Lecture 8

Download as ppt, pdf, or txt
Download as ppt, pdf, or txt
You are on page 1of 23

UNIVERSITY OF RWANDA

College of Science and Technology

Module ETE 4261:


Computer Networks

Lecture # 8: Network Management

1
Lecture # 8: Network Management
What is network management?

Network management is regarded as


 monitoring, testing, configuring, and
troubleshooting network components to meet a set of
requirements defined by an organization.

“Network management includes the deployment,


integration, and coordination of the hardware, software,
and human elements to monitor, test, poll, configure,
analyze, evaluate, and control the network and element
resources to meet the real-time, operational performance,
and Quality of Service requirements at a reasonable cost.”
2
Lecture # 8: Network Management
What is network management?
Let us consider a small network consisting of three routers
and a number of hosts and servers.

3
Lecture # 8: Network Management

What is network management?


In such a simple network, there are many scenarios
in which a network administrator must consider :
Detecting failure of an interface card at a host or a router
Host monitoring: periodically check to see if all network hosts
are up and operational
Monitoring traffic to aid in resource deployment
Detecting rapid changes in routing tables: instabilities in the
routing or a misconfigured router
Monitoring for SLA (service level agreements: contracts that
define specific performance metrics and acceptable levels of
network-provider performance)
Intrusion detection 4
Lecture # 8: Network Management

Functions:

 ISO has created a network management system model


that includes five areas or categories:

1. Configuration Management
2. Fault Management
3. Performance Management
4. Security management
5. Accounting management

5
Lecture # 8: Network Management

Functions performed by a network management system

6
Lecture # 8: Network Management

1. Configuration Management
 A large network is usually made up of hundreds of entities
that are physically or logically connected to one another
 These entities have an initial configuration when the network
is set up, but can change with time
 Devices may be replaced by others; application software may
be updated to a newer version; and users may move from one
group to another.
 Thus, the configuration management system must know, at
any time, the status of each entity and its relation to other
entities
 Configuration management can be subdivided into two parts:
reconfiguration and Documentation. 7
Lecture # 8: Network Management

2. Fault Management
 The goal of fault management is to log, detect, and
respond to fault conditions in the network
 Falls on two categories.
Reactive fault management: is responsible for
detecting, isolating, correcting, and recording faults.
It handles short-term solutions to faults
Proactive fault management: tries to prevent
faults from occurring. Although this is not always
possible, some types of failures can be predicted and
prevented
8
Lecture # 8: Network Management

3. Performance Management
 The goal of performance management is to quantify,
measure, report, analyze, and control the performance of
different network components
 Example of performance metrics: network utilization,
delay and througput

4. Security Management
 Security management is responsible for controlling access
to the network based on the predefined policy.
 For example, the use of firewalls to monitor and control
external access points to one’s network 9
Lecture # 8: Network Management
5. Accounting Management

 Accounting management allows the network manager to


specify, log, and control user and device access to network
resources

 Today, organizations use an accounting management


system for the following reasons:
 It prevents users from monopolizing limited network
resources
 It prevents users from using the system inefficiently
 Network managers can do short- and long-term
planning based on the demand for network use. 10
Lecture # 8: Network Management

Simple Network Management Protocol (SNMP):

 SNMP is an "Internet-standard protocol for managing


devices on IP networks
 Devices that typically support SNMP include routers,
switches, servers, workstations, printers, modem racks, and
more.
 SNMP is used mostly in network management systems
to monitor network-attached devices for conditions that
warrant administrative attention.
 The protocol is designed at the application layer so that it
can monitor devices made by different manufacturers and
installed on different physical networks. 11
Lecture # 8: Network Management

 SNMP concept:
Management with SNMP is based on three basic ideas:
1. A manager checks an agent by requesting information that
reflects the behavior of the agent.
2. A manager forces an agent to perform a task by resetting
values in the agent database.
3. An agent contributes to the management process by warning
the manager of an unusual situation.

