Introduction to Network

Management

by
Nikhil Tiwrai
Telephone network

 Characteristics
 Reliable - does what is expected of it
 Dependable - always there when you need it
 Good quality (connection) - hearing each other well
 Reasons
 Good planning, design, and implementation
 Good operation and management of network
Telephone Network Model
To other
Regional centers
Sectional centers
Regional Center Regional Center Primary centers
Class 1 switch Class 1 switch Toll centers
End offices

To other
Sectional Center Sectional Center Primary centers
Class 2 switch Class 2 switch Toll centers
End offices

Primary Center Primary Center To other

Class 3 switch Class 3 switch Class 4 toll points
End offices

Toll Center Toll Center

Class 4 switch Class 4 switch

End Office End Office

Class 5 switch Class 5 switch
Legend:
Loop
Direct Trunk
Toll-Connecting Trunk
Toll Trunk
Voice Voice

Figure 1.1 Telephone Network Model

TCP/IP Based Networks
 TCP/IP is a suite of protocols
 Internet is based on TCP/IP
 IP is Internet protocol at the network layer level
 TCP is connection-oriented transport protocol
and ensures end-to-end connection
 UDP is connectionless transport protocol and
provides datagram service
 E-mail, WWW, FTP, Telnet: TCP/IP
 Network mgmt. (SNMP): UDP/IP
 ICMP: part of TCP/IP suite
Comparison
Telephone Network TCP/IP, Internet
Terminal Terminal
Telephone PDAs, PC, Workstations, …
Application (Content) Application (Content)
Voice Data: File, Message
Voice, Image, Video.
Bandwidth Requirement Bandwidth Requirement
Static (64 kbps) Dynamic (kbps ~ Mbps)
Transmission Transmission
Loop: UTP Access: UTP, Coaxial Cable, …
Trunk: Optical Trunk: Coaxial Cable, Optical Fiber
Fiber
Network Elements (NEs) Network Elements (NEs)
CPE, Switch, Mux, Hub, Switch, Bridge, Router
Cross connect
Comparison (cont.)
Telephone Network TCP/IP, Internet

Addressing Addressing
Telephone MAC, IP, Port, Domain Name,
number URL
Intelligent
Networks
Network Configuration Network Configuration
fixed, or Changed frequently
seldom changed
Growth Growth
Stable, not grow in dog years, new
changed applications
Network Management Network Management
Well planned Network Management
NOCs Tools/Systems
 Workstation
Mail Server
(Joe)
Workstation

Internet Configuration LAN A LAN B

Bridge / Bridge /
Router Router
Domain
Name Bridge /
Server Router

LAN C

Gateway

WAN

Gateway

LAN X

Bridge /
Router
Bridge /
Bridge / Router
Router

LAN Y LAN Z

Workstation

PC (Sally) Mail Server

Figure 1.9 Internet Configuration

 What is Network Management?
 Goal
 To ensure that the users of a network receive the IT services with
the quality of service (QoS) that they expect.

"Network management includes the deployment,

integration
and coordination of the hardware, software, and human
elements to monitor, test, configure, analyze, evaluate,
and control the network and element resources to meet
the
real-time, operational performance, and Quality of
Service
requirements at a reasonable cost."
 Introduction to Network Management

Network Management: ITU

Definition
 Supervising the performance of the
network in “real” time (operation)
 Taking immediate actions to control the
network when necessary (configuration)
 Maximizing the use of network capacity
(cost-effectiveness)
 Planning for future events (development)
 Contingency planning (risk)
Why NM

 For proactive management of network

 Verify customer configuration
 Diagnose problems
 Provide statistics on performance
 Help remove bottlenecks
 To see the trend in growth
Protocols used in NM
 SNMP(v1, v2, v3)
 Simple Network Management Protocol
 ICMP
 Internet Control Message Protocol
 Ping , traceroute
 ARP/RARP
 Address Resolution Protocol/ (Reverse ARP)
 TCP
 Socket
 Telnet/SSH
 HTTP+XML
Common Network Problems
 Loss of connectivity (Link, Node, Interface)
 Duplicate IP address (Procedural)
 Intermittent problems
 A system interface problem in a shared medium
 Network configuration issues
 Non-problems
 The cause of failure is a mystery. (Turn off , Turn on)
 Performance problems
 The cause of long network delay and increasing the response
time
Top-down View of NM functions
Network
Management

Network Network Network

Provisioning Operations Maintenance

Planning Fault Management / Service Restoration Fault Management

Design Configuration Management Trouble Ticket

Administration
Performance Management / Traffic Management
Network Installation
Security Management
Network Repairs
Accounting Management
Facilities Installation
Reports Management & Maintenance
Routine Network
Inventory Management Tests

Data Gathering & Analyses

Figure 1.21 Network Management Functional Groupings

NM Functional
Network

Users

Management Configuration Data

Decision

TT Restoration
New Performance & Traffic Data
Technology

Engineering Group Operations Group I & M Group

NOC
- Network Planning & -Network Installation &
Design - Network Operations Maintenance

Fault TT

Installation

Figure 1.22. Network Management Functional Flow Chart

Network Provisioning

 Network provisioning consists of network

planning and design.
 It keeps track of new technologies
 It determined what is needed and when it is
needed
 Future modification of network configuration.
NM Functional Requirements
 Fault Management
 detection, isolation and correction of abnormal operations
 Configuration Management
 identify managed resources and their connectivity, discovery
 Accounting Management
 keep track of usage for charging
 Performance Management
 monitor and evaluate the behavior of managed resources
 Security Management
 allow only authorized access and control

FCAPS
Fault Management
 Manages network problems to keep the network
running reliably and efficiently.
 Fault management process involves the following
steps
 Detecting the problem symptoms.
 Isolating the problem.
 Fixing the problem automatically (if possible) or manually.
 Logging the detection and resolution of the problem.
Configuration Management
 Configuration Management monitors network and
system configuration information and stores it in a
configuration management database.
 The maintenance of this database allows network
administrators to track hardware, software, and
other network resources
Configuration Management
(2)
 Each network device has a variety of information
associated with it:
 Software version information for the operating system,
protocol software, or management software.
 Hardware version information for the interfaces or hardware
controllers.
 Contact information indicating who to contact if problems with
the device arise.
 Location information indicating the physical location of the
device.
Accounting Management
 Measures network utilization parameters in order
to regulate individual and group uses of the
network.
 Minimizes network problems and maximizes
fairness of user access to the network because
network resources can be portioned based on
network capacity and user needs.
Performance Management
 Maintains internetwork performance at acceptable levels by
measuring and managing various network performance
variables.
 Performance variables include network throughput, user
response times, line utilization, and others.
 Performance management involves three basic steps:
1. Gathering data relating to key performance variables.
2. Analyzing data to determine the normal (baseline)
performance levels.
3. Determining appropriate performance thresholds for each
variable so that exceeding these thresholds indicates a
network problem worthy of attention.
Performance Management
(2)
 Reactive
 when performance becomes unacceptable (that is,
a user-defined threshold is exceeded), the
managed device reacts by sending an alert to the
network management system (NMS).
 Proactive
 simulation is used to project how network growth
will affect performance metrics. These simulations
alert administrators to impending problems before
they affect network users.
 Performance Management
(3)
 Reactive PM Components
 The management entity continually monitors performance
variables in managed devices.
 When a particular performance threshold is exceeded,
the NMS or the managed device detects the problem.
 If the managed device detects the problem, it generates
an alert and sends it to the NMS.
 The NMS takes an appropriate action, such as alerting
the network administrator.
Security Management
 Access control
 Controls access to network resources, and prevents network
sabotage (intentional or unintentional) and unauthorized access to
sensitive information.
 Aids administrators in creating a secure network environment. This
includes:
 partitioning network resources into authorized and unauthorized areas,
 mapping groups of users to those areas, and
 monitoring, policing, and logging user access to resources in those
areas.
 Security monitoring
 Security event collection
 Event analysis, correlation and alert generation
 Alert handling
Network Management
Systems
 A network management system (NMS) is a collection of
tools for network monitoring and control
 based on the manager-agent paradigm
 the manager sends mgmt requests to one or more agents
 an agent performs the requested operation and returns results
 when agents detect faults and they report to the manager
 NMS typically provides a GUI through which most or all
management tasks can be performed
 Many commercial and freely available NMSs exist:
 Commercial
 HP OpenView, IBM NetView, Sun Net Manager, Cisco works and etc.
 Open source
 OpenNMS , Nagios and etc.
Network Maintenance

 It take care of all activities of installation and

maintenance
 It is service arm of NMS
 It works closely with the help desk in
responding to the problem reported from the
field.
Trouble Ticket
Administration
 Administrative part of fault management
 It used to track problem in the network.
 It automate the tracking of trouble and
generate trouble ticket by an NMS to
resolution of problem.
 NMS
Interoperability Messages NMS
Vendor A Services & Protocols Vendor B

Network Network Network Network

Agent Agent Agent Agent

Network Network Network Network

Objects Objects Objects Objects

Application
Services
Objects Objects

Management
Vendor A Vendor B
Protocol

Objects Objects
Transport
Protocols

(b) Services and Protocols

Figure 1.23 Network Management Dumbbell Architecture

Notes
n Message exchange between NMSs managing different domains
Standard Management
Frameworks
 Internet Network Management Framework (IETF)
 SNMPv1
 SNMPv2
 SNMPv3
 OSI Network Management Framework (ISO/ITU-T)
 CMIP (X.700 Series)

 Telecommunication Management Network (ITU-T)

 TMN (M.3000 Series)

 Distributed Management Task Force (DMTF)

 DMI, CIM, WBEM
 TeleManagement Forum
 MTNM, eTOM, and etc.
Status and Future Trends
 Status:
 SNMP management
 Limited CMIP management
 Operations systems

 Future trends:
 Object-oriented approach
 Service and policy management
 Web-based management
 XML-base management
Challenges of IT Manager
nManagement of Information
nAuthentication and authorization issue
nFinancial Investment
nRapid advance of technology
nProblem analysis
nAnticipate customers demands
nAcquire and retain human resource
nManage client server environment in converged network
nMaintain reliability without disrupting the network and
impacting business
Case histories on Network
In the following histories we see that without the use of
proper network management tool could present a challenge
to IT managers
Case History I :- Importance of topology
Case History II :- Centrally Managed network Issues
Case History III :-Transaction delays in client server
network
Case History IV :-Service impact in end to end services of

customers
Case History V :-Some Common Network problem.
Thank
You
 Chapter :- 1

Network Management Perspective

Network management perspective
The Network management system primarily
manages the networks that transport
information so it perceived a network as:-
• Domain
• Protocols
• Network and transmission technologies
 Service management perspective
The Network is used to provide service to
customers and consequently what need to be
managed are the services. so it primary
concern is:-
• Providing QoS to customer
• Customer Satisfaction
 OSS Perspective
OSS support the operation of network and
network management system. So its primary
concern is:-
• Provisioning System
• Inventory Management System
• Customer Relations Management
• Trouble ticket and work force management
• IP telecommunication application management
 NMS Platform

NMS and tools are available in various platforms

hardware and operating system which is as
follows:-
• High End systems
• Low End systems
 Broadband Access Networks
Cable Modem DSL
Customer Cable HFC Telephone xDSL Customer
Network Modem Network Loop Modem Network

Cable Central
Modem Office
Head End Equipment

SDH / SONET
WAN

Router/
ATM Switch Satellite Communication
and/or Telephone Loop

Wireless
OC-n / Wireless
Business Router/ Customer
STS-n & Telephone
Customers ATM Switch Network
Link Loop

Figure 10.1 Broadband Access Networks

Notes
• Three categories of customer base:
• Corporate or enterprise
• Service providers
• Residence or SOHO
 Broadband Access Networks
Cable Modem DSL
Customer Cable HFC Telephone xDSL Customer
Network Modem Network Loop Modem Network

Cable Central
Modem Office
Head End Equipment

SDH / SONET
WAN

Router/
ATM Switch Satellite Communication
and/or Telephone Loop

Wireless
OC-n / Wireless
Business Router/ Customer
STS-n & Telephone
Customers ATM Switch Network
Link Loop

Figure 10.1 Broadband Access Networks

Notes
• Five types of access networks
• OC-n / STS-n link
• Gateway to service providers (not shown)
• HFC / Cable modem
• DSL
• Wireless
• Fixed wireless
• Satellite communication
 Access Technologies
Broadband
Access
Technology

HFC Satellite
xDSL Wireless
Communication

Telephony- Two- Telephony- Two-

ADSL HDSL VDSL ISM MMDS LMDS
Return Way Return Way

One- Two-
Way Way

Figure 10.2 Broadband Access Technologies

Notes
 Access Technologies
Broadband
Access
Technology

HFC Satellite
xDSL Wireless
Communication

Telephony- Two- Telephony- Two-

ADSL HDSL VDSL ISM MMDS LMDS
Return Way Return Way

One- Two-
Way Way

Notes
• Hybrid fiber coaxial technology plant / cable modem
at customer premises
• Telephony return is one-way, downstream
(forward direction) cable, upstream (reverse
direction) telephone
• Two-way downstream at high frequency band
and upstream at low frequency band
• Carries voice, video and data
• Upstream bandwidth requirements less compared
to downstream bandwidth
 Access Technologies
Broadband
Access
Technology

HFC Satellite
xDSL Wireless
Communication

Telephony- Two- Telephony- Two-

ADSL HDSL VDSL ISM MMDS LMDS
Return Way Return Way

One- Two-
Way Way

Notes
• xDSL: Digital subscriber line technology
• Asymmetric DSL (ADSL)
• High-speed DSL (HDSL)
• Very-high speed DSL (VDSL)
• Uses existing local loop telephone facilities
 Access Technologies
Broadband
Access
Technology

HFC Satellite
xDSL Wireless
Communication

Telephony- Two- Telephony- Two-

ADSL HDSL VDSL ISM MMDS LMDS
Return Way Return Way

One- Two-
Way Way

Notes
• Wireless: Terrestrial fixed wireless systems
• Instructional scientific and medical (ISM):
902 - 928 MHz (0.5 mile) and
2400 - 2483 MHz (15 miles)
• Multichannel multipoint distribution service
(MMDS) 2500 - 2686 MHz (35 miles)
• Local multipoint distribution service
27,500 - 28,350 MHz and 31,000 - 31,300 MHz
(3 miles)
 Access Technologies
Broadband
Access
Technology

HFC Satellite
xDSL Wireless
Communication

Telephony- Two- Telephony- Two-

ADSL HDSL VDSL ISM MMDS LMDS
Return Way Return Way

One- Two-
Way Way

Notes
• Satellite communication
• Telephony return is one-way, downstream
wireless, upstream telephone
• Two-way downstream and upstream wireless
 HFC Network Ethernet

Cable
Modem

NIU

Satellite
2-WAY
Head Fiber COAX
WAN Fiber
End Node
Amplifier

ISP NIU

Cable
Modem
NIU Network Interface Unit
TV Monitor

Workstation

Notes
• Fiber - 2 one-way transmission
• Coaxial - 2-way transmission
• 2-way amplifiers
• Fiber node: optical - RF conversion
 HFC Network Ethernet

Cable
Modem

NIU

Satellite
2-WAY
Head Fiber COAX
WAN Fiber
End Node
Amplifier

ISP NIU

Cable
Modem
NIU Network Interface Unit
TV Monitor

Workstation

Notes
• Head end:
• Signals from multiple sources multiplexed
• Frequency conversion for local signal
• Network interface device (NID) / unit (NIU)
Demarcation point between customer network and
service provider networks
• Cable modem: RF Ethernet, analog telephony,
and video
Thank You
Abstract Syntax Notation One
N.1 is more than a syntax; it’s a language
dresses both syntax and semantics
o type of syntax
Abstract syntax: set of rules that specify
data type and structure for information storage
Transfer syntax: set of rules for communicating
information between systems
kes application layer protocols
ependent of lower layer protocols
n generate machine-readable code: Basic
coding Rules (BER) is used in management
dules
Backus-Nauer Form (BNF)
Definition:
<name> ::= <definition>
Rules:
<digit> ::= 0|1|2|3|4|5|6|7|8|9
<number> ::= <number> | <digit> <number>
<op> ::= +|-|x|/
<SAE> ::= <number>|<SAE>|
<SAE><op><SAE>
Example:
• •9BNF is used for
is primitive 9 ASN.1 constructs
• •19
Constructs developed
is construct of 1 andfrom
9 primitives
• The above example illustrates how numbers
are constructed from the primitive <digit>
• Simple Arithmetic Expression entity (<SAE>)
is constructed from the primitives <digit> and
<op>
Simple Arithmetic Expression
E> ::= <number> | <SAE><op><number>

mple: 26 = 13 x 2

structs and primitives

Notes
 Type and Value
Assignments
• <BooleanType> ::= BOOLEAN
• <BooleanValue> ::= TRUE | FALSE

ASN.1 module is a group of assignments

erson-name Person-Name::=
{
first "John",
middle "I",
last "Smith"
}
 Data Type: Example 1
PersonnelRecord ::= SET
{ Name,
title GraphicString,
division CHOICE
marketing [0] SEQUENCE
{Sector,
Country},
research [1] CHOICE
{product-based [0] NULL,
basic [1] NULL},
production [2] SEQUENCE
{Product-line,
Country } }
etc.
Figure 3.13 ASN.1 Data Type Definition Example 1

Notes
odule name starts with capital letters
ata types:
Primitives: NULL, GraphicString
Constructs
• Alternatives : CHOICE
• List maker: SET, SEQUENCE
• Repetition: SET OF, SEQUENCE OF:
fference between SET and SEQUENCE
 Data Type: Example 2
Trade-message ::= SEQUENCE
{invoice-no INTEGER
name GraphicString,
details SEQUENCE OF
SEQUENCE
{part-no INTEGER
quantity INTEGER},
charge REAL,
authenticator Security-Type}

Security-Type ::= SET

{ …
…
… }
Figure 3.14 ASN.1 Data Type Definition Example 2

Notes
QUENCE OF SEQUENCE makes tables of rows
 ASN.1 Symbols
Symbol Meaning
::= Defined as
| or, alternative, options of a list
- Signed number
-- Following the symbol are comments
{} Start and end of a list
[] Start and end of a tag
() Start and end of subtype
.. Range
 Chapter 3

Keyword Examples
• CHOICE

• SET
• SEQUENCE
• OF
• NULL

Keywords are in all UPPERCASE letters

 Chapter 3

Data Type: Structure & Tag

Data Type

Tag

Structure

Number

Simple Structured Tagged Other Class

Context-
Universal Application Private
specific

Figure 3.15 ASN.1 Data Type Structure and Tag

Notes
tructure defines how data type is built
ag uniquely identifies the data type
 Chapter 3

Structure
• Simple
• PageNumber ::= INTEGER
• ChapterNumber ::= INTEGER
• Structure / Construct
• BookPageNumber ::=
SEQUENCE
{ChapterNumber, Separator,
PageNumber
Example: {1-1, 2-3, 3-39}
• Tagged
• Derived from another type; given a new ID
• In Fig. 3-14, INTEGER is either universal or
application specific
• Other types:
• CHOICE, ANY
 Structure

• BookPages ::= SEQUENCE OF

{ BookPageNumber}
or
BookPages ::=
SEQUENCE OF
{
SEQUENCE
{ChapterNumber,
Separator,
PageNumber}
}
 Chapter 3

Tag
• Tag uniquely identifies a data type
• Comprises class and tag number
• Class:
• Universal - always true
• Application - only in the application used
• Context-specific - specific context in application
• Private - used extensively by commercial
vendors
Notes
ple:
OLEAN Universal 1
EGER Universal 2
earch Application [1] (Figure 3.13)
duct-based Context-specific under research [0]
 Chapter 3

Enumerated Integer
RainbowColors ::= ENUMERATED
{
violet (0)
indigo (1)
blue (2)
green (3)
yellow (4)
orange (5)
red (6)
}

Notes
NUMERATED is a special case of INTEGER
xample: RainbowColors(5) is orange
 Chapter 3

Object Name

itu iso iso-itu

0 1 2

org
3

dod
6

internet
1

private
4

enterprise
1

IBM
2

Notes
ternet OBJECT IDENTIFIER ::=
{ISO(1) ORG(3) DOD(6) INTERNET(1)}
 Chapter 3

TLV Encoding
Type Length Value

Class P/C Tag Number

(7-8th bits) (6th bit) (1-5th bits)

Class 8th bit 7th bit

Universal 0 0
Application 0 1
Context-specific 1 0
Private 1 1

Notes
LV Type, length, and value are components
of the structure
 Chapter 3

Macro
<macroname> MACRO ::=
BEGIN
TYPE NOTATION ::= <syntaxOfNewType>
VALUE NOTATION ::= <syntaxOfNewValue>
<auxiliaryAssignments>
END

Example:
CS8803 OBJECT-IDENTITY
STATUS current
DESCRIPTION "A graduate-level network
management course offered every fall by
College of Computing in Georgia Institute of
Technology."
::= {csclasses 50}

Notes
Macro is used to create new data types
 Chapter 3

Chapter 3
Basic Foundations:
Standards, Models, and Language
 Chapter 3

Table 3.1 Network Management Standards

Standard Salient Points

OSI / CMIP  International standard (ISO / OSI)
 Management of data communications network - LAN and
WAN
 Deals with all 7 layers
 Most complete
 Object oriented
 Well structured and layered
 Consumes large resource in implementation
SNMP /  Industry standard (IETF)
Internet  Originally intended for management of Internet components,
currently adopted for WAN and telecommunication systems
 Easy to implement
 Most widely implemented
TMN  International standard (ITU-T)
 Management of telecommunications network
 Based on OSI network management framework
 Addresses both network and administrative aspects of
management
IEEE  IEEE standards adopted internationally
 Addresses LAN and MAN management
 Adopts OSI standards significantly
 Deals with first two layers of OSI RM
Web-based  Web-Based Enterprise Management (WBEM)
Management  Java Management Application Program Interface (JMAPI)
 Chapter 3

OSI Architecture and Model

Network
Mangement

Organization Information Communication Functional

Model Model Model Model

Figure 3.1 OSl Network Management Model

Notes
• Organization
• Network management components
• Functions of components
• Relationships
• Information
• Structure of management information (SMI)
• Syntax and semantics
• Management information base (MIB)
• Organization of management information
• Object-oriented
 Chapter 3

OSI Architecture and Model

Network
Mangement

Organization Information Communication Functional

Model Model Model Model

Figure 3.1 OSl Network Management Model

Notes
• Communication
• Transfer syntax with bi-directional messages
• Transfer structure (PDU)
• Functions
• Application functions
• Configure components
• Monitor components
• Measure performance
• Secure information
• Usage accounting
 Chapter 3

SNMP Architecture and Model

Network
Mangement

Organization Information Communication Functional

Model Model Model Model

Figure 3.1 OSl Network Management Model

Notes
• Organization
• Same as OSI model
• Information
• Same as OSI, but scalar
•Communication
• Messages less complex than OSI
and unidirectional
• Transfer structure (PDU)
• Functions
• Application functions
• Operations
• Administration
• Security
 Chapter 3

TMN Architecture
• Addresses management of
telecommunication
networks
• Based on OSI model
• Superstructure on OSI network
• Addresses network, service, and business
management

Notes
 Chapter 3

Organizational Model
• Manager
• Sends requests to agents
• Monitors alarms
• Houses applications
• Provides user interface
• Agent
• Gathers information from objects
• Configures parameters of objects
• Responds to managers’ requests
• Generates alarms and sends them to
mangers
• Managed object
• Network element that is managed
• Houses management agent
• All objects are not managed / manageable

Notes
 Chapter 3

Two-Tier Model
MDB Manager

Managed objects

Unmanaged objects

MDB Management Database

Agent process

Figure 3.2 Two-Tier Network Mangement Organization Model

Notes
• Agent built into network element
Example: Managed hub, managed router
• An agent can manage multiple elements
Example: Switched hub, ATM switch
• MDB is a physical database
• Unmanaged objects are network elements
that are not managed - both physical (unmanaged
hub) and logical (passive elements)
 Chapter 3

Three-Tier Model

MDB Manager

MDB Agent / Manager

Managed objects
MDB Management Database

Agent process

Figure 3.3 Three-Tier Network Mangement Organization Model

Notes
• Middle layer plays the dual role
• Agent to the top-level manager
• Manager to the managed objects
• Example of middle level: Remote monitoring
agent (RMON)
 Chapter 3

Manager of Managers
MoM MDB

Agent Agent
Agent NMS MDB Agent NMS MDB
Manager Manager

Managed objects
Managed objects

Agent NMS

MoM Manager of Managers Manager

Agent
MDB Management Database

Agent process

Figure 3.4 Network Mangement Organization Model with MoM

Notes
• Agent NMS manages the domain
• MoM presents integrated view of domains
• Domain may be geographical, administrative,
vendor-specific products, etc.
 Chapter 3

Peer NMSs

Agent NMS Manager NMS

Manager NMS Agent NMS

Figure 3.5 Dual Role of Management Process

Notes
• Dual role of both NMSs
• Network management system acts as peers
• Dumbbell architecture discussed in Chapter 1
• Notice that the manager and agent functions are
processes and not systems
 Chapter 3

Information Model:
Analogy
• Figure in a book uniquely identified by
• ISBN, Chapter, and Figure number in that
hierarchical order
• ID: {ISBN, chapter, figure}
• The three elements above define the syntax
• Semantics is the meaning of the three
entities according to Webster’s dictionary
• The information comprises syntax and semantics
about an object

Notes
 Chapter 3

Structure of Management Information

(SMI)
• SMI defines for a managed object
• Syntax
• Semantics
• plus additional information such as status
• Example
sysDescr: { system 1 }
Syntax: OCTET STRING
Definition: "A textual description of the entity. "
Access: read-only
Status: mandatory

Notes
 Chapter 3

Management Information Base (MIB)

• Information base contains information about objects
• Organized by grouping of related objects
• Defines relationship between objects
• It is NOT a physical database. It is a virtual
database that is compiled into management module

Notes
 Chapter 3

Information Base View: An Analogy

• Fulton County library system has many branches
• Each branch has a set of books
• The books in each branch is a different set
• The information base of the county has the
view (catalog) of all books
• The information base of each branch has the
catalog of books that belong to that branch.
That is, each branch has its view (catalog) of
the information base
• Let us apply this to MIB view

Notes
 Chapter 3

MIB View and Access of an Object

• A managed object has many attributes - its
information base
• There are several operations that can be
performed on the objects
• A user (manager) can view and perform only
certain operations on the object by invoking
the management agent
• The view of the object attributes that the agent
perceives is the MIB view
• The operation that a user can perform is the
MIB access

Notes
 Chapter 3

Management Data Base / Information Base

MDB Manager MIB

MDB Management Database

MIB Management Information Base

Agent process

Managed objects

Figure 3.6 Network Configuration with Data and Information Base

Notes
• Distinction between MDB and MIB
• MDB physical database; e.g.. Oracle, Sybase
• MIB virtual database; schema compiled into
management software
• An NMS can automatically discover a managed
object, such as a hub, when added to the network
• The NMS can identify the new object as hub only
after the MIB schema of the hub is compiled into
NMS software
 Chapter 3

Managed Object
• Managed objects can be
• Network elements (hardware, system)
• hubs, bridges, routers, transmission facilities
• Software (non-physical)
• programs, algorithms
• Administrative information
• contact person, name of group of objects
(IP group)

Notes
 Chapter 3

Management Information Tree

Root

Level 1

Level 2

Level 3

Figure 3.7 Generic Representation of Management Information Tree

Notes
 Chapter 3

OSI Management Information Tree

itu iso iso-itu

0 1 2

org
3

dod
6

internet
1

Figure 3.8 OSI Management Information Tree

Notes
• iso International Standards Organization
itu International Telecommunications Union
dod Department of Defense
• Designation:
• iso 1
• org 1.3
• dod 1.3.6
• internet 1.3.6.1
 Chapter 3

Object Type and Instance

• Type
• Name
• Syntax
• Definition
• Status
• Access
• Instance

Notes
• Example of a circle
• “circle” is syntax
• Semantics is definition from dictionary”
“A plane figure bounded by a single curved
line, every point of which is of equal distance
from the center of the figure.”
• Analogy of nursery school
 Chapter 3

Managed Object:
Internet Perspective

Access: Object Type:

Access Object ID and
privilege Descriptor
circle

Status :
Implementaion
requirements
Syntax : Defintion :
model of object Semantics -
textual description

Figure 3.9(a) Internet Perspective

Notes
·object ID unique ID
·and descriptor and name for the object
·syntax used to model the object
·access access privilege to a
managed object
·status implementation
requirements
·definition textual description of the
semantics of object
type
 Chapter 3

Managed Object:
OSI Perspective
Notifications :
Notify changes in
attribute values

Object Class:

Object Class:
Elliptical
Circular

object
object Behaviour

Operations:
Push

Attributes : Attributes:
circle, dimension ellipse, dimension

Figure 3.9(b) OSI Perspective

Notes
·object class managed object
·attributes attributes visible at its boundary
·operations operations which may be applied to it
·behaviour behaviour exhibited by it in response to operation
·notifications notifications emitted by the object
 Chapter 3

Packet Counter Example

Characteristics Example
Object type PktCounter
Syntax Counter
Access Read-only
Status Mandatory
Description Counts number of packets
Figure 3.10(a) Internet Perspective

Characteristics Example
Object class Packet Counter
Attributes Single-valued
Operations get, set
Behavior Retrieves or resets values
Notifications Generates notifications on new
value
Figure 3.10 (b) OSI Perspective

Figure 3.10 Packet Counter As Example of Managed Object

Notes
 Chapter 3

Internet Vs OSI Managed Object

• Scalar object in Internet Vs Object-oriented
approach in OSI
• OSI characteristics of operations, behaviour, and
notification are part of communication model in
Internet: get/set and response/alarm
• Internet syntax is absorbed as part of OSI attributes
• Internet access is part of OSI security model
• Internet status is part of OSI conformance application
• OSI permits creation and deletion of objects;
Internet does not: Enhancement in SNMPv2

Notes
 Chapter 3

Mgmt. Communication Model

Operations /
Requests

Manager Responses Agent

Notifications / Network Elements /

Applications
Traps Managed Objects

Figure 3.11 Management Message Communication Model

Notes
• In Internet requests/responses, in OSI operations
• In Internet traps and notifications (SNMPv2),
in OSI notifications
 Chapter 3

Transfer
Manager
Protocols
Operations / Requests / Responses Agent
Applications Traps / Notifications Applications

Manager Agent
SNMP (Internet)
Communication Communication
CMIP (OSI)
Module Module

UDP / IP (Internet)
Transport Layers Transport Layers
OSI Lower Layer Profiles (OSI)

Physical Medium

Figure 3.12 Management Communication Transfer Protocols

Notes
• Internet is based on SNMP; OSI is based on CMIP
• OSI uses CMISE (Common Management Information
Service Element) application with CMIP
• OSI specifies both c-o and connectionless transport
protocol; SNMPv2 extended to c-o, but rarely used
 Chapter 3

Functional Model
OSI
Functional Model

Configuration Fault Performance Security Accounting

Management Management Management Management Management

Notes
• Configuration management
• set and change network configuration and
component parameters
• Set up alarm thresholds
• Fault management
• Detection and isolation of failures in network
• Trouble ticket administration
• Performance management
• Monitor performance of network
• Security management
• Authentication
• Authorization
• Encryption
• Accounting management
• Functional accounting of network usage
SNM
P
INTRODUCTION
 SNMP
 What is SNMP?

