Chapter 5 Network Management

1. Introduction
Network management, in general, is a service that employs a variety of protocols, tools, applications,
and devices to assist human network managers in monitoring and controlling of the proper network
resources, both hardware and software, to address service needs and the network objectives. When
transmission control protocol/internet protocol (TCP/IP) was developed, little thought was given to
network management. Prior to the 1980s, the practice of network management was largely exclusive
because of the high development cost. The rapid development in the 1980s towards larger and more
complex networks caused a significant diffusion of network management technologies. The starting
point in providing specific network management tools was in November 1987, when Simple Gateway
Monitoring Protocol (SGMP) was issued. In early 1988, the Internet Architecture Board (IAB) approved
Simple Network Management Protocol (SNMP) as a short-term solution for network management.
Standards like SNMP and Common Management Information Protocol (CMIP) paved the way for
standardized network management and development of innovative network management tools and
applications.
A network management system (NMS) refers to a collection of applications that enable network
components to be monitored and controlled. In general, network management systems have the same
basic architecture, consisting of two key elements:
 A managing device, called a management station, or a manager and the
 Managed devices, called management agents or simply an agent.
A management station serves as the interface between the human network manager and the network
management system. It is also the platform for management applications to perform management
functions through interactions with the management agents. The management agent responds to the
requests from the management station and also provides the management station with spontaneous
information. Given the diversity of managed elements, such as routers, bridges, switches, hubs and so
on, and the wide variety of operating systems and programming interfaces, a management protocol is
critical for the management station to communicate with the management agents effectively. SNMP
(Simple Network Management Protocol) and CMIP (Common Management Information Protocol) are
two well-known network management protocols. A network management system is generally described
using the Open System Interconnection (OSI) network management model. As an OSI network
management protocol, CMIP was proposed as a replacement for the simple but less sophisticated
SNMP; however, it has not been widely adopted.

1
 1.1. OSI Network Management Model
The OSI network management comprises four major models:
1. Organization Model defines the manager, agent, and managed object. It describes the
components of a network management system, the components' functions and infrastructure.
2. Information Model is concerned with the information structure and storage. It specifies the
information base used to describe the managed objects and their relationships. The Structure of
Management Information (SMI) defines the syntax and semantics of management information
stored in the Management Information Base (MIB). The MIB is used by both the agent process
and the manager process for management information exchange and storage.
3. Communication Model deals with the way that information is exchanged between the agent
and the manager and between the managers. There are three key elements in the
communication model: transport protocol, application protocol and the actual message to be
communicated.
4. Functional Model comprises functional areas of network management.

1.2. Network Management Layers

Two protocol architectures have served as the basis for the development of interoperable
communications standards:
 The International Organization for Standardization (ISO) OSI reference model and
 The TCP/IP reference model, which are compared in the figure above.
The OSI reference model was developed based on the promise that different layers of the protocol
provide different services and functions. It provides a conceptual framework for communications among
different network elements. The OSI model has seven layers. Network communication occurs at
different layers, from the application layer to the physical layer; however, each layer can only
communicate with its adjacent layers. The OSI and TCP/IP reference models have much in common.
Both are based on the concept of a stack of independent protocols. Also, the functionality of the
corresponding layers is roughly similar.
However, the difference does exist between the two reference models. The concepts that are central to
the OSI model include service, interface, and protocol. The OSI reference model makes the distinction
among these three concepts explicit. The TCP/IP model, however, does not clearly distinguish among

2
these three concepts.
As a consequence, the protocols in the OSI model are better hidden than in the TCP/IP model and can be
replaced relatively easily as the technology changes. The OSI model was devised before the
corresponding protocols were invented. Therefore, It is not biased toward one particular set of
protocols, which makes it quite general. With TCP/IP, the reverse is true: the protocols came first, and
the model was really just a description of the existing protocols. Consequently, this model does not fit
any other protocol stacks.