12
Lecture # 8: Network Management

 SNMP concept:
 SNMP operates in the Application Layer of the Internet
Protocol Suite
 The SNMP agent receives requests on UDP port 161.
 The manager may send requests from any available
source port to port 161 in the agent.
The agent response will be sent back to the source port on
the manager
 The manager receives notifications (Traps and
InformRequests) on port 162.
 The agent may generate notifications from any available
port.
13
Lecture # 8: Network Management

Role of SNMP:

SNMP defines the format of packets exchanged between a


manager and an agent.
It reads and changes the status (values) of objects
(variables) in SNMP packets

To do management tasks, SNMP uses two other protocols:

1. Structure of Management Information (SMI)


2. Management Information Base (MIB).
14
Lecture # 8: Network Management

Role of SMI:

SMI defines the general rules for naming objects, defining


object types (including range and length), and showing how
to encode objects and values.

The SMI (version 2, SMIv2) functions are


1. To name objects
2. To define the type of data that can be stored in an
object
3. To show how to encode data for transmission
over the network
15
Lecture # 8: Network Management

Role of MIB:
 For each entity to be managed, MIB must define the
number of objects, name them according to the rules
defined by SMI, and associate a type to each named object .
 MIB creates a collection of named objects, their types,
and their relationships to each other in an entity to be
managed.
 Each agent has its own MIB2, which is a collection of all
the objects that the manager can manage.
The objects in MIB2 are categorized under 10 different
groups: system, interface, address translation, ip, icmp, tcp,
udp, egp, transmission, and snmp.
16
Lecture # 8: Network Management

SNMP:
• Allobjects managed by
SNMP are given an object
identifier.

• The object identifier


always starts with
1.3.6.1.2.1.

17
Lecture # 8: Network Management

Network Management Architecture:


 Network management system contains two primary elements:
a manager and agents.
 Manager: network administrator performs network
management functions.
 Agents: are the entities that interface to the actual managed
devices: Bridges, Hubs, Routers or network servers
 Managed devices contain managed objects. These managed
objects might be hardware, configuration parameters,
performance statistics, and so on
 These objects are arranged in a virtual information database ,
called a MIB.
 SNMP allows managers and agents to communicate for the
purpose of accessing these objects 18
Lecture # 8: Network Management

Network Management Architecture:

 There are three principal


components of a network
management architecture:
 managing entity (application
running on network and it
controls the collection, processing,
analysis)
managed devices
 network management
protocol (runs between managing
entity and managed device).
19
Lecture # 8: Network Management

Network Management Architecture:


 A typical agent usually:
 Implements full SNMP protocol
 Stores and retrieves management data as defined by the MIB
 Can asynchronously signal an event to the manager
 Can be a proxy (The proxy agent then translates the protocol
interactions it receives from the management station) for some
non-SNMP manageable network node.
 A typical manager usually:
 Implemented as a network management station
 Implements full SNMP Protocol
 Able to: Query agents, Get responses from agents, Set
variables in agents
20
Lecture # 8: Network Management

Network Management Architecture

21
Lecture # 8: Network Management

SNMP Security
 SNMP messages are used not just to monitor, but also to
control network elements.
 An intruder could intercept SNMP messages and/or
generate its own SNMP packets into the management
infrastructure
 Thus, it is crucial that SNMP messages be transmitted
securely
 The most recent version of SNMP that provides security
is SNMPv3 security and is known as user-based security
[RFC 3414]

22
Lecture # 8: Network Management

SNMP Security:
 SNMPv3 provides:
 Encryption: SNMP PDUs can be encrypted using the
Data Encryption Standard (DES) in Cipher Block Chaining
(CBC) mode
Authentication: SNMP uses the Message Authentication
Code (MAC) technique to provide authentication
 Protection against playback: to ensure that a received
message is not a replay of some earlier message, the receiver
requires that the sender include a value in each message that
is based on a counter in the receiver
Access control: SNMPv3 provides a view-based access
control that controls which network management
information can be queried and/or set by which users 23

You might also like