 SNMP Architecture

 SNMP Components

 Versions of SNMP

 Trap Event
WHAT IS SNMP?
 Simple Network Management Protocol (SNMP) is an
Internet standard protocol
It is defined by IETF, Internet engineering task force. It is
application layer protocol.
 It manages devices on IP networks. Devices that
typically support SNMP include routers, switches,
servers, workstations, printers, modem racks and more.
It is used mostly in network management.
 SNMP is an application program that allows,
manager to retrieve value of an object defined in
agent, a manager to store value in an object defined
in agent , an agent to send alarm information called
trap event.
SNMP MODEL
•Organization Model
• Relationship between network element,
agent, and manager
• Hierarchical architecture
• Information Model
• Uses ASN.1 syntax
• SMI (Structure of Management Information
• MIB ( Management Information Base)
• Communication Model
• Transfer syntax
• SNMP over TCP/IP
• Communication services addressed by
messages
• Security framework community-based model
Two-Tier Organization Model

SNMP SNMP SNMP

Manager Manager Manager

SNMPAgent Network Agent

Network Network
Element Element

(a) One Manager - One Agent Model (b) Multiple Managers - One Agent Model
Three-Tier Organization Model:
RMON

SNMP
Manager

RMON
Probe

Managed
Objects
Three-Tier Organization Model:
Proxy Server
SNMP
Manager

Proxy
Server

Non-SNMP SNMP
Managed Managed
Objects Objects
SNMP ARCHITECTURE
 SNMP defines manager ,it monitoring
and managing devices connected with
network.
 Manager sending request to network

device called agent and agent will

respond to manager request via SNMP.
 Agents will respond data on

managed systems as variables.

SNMP ARCHITECTURE
 NMS, network management systems it executes
application which monitor and manage devices.
basically it will run on manager
System Architecture
SNMP Manager SNMP Agent

Manage- SNMP Manager SNMP Agent

ment Application Application
Data
GetNext-Request

GetNext-Request
Get-Response
Get-Request

Get-Request
Set-Request

Set-Request

Get-Response
Trap

Trap
SNMP SNMP

UDP UDP

IP IP

DLC DLC

PHY PHY

Physical Medium

Figure 4.9 SNMP Network Management Architecture

SNMP Messages
•Get-Request
• Sent by manager requesting data from agent
• Get-Next-Request
• Sent by manager requesting data on the next
MO to the one specified
• Set-Request
• Initializes or changes the value of network
element
• Get-Response
• Agent responds with data for get and set
requests from the manager
• Trap
• Alarm generated by an agent
Information
• Structure of Management
Information (SMI)
(RFC 1155)
• Managed Object
• Scalar
• Aggregate or tabular object
• Management Information Base
(RFC 1213)
MIB
 SNMP protocol provide information about
devices and that variables
information is provided by management
information base(MIB). It is
collection of objects and their types in
hierarchal tree format.
SMI
 SMI defines rule for naming objects, defining
object types and showing how to encode
objects and data.
 Agent will receives request on UDP port no. 161
and manager will send request on UDP port
no. 161
 Manger receives notifications from agent on port

no. 162 that called trap event.

SNMP MESSAGE FIELDS
SNMPv1
V1 is first version of SNMP basically has
poor security.
 SNMPv2

V2 is revised version of V1 it improves in area

of performance, security, confidentially. It
introduces Getbulkrequest & inform Request
TRAP-P DU
 A sysUpTime parameter (TimeTicks). This appears in the
first variable-binding in a n SNMPv2-Trap-PDU or
InformRequest-PDU.
 An snmpTrapOID parameter (OBJECT IDENTIFIER).

This appears in the second variable-binding in a n

SNMPv2-Trap-PDU or InformRequest-PDU.
 A list of variable-bindings (VarBindList). This refers to all
but the first two variable-bindings in a n SNMPv2-Trap-
PDU or InformRequest-PDU
TRAP
1.
V1 Contains agent address.
2. It has information about
specific t ra p and generic t ra p
value.
3. It does not have error index
and status
TRAPV2
4. Does not contain agent
address.
5. It has Trap OID in the second
varbind.
6. It has error index and status.
THANK YOU
Simple Network
Manageme
nt
Protocol
What is SNMP?

The Simple Network Management Protocol (SNMP) is an

application layer protocol used to manage network resources.

Designed to be Simple-very few commands.

It concerns with Network Management.

It’s a Protocol-defined by IETF.

What does SNMP manage?
…all SNMP compatible
devices.
servers

workstations

routers

switches

printers

…many more.
SNMP Functionality?

 Fault Management.

 Configuration Management.

 Accounting Management. Local and/or

Remote
 Performance Monitoring and Management.

 Security Management.
SNMP Components
SNMP Manager.
SNMP Agent.
MIB- Management Information Base.

Network
SNMP SNMP
Manag Request Agen
er t
Response
Proces Proce
Trap
s MIB ss MIB
SNMP Manager

Software that runs on some administrative computer and manages

the whole network.

Capable of querying any managed device - via polling.

Capable enforcing management decision in Network.

Normally runs on very few system compared to SNMP agents.

SNMP Agent

Small piece of code that runs on every SNMP managed device and
gathers and sends data about that managed resource in response to
a request from the manager.

Collects information from network device, on which it resides

and stores in MIB.
 Replies to manager with proper information when asked for.

 Can initiate communication with SNMP manager using traps.

SNMP Proxy
A Proxy Agent is an SNMP agent
SNMP Manager
that maintains information of one
or more non-SNMP devices.

Proxy Agent does the conversion

SNMP Agent Proxy Agent
of control messages.

..may run some other NMS. SNMP Non-SNMP

Community Community
SNMP Internals

How Management Information will be stored?

SMI: Structure of Management
Information

What Management Information data will be stored?

MIBs: Management Information Base

How information would be exchanged on network?

SNMP: Simple Network Management
Protocol
SMI-Structure of Management Information

Defines the data types allowed in MIB.

Defines naming structure for each managed objects (MO).

Typically each MIB objects has six attributes- Object Name

Object Identifier
Syntax Field
Access field
RFC- Status Field
1155 Text Descriptor
Management Information Base
 MIB is collection of network information.
Contains the real values of managed objects in the agent in the form of
variables, tables of variables.

 Access - through network management protocol.

 MO in MIB - represent characteristics of a managed device.

 Changes is done in agent MIB.

 MIB definition is available in manager. RFC-

1156
MIB Object Naming Tree
• Object Identifier – Uniquely identify
an object in Management
Information Base.

1.3.6.1.4.1.9
MIB Syntax
sysContact OBJECT-TYPE -- OBJECT-TYPE is a macro
SYNTA DisplayString (SIZE (0..255))
X read-write -- or read-write, write-only, not-accessible
ACCESS mandatory -- or optional, deprecated, obsolete
STATUS
DESCRIPTION
“Chris Francois
[email protected]
g
(360)650-0000”
::= { system 4 }
MIB example: UDP module
Object ID…....Name……………………Type…………………
Comments……………………………………….

1. UDPInDatagrams Counter32 total # datagrams

delivered at this time

2. UDPNoPorts Counter32 # underliverable datagrams no app at

portl

3.UDInErrors Counter32 # undeliverable datagrams all other reasons

1.3.6.1.2.1.7.5 UDPOutDatagramsSEQUENCE
1.3.6.1.2.1.7.4 Counter32 one entry for each
# datagrams sent port in use by app,
udpTable gives

port #and IP address

8-14
SNMP Version1
Introduced in 1988, maintained by IETF.

SNMP protocol facilitates between managed

communication device and SNMP manager.

Five messages was introduced in SNMP v1.

 GetRequest
 SetRequest Manager to Agent
 GetNextRequest
 Trap
 Response
Agent to Manager
SNMP Messages
 Get-Request
Sent by manager requesting specific data from agent.
 Get-Next-Request
Sent by manager requesting data on the next MO to the one specified.
 Set-Request
Initializes or changes the value of network element.
 Get-Response
Agent responds with data for get and set requests from the manager.
 Trap
Alarm generated by an agent.
SNMP v1
Communication is via SNMP Protocol Data Units (PDUs) that are
typically encapsulated in UDP packets.

UDP ports, 161 and 162, are the default ports reserved for
SNMP.

The agent listens for requests and replies to them over port 161.

…reports asynchronous traps on port 162, unless it is instructed

to use different ports.
SNMP Protocol Data Unit(PDU)
 Associates error
 Indicates one of a
number of errors and with object instance.
0: GetRequest Set by
error types.
1: GetNextRequest  Set by ‘Response’
2: SetRequest SNMP Request to operation.
‘Response’
3: GetResponse Response association  Others set it to
operation.
 Others set it to ‘0’
‘0’   Associates Object
Data Field of SNMPv1
General PDU Object 1 iPDU.
ns ta n c e w i th
PDU TYPE Request ID Error Status Error Index O b j e c t2
value.
Structure Value 1 current
IgnVoarleufeor2Get
GetNext
and

Generic Trap Type:

7 values are defined:
coldStart(0) Specific Trap Type:
warmStart(1) Identifies non-generic
linkDown(2) trap when Generic
linkUp(3) Trap Type set to
authenticationFailure(4) ‘enterpriseSpecific(6)
Management Enterprise ’
egpNeighborLoss(5)
under whose registration Agent’s IP enterpriseSpecific(6) Time
4: Trap Address
(for further elapsed
authority trap was
defined. identification) between
Trap PDU Structure last network
reinitialization and
Time Object
trap 1 Object 2
generation
PDU TYPE Enterprise Agent Addr Gen Trap Spec Trap
Stamp Value 1 Value 2
Issues with SNMP v1

Security- Very low standards.

× Passwords transmitted as plain text.

No provision for authenticating message source.

MIBs were not secured with ACL’s.

Limited number of error handling.

SNMP v2

Improvement over SNMP v1.

Improved security feature.

…added manager to manager

communication.
Four version of SNMP v2-
SNMP v2p, SNMP v2c, SNMP v2u, SNMPv2*.

SNMP v2 is not backward compatible with SNMP v1.

SNMP v2 additional operations
Bulk Data Transfer
GetBulkRequest message was added.
Manager can request multiple values from agent via this message.
…faster retrieval of multiple records.

Manager to Manager communication

InformRequest -information sharing between two SNMP manager.

Improved error handling

SNMPv2 includes expanded error code that distinguishes kind of error
condition.
Interfacing SNMP v1
Bilingual Manager
Implements both SNMP v1 and
Bilingual
v2 interpreter in manager. Manager Agent
SNMPv1 SNMPv2 Profile
Interprete Interpreter
Interpreter module do all MIB and r

protocol conversion to and from

SNMP agent.

SNMP PDU contains version number SNMP SNMP

to identify the frame. v1 v2
Agent Agent
Interfacing SNMP v1
Proxy Server
SNMPv2
Requests to and response from Manager
Prox
SNMPv2 agents are processed by the y
SNMPv2 manager directly. Serv
er

A proxy server is implemented as a

front end module to the SNMPv2
SNMP SNMP
manager to allow communication v1 v2
with SNMPv1 agents. Agen Agen
t t
 SNMPv2 NM Architecture

SNMP Manager SNMP Manager SNMP Agent

Application Application
SNMP Manager PDU SNMP Manager PDU SNMP Agent
Application Application Application
get-next-request

get-next-request
get-next-request
snmpV2-trap

snmpV2-trap

snmpV2-trap
get-bulk-request

get-bulk-request

get-bulk-request
inform-request

inform-request

set-request
set-request

set-request
get-request

get-request

get-request
response

response

response
SNMP
SNMP PDU SNMP SNMP SNMP
PDU

UDP UDP UDP

IP IP IP

DLC DLC DLC

PHY PHY PHY

Physical Medium Physical Medium

Figure 6.2 SNMPv2 Network Management Architecture

6-4
SNMP v2 PDU
0: GetRequest
1: GetNextRequest
2: Response
Associates error
3: Set Request Indicates one of a
with object instance.
4. Obsolete number of errors and
Set by
5. GetBulkRequest error types.
Set by ‘Response’
6. InformRequest SNMP Request to operation.
‘Response’
7. SNMPv2 Trap Response association  Others set it to
operation.
 Others set it to ‘0’
‘0’
Object 1 Object 2
PDU TYPE Request ID Error Status Error Index Value 1 Value 2

Data Field of SNMPv1

SNMPv2 PDU (except bulk) PDU.
Associates Object
instance with current
value.
 Ignore for Get and
GetNext
SNMP v2 PDU

Max Object 1 Object 2 …………… Object n

PDU TYPE Request ID Non-Repeaters Repetitions Value 1 Value 2 …………... Value n

SNMPv2 GetBulkRequest PDU

Issues with SNMP v2

 Multiple versions of SNMP v2- no consensus.

 Security-not much improvement.

 Incompatibility with earlier version (v1).

Overhead implementing Bilingual Manager or Proxy Server.
SNMP v3

 A general framework for all three SNMP versions.

Implements SNMP v1 and v2 specifications along with proposed new

features.

 Improved security feature.

 Secure remote configuration.

Protection against modification of information.
SNMP v3 Security
Major security improvement of v3 from earlier versions are-
Message Integrity -ensures that data has not been modified or tampered
while in transit.
Authentication-checks if the message is from a authorized source.
Encryption-encrypt the data to prevent others from seeing the content.

Data can be collected securely from SNMP devices without fear of

the data being tampered with or corrupted.
SNMP v3 Architecture
 SNMP Engine ID

1st
bit

SNMPv1 Enterprise ID Enterprise method Function of the method

0
SNMPv2 (1-4 octets) (5th octet) (6-12 octets)

Enterprise ID Format indicator Format

SNMPv3 1 (1-4 octets) (5th octet) (variable number of octets)

Figure 7.3 SNMP Engine ID

 SNMP v3 Engine
SNMP engine provides services for sending, receiving
messages, authenticating
and encrypting messages, and controlling access to managed
objects.

Dispatcher- support concurrent multiple SNMP

message.
Send and receive SNMP message to and from the
network.
Determine SNMP version forward to corresponding
message processing subsystem.
Interface between network and SNMP applications.
 SNMP v3 Engine
 Message processing Subsystem
Prepares message for sending in network.
Extract information from received message.

 Security Subsystem
Provides security services-authentication, encryption etc.
Contains multiple subsystem.

 Access Control System

Provides authorization services.
SNMP v3 Applications
 Command Generator
 used to generate get-request, get-next-request, get-bulk and set-request messages.
 …also processes response received from the sent commands.
 Command Responder
 Processes the get and set request destined for it.
 Notification Receiver
 Receives asynchronous messages and processes that.
 Notification Originator
 Initiates asynchronous messages or traps.
 Proxy Forwarder
 Forwards requests and notification to other SNMP engines, according to context
 No matter what MO information contained in it.
Thank you!
Broadband Network Management:
ATM Networks
 Broadband Services
• Broadband Integrated Services Digital Network (BISDN)
• Integrated analog and digital services over the same network
• The broadband network can transport very high data rate signals.
– Voice, video, and data services
– In other words it is Multimedia transportation networking
– Transport protocol and medium
• (Basic) Integrated Services Digital Network (ISDN)
– 2B (56 kilobaud)+ D (8 kilobaud signaling channel)
 Broadband Services
• WAN
– Protocols used in addition to IP are asynchronous transfer mode (ATM).
– The synchronous optical network (SONET) / OC-n (n x 51.84 Mbps)
– Synchronous Digital Hierarchy (SDH)
– Multiprotocol Label switching (MPLS)

• Broadband Access Technology is implemented using one of five technologies

– Cable modem / Hybrid fiber coax (HFC)
– Digital subscriber line (DSL)
– Wireless transmission from switching office to customer premises.
– Mobile wireless using GSM / GPRS / CDMA / WiFi
 Broadband Services Network
Residential Residential
Broadband Broadband
Customer Customer
Access Access
Network Network

Service SDH / SONET

Gateway
Providers WAN

Campus OC-n / OC-n / Campus

ATM / LAN STS-n STS-n ATM / LAN
Network Link Link Network

• WAN is MPLS / IP/ ATM Figure 9.1 Broadband Services Network

•The customer network consists of two classes, residential customers and

corporate customers with campus-like network.
• Access to corporate and residence
– OC-n used to access institutions
– HFC and DSL used for residence
– Wireless technology in early stage
 What is Asynchronous Transfer Mode
(ATM)?
• Asynchronous Transfer Mode (ATM) is a connection-oriented, high-speed, low-delay
switching and transmission technology that uses short and fixed-size packets, called cells, to
transport information.
5 octets 48 octets
Header Information
53 octets
• Each cell has the full bandwidth of the medium, and then cells are statistically
multiplexed.
• Using the cell switching technique, ATM combines the benefits of both circuit switching
(low and constant delay, guaranteed capacity) and packet switching (flexibility, efficiency
for bursty traffic) to support the transmission of multimedia traffic such as voice, video,
image, and data over the same network.
 Why ATM?
• International standard-based technology (for interoperability)
• Low network latency (for voice, video, and real-time applications)
• Low variance of delay (for voice and video transmission)
• Guaranteed quality of service
• High capacity switching (multi-giga bits per second)
• Bandwidth flexibility (dynamically assigned to users)
• Scalability (capacity may be increased on demand)
• Medium not shared for ATM LAN (no degradation in performance as traffic load or number of
users increases)
• Supports a wide range of user access speeds
• Appropriate (seamless integration) for LANs, MANs, and WANs
• Supports audio, video, imagery, and data traffic (for integrated services)
B-ISDN/ATM Protocol
Reference Model
 ATM Interfaces
• Two types of interfaces were specified:
– Basic Rate Interface (BRI): 2B+D 144 Kbps
(192 Kbps Interface structure gross bit rate)
– Primary Rate Interface (PRI): 23B+D/30B+D
1.536/1.984 Mbps (1.544/2.048 Mbps gross bit
rate)
 ATM Networks
• Public ATM Network
– Established by the service providers
• Private ATM Network
 ATM Networks
Private ATM Network
– Owned by private organizations
– Interconnects low speed/shared medium LANs
(e.g., Ethernet, Token Ring) as a backbone
network
– Interconnects individual users as the front-end
LAN for high performance or multimedia
applications
 ATM Technology
• ATM technology based on concepts:
– Virtual Path (VP) / Virtual-circuit (VC)
– Fixed packet size or cell
– Small packet size (53 bytes)
– Statistical multiplexing
– Integrated services

• Packets in a session take the same path in VP/VC

• After initial set up, latency is reduced
• SDH/ SONET in WAN uses 155.52 Mbps as basic data rate and is
universal (in contrast to T1 and E1)
• Transmission medium primarily optical fiber
• ATM used in LAN for high speed emulating Ethernet LAN
ATM Switches and Edge Devices
• ATM Switches
– ATM LAN switches
– ATM Backbone switches
– ATM WAN switches
– ATM Central Office switches
• ATM Edge Devices
– ATM capable routers
– ATM capable switches
 ATM LAN Emulation (LANE)
• It was once considered possible that ATM would be at all desktop
workstations.
• However, this has not been the case and IP over ethernet has
become the most used LAN.
•Difference between ATM and Ethernet
– ATM is connection-oriented
– ATM makes one-to-one connection b/w pair of workstations in
contrast to the broadcast and multicast mode in conventional LAN.
– ATM 20-byte addressing scheme different from 6-byte Ethernet
MAC address
• LANE emulates services of a traditional LAN
 ATM WAN Reference Model
Private ATM Network Public ATM Network

ATM ATM Public ATM ATM

Sw itch Sw itch UNI Sw itch Sw itch

Private Public
UNI UNI
ATM ATM ATM ATM
User User User User

UNI ... User Network Interface

Figure 9.9 Private and Public ATM Network User Network Interfaces

• WAN service provided by public service providers

• Private networks use public WAN facilities
• Management functions (OAM&P)
– Operations
– Administration
– Maintenance
– Provisioning
• Public and private User Network Interface (UNI) define user interfaces
 ATM WAN Management
Private Public Public
Network Network Network
M3 M5
Manager Manager Manager
(NMS) (NMS) (NMS)

M1
M2 M4 M4

Private Public Public

End Private Public
ATM ATM BICI ATM
User UNI UNI
Network Network Network

BICI Broadband inter-carrier interface

Figure 9.10 ATM Forum Management Interface Reference Architecture

• End user can be a work station, ATM switch, or any ATM device.
• OSI has defined five management interfaces:

– M1 Interface between private NMS and end user

– M2 Interface between private NMS and private network
– M3 Interface between private NMS and public NMS
– M4 Interface between public NMS and public network
– M5 Interface between public NMSs of two service providers.
 Integrated Local Management Interface (ILMI)
ATM Public Network
Public
End System UNI ATM Switch

• ATM Forum defines additional

IME IME
(User) ILMI (Net)

ATM Public

interface (ILMI) End System

IME
UNI Public VPC
Cross-connect IME

– UNI User network

(Net)
(User) ILMI

interface Private Network Public

UNI
ATM Switch

– NNI Network-Network IME

(User) ILMI
IME
(Net)

interface ATM
End System Private
Private Network
ATM Switch Public Public
UNI UNI NNI
IME IME IME IME IME
• M–interface provides a top (User) ILMI (Net) (Usr)) ILMI
(Net) (Net)

Private Network
down management view of ATM Switch
IME
Private
NNI
IME IME
Private
NNI

network or device (Sym) ILMI (Sym)) (Sym))

• The ATM defines the link ATM

End System
Private
UNI
Private PVC
Cross-Connect Private Network
ILMI

IME IME
specific view of configuration (User) ILMI (Net)
ATM Switch
IME

and fault parameters across Private Network Private

(Sym))

ATM Switch
UNI
NNI IME
IME (Usr))
(Sym) IME
ILMI (Sym))

Physical Link
Virtual Path Connections

Figure 9.11 Definitions and Context of ILMI

 ATM MIB
Internet
{1 3 6 1}

mgmt private
(2) (4)

mib-2
(1)

system interfaces transmission ifMIB atmMIB enterprises

(1) (2) (10) (31) (37) (1)

ifMIBObjects atmMIBObjects atmForum

(1) (1) (353)

atmForumAdmin (1) atmForumNetworkManagement (5)

atmfLanEmulation (4)
atmForumUni (2)

atmUniDxi (3)

• MIBs defined in two sets of documents - IETF (5 nodes) & ATM

Forum (1 node)
• ATM MIBs address ATM sublayer parameters only
SNMP ATM Management NMS

SNMP
M1

SNMP Agent
RFC 1213
RFC 1573
ATM Device RFC 1695

Figure 9.13 SNMP ATM Management (M1 Interface)

• ATM uses both SNMP MIB and ATM forum MIB.

• NMS communicates with it using SNMP protocol and MIB modules
• SNMP agent is embedded in ATM device
• RFC 1695 specifies the ATM objects.
• M1 interface is between an SNMP management system and an SNMP agent in an
ATM device.
 SNMP and ILMI
NMS

M2

SNMP
Interface

SNMP Agent
RFC 1213
Proxy RFC 1573
ATM Device B RFC 1695
Transport MIB
ATM Device A
ILMI Agent ATM Agent
MIB Mgmt Entity Interface Mgmt Entity ILMI
ILMI MIB

Private ATM Network

Figure 9.14 Role of SNMP and ILMI in ATM Management (M2 Interface)

• ILMI MIB used to gather data between ATM devices

• Proxy agents convert ILMI objects to SNMP objects
 M1 Interface Management
mib-2
(mgmt 1)

interfaces ifMIB
(2) ( 31)

ifMIBObjects
ifNumber ifTable (1)
(1) (2)

ifXTable (1) ifRecvAddressTable (4)

ifStackTable (2) ifTestTable (3)

Figure 9.15 Interfaces Group Tables for Sublayers

• M1 management interface is across an ATM device

• Additional MIBs created using ifMIB group to handle Sublayers
Table 9.4 Interfaces Group Tables for Sublayers
Entity OID Description (brief)
ifXTable ifMIBObjects 1 Additional objects for the interface
table
ifStackTable ifMIBObjects 2 Information on relationship between
sublayers
ifTestTable ifMIBObjects 3 Tests that NMS instructs agent to
perform
ifRecvAddressTable ifMIBObjects 4 Information on type of packets / frames
accepted on an interface
 ATM Transmission Groups

transmission
(10)

ds1 ds3 sonet

(18) (30) (39)

Figure 9.16 Transmission Groups for ATM

• Three transmission modes used for ATM in US

– DS1 1.544 Mbps T1 carrier
– DS3 44.736 Mbps T3 carrier
– SONET n X 155.52 Optical fiber
ATM Managed Objects Group atmMIBObjects
(1)

atmNoTrafficDescriptor (1) aal5VccTable (12)

atmInterfaceConfTable (2) atmVcCrossconnectTable (11)
atmInterfaceDs3PlcpEntry (3) atVcCrossConnectIndexNext (10)
atmInterfaceTCTable (4) atmvpCrossConnectTable (9)
atmTrafficDescrParamTable (5) atmVpCrossConnectIndexNext (8)

atmVplTable (6) atmVclTable (7)

Figure 9.17 ATM Managed Objects Group

Entity OID Description (brief)

atmNoTrafficDescriptor atmMIBObjects 1 ATM traffic descriptor type
atmInterfaceConfTable atmMIBObjects 2 ATM local interface
configuration parameter
table
atmInterfaceDs3PlcpEntry atmMIBObjects 3 ATM interface DS3 PLCP
parameters and state
variables table
atmInterfaceTCTable atmMIBObjects 4 ATM TC sublayer
configuration and state
parameters table
atmTrafficDescrParamTable atmMIBObjects 5 ATM traffic descriptor type
and associated parameters
atmVplTable atmMIBObjects 6 Virtual path link table
atmVclTable atmMIBObjects 7 Virtual channel link table
atmVpCrossConnectNext atmMIBObjects 8 Index for virtual path cross-
connect table
atmVpCrossConnectTable atmMIBObjects 9 Virtual path cross-connect
table
atmVcCrossConnectNext atmMIBObjects 10 Index for virtual channel
cross-connect table
atmVcCrossConnectTable atmMIBObjects 11 Virtual cross-connect table
aal5VccTable atmMIBObjects 12 AAL VCC performance
parameters table
 M2 Interface Management
atmForum
(353)

atmForumAdmin (1) atmForumNetworkManagement (5)

atmfLanEmulation (4)
atmForumUni (2)

atmUniDxi (3)

• M2 interface used to manage private networks

• ATM link management data gathered using ILMI MIB
• ILMI addresses:
– Administrative information (atmForumAdmin)
- registry to locate ATM network services
– UNI
– DXI (Data Exchange Interface)
– LAN Emulation
– NNI
 atmForum
ATM UNI Group {enterprises 353}

atmForumUNI
(2)

atmfAddressRegistrationAdminGroup (11)
atmfPhysicalGroup (1) atmfVccAbrGroup (10)
atmfAtmLayerGroup (2) atmfVpcAbrGroup (9)
atmfAtmStatsGroup (3) atmfSrvcRegistryGroup (8)
atmfVpcGroup (4) atmfNetPrefixGroup (7)

atmfVccGroup (5) atmfAddressGroup (6)

Figure 9.18 ATM UNI MIB Object Group

 ATM UNI MIB object Group
Entity OID Description (brief)
atmfPhysicalGroup atmForumUni 1 Defines a table of physical
layer status and parameter
information
atmfAtmLayerGroup atmForumUni 2 Defines a table of ATM layer
status and parameter
information
atmfAtmStatsGroup atmForumUni 3 Deprecated
atmfVpcGroup atmForumUni 4 Defines a table of status and
parameter information on the
virtual path connections
atmfVccGroup atmForumUni 5 Defines a table of status and
parameter information on the
virtual channel connections
atmfAddressGroup atmForumUni 6 Defines the network-side
IME table containing the
user-side ATM-layer
addresses
atmfNetPrefixGroup atmForumUni 7 Defines a user-side IME
table of network prefixes
atmfSrvcRegistrryGroup atmForumUni 8 Defines the network-side
IME table containing all
services available to the
user-side IME
atmfVpcAbrGroup atmForumUni 9 Defines a table of
operational parameters
related to ABR virtual path
connections
atmfVccAbrGroup atmForumUni 10 Defines a table of
operational parameters
related to ABR virtual
channel connections
AtmfAddressRegistrationAd atmForumUni 11
minGroup
 M3 Interface
• Management interface b/w private NMS and public service provider NMS.
• Two classes
– Class I: Status and configuration management
– Class II: Virtual configuration control
• Class I:
– Functions offered by public NMS to customer - monitoring and
management of configuration, fault, and performance
– e.g. public service NMS reporting an alarm or trap message to the
user NMS on a UNI-link failure.

• Class II:
– User ability to add, delete, and change VC between customer UNIs
– e.g. a customer wants to add new VP or increase VC in a given VP.

• Class I mandatory and Class II optional

 M3 Interface

• Class I examples
– Retrieving performance and configuration for UNI link
– Public NMS reporting of a UNI link failure
• Class II examples
– Establishing a new VP
– Increase the number of VCs in a VP
 Customer Network Management (CNM)
Carrier Management System

I II
M3 Link Status & Virtual
Configuration Configuration
Customer X
Monitoring Control
Network
Management
System M4 link

M2 Link Public
UNI
Private Public
ATM ATM
Network Network

Customer X Site 1
Public
UNI
ATM Public Public
Device UNI UNI
Private Private
Customer X Site 2 ATM ATM
Network Network

Customer X Site 3 Customer X Site 4

Figure 9.19 Customer Management of Private and Public Networks

• CNM manages both private and public networks

• CNM agent in public network provides M3 service
• CNM manages its own ATM networks at sites 1, 3, and 4.
 M3 Class I Management
General UNI Protocol Stack
information
ATM Performance
information on customer's
UNI
Physical-layer performance
and status information
ATM-Level information
configuration information
Physical-layer configuration
information
ATM-layer virtual path link
configuration and status
information
ATM-layer virtual channel
link configuration and status
information
ATM-layer virtual path
connection configuration and
status information
ATM layer virtual channel
connection configuration and
status information
ATM-layer traffic
characterization (traffic
descriptors for customer's
UNIs) information
Event notifications on ATM
link going up or down
• Class I requirements used by customer NMS from carrier NMS
• The MIB access is “read-only”
system group (RFC 1213),
interfaces group, including ifTable and
ifStackTable (RFC 1213, RFC 1573),
SNMP group (RFC 1213)
ifTable (RFC 1573)
all tables except dsx3ConfigTable (RFC 1407),
all tables except dsx1ConfigTable (RFC 1406),
all tables except the configuration tables and VT
tables of SONET MIB (RFC 1595),
atmInterfaceDs3PlcpTable /
atmInterfaceTCTable of ATM MIB (RFC 1695)
atmInterfaceConfTable of ATM MIB (RFC 1695)
dsx3ConfigTable (RFC 1407)
dsx1ConfigTable (RFC 1406)
all configuration tables except the
sonetVtConfigTable of SONET MIB (RFC 1595)
atmVplTable of ATM MIB (RFC 1695)
atmVclTable of ATM MIB (RFC 1695)
atmVpCrossConnectTable and
atmVpCrossConnectIndexNext of ATM MIB
(RFC 1695)
atmVcCrossConnectTable and
atmVcCrossConnectIndexNext of ATM MIB (RFC
1695)
atmTrafficDescrParamTable of ATM MIB (RFC
1695)
warmStart, coldStart, linkUp, linkDown of SNMP
group (RFC 1695)
 M3 Class II Management
ATM level information configuration information
Virtual path link configuration and status
configuration information
Virtual channel link configuration and status
information
Virtual path connection configuration and
status information
Virtual channel connection configuration and
status information
Traffic descriptors and information objects for
virtual path and channel connections
• Management information falls into three subgroups
– ATM-level subgroup: configuration modification
– VPC/VCC-level subgroup: configuration modification and status
information of VP/VC link and connection
– Traffic subgroup: modification of traffic descriptors and
information objects for VP/VC connections
atmInterfaceConfTable in ATM
MIB (RFC 1695)
atmVplTable in ATM MIB (RFC
1695)
atmVclTable in ATM MIB (RFC
1695)
atmVpCrossConnectTable and
atmVpCrossConnectIndexNext
of ATM MIB (RFC 1695)
atmVcCrossConnectTable and