2. ISO Network Management Functions

The fundamental goal of network management is to ensure that the network resources are available to
the designated users. To ensure rapid and consistent progress on network management functions, ISO

3
has grouped the management functions into five areas:
I. Configuration management,
II. Fault management,
III. Accounting management,
IV. Security management, and
V. Performance management.
The ISO classification has gained broad acceptance for both standardized and proprietary network
management systems.
Configuration Management
Configuration management is concerned with initializing a network, provisioning the network resources
and services, and monitoring and controlling the network. More specifically, the responsibilities of
configuration management include setting, maintaining, adding, and updating the relationship among
components and the status of the components during network operation.
Configuration management consists of both device configuration and network configuration. Device
configuration can be performed either locally or remotely. Automated network configuration, such as
Dynamic Host Configuration Protocol (DHCP) and Domain Name Services (DNS), plays a key role in
network management.
Fault Management
Fault management involves detection, isolation, and correction of abnormal operations that may cause
the failure of the OSI network. The major goal of fault management is to ensure that the network is
always available and when a fault occurs, it can be fixed as rapidly as possible. Faults should be distinct
from errors. An error is generally a single event, whereas a fault is an abnormal condition that requires
management attention to fix. For example, the physical communication line cut is a fault, while a single
bit error on a communication line is an error.
Security Management
Security management protects the networks and systems from unauthorized access and security
attacks. The mechanisms for security management include authentication, encryption and authorization.
Security management is also concerned with generation, distribution, and storage of encryption keys as
well as other security-related information. Security management may include security systems such as
firewalls and intrusion detection systems that provide real-time event monitoring and event logs.
Accounting Management
Accounting management enables charge for the use of managed objects to be measured and the cost
for such use to be determined. The measure may include the resources consumed, the facilities used to
collect accounting data, and set billing parameters for the services used by customers, the maintenance
of the databases used for billing purposes, and the preparation of resource usage and billing reports.
Performance Management
Performance management is concerned with evaluating and reporting the behavior and the
effectiveness of the managed network objects. A network monitoring system can measure and display
the status of the network, such as gathering the statistical information on traffic volume, network
availability, response times, and throughput.

3. Network Management Protocols

4
SNMP is the most widely used data network management protocol. Most of the network components
used in enterprise network systems have built-in network agents that can respond to an SNMP network
management system. This enables new components to be automatically monitored. Remote network
monitoring (RMON) is, on the other hand, the most important addition to the basic set of SNMP
standards. It defines a remote network monitoring MIB (Management Information Base) that
supplements MIB-2 and provides the network manager with vital information about the internetwork.
SNMP/SNMPv1
The objective of network management is to build a single protocol that manages both OSI and TCP/IP
networks. Based on this goal, SNMP, or SNMPv1 was first recommended as an interim set of
specifications for use as the basis of common network management throughout the system, whereas
the ISO CMIP over TCP/IP was recommended as the long term solution.
SNMP consists of three specifications:
 The SMI (Structure of Management Information) , which describes how managed objects
contained in the MIB are defined;
 The MIB, which describes the managed objects contained in the MIB; and
 The SNMP itself, which defines the protocol used to manage these objects.
SNMP Architecture
The model of network management that is used for TCP/IP network management includes the following
key elements:
 Management station: hosts the network management applications.
 Management agent: provides information contained in the MIB to management applications
and accepts control information from the management station.
 Management information base: defines the information that can be collected and controlled by
the management application.
 Network management protocol: defines the protocol used to link the management station and
the management agents.
SNMP is designed to be a simple message-based application-layer protocol. The manager process
achieves network management using SNMP, which is implemented over the User Datagram Protocol
(UDP). SNMP agent must also implement SNMP and UDP protocols. SNMP is a connectionless protocol,
which means that each exchange between a management station and an agent is a separate
transaction. This design minimizes the complexity of the management agents.
SNMP supports five types of protocol data units (PDUs). The manager can issue three types of PDUs on
behalf of a management application: GetRequest, GetNextRequest, and SetRequest. The first two are
variations of the get function. All three messages are acknowledged by the agent in the form of a
GetResponse message, which is passed up to the management application. Another message that the
agent generates is trap. A trap is an unsolicited message and is generated when an event that affects the
normal operations of the MIB and the underlying managed resources occurs.

5
SNMP message package communicated between a management station and an agent consists of a
version identifier indicating the version of the SNMP protocol, an SNMP community name to be used for
this message package, and an SNMP PDU.
The Figure below shows the information exchange between a single manager and agent pair. In a real
network environment, there are many managers and agents.