance data Remote configuration of devices Remote device control

You might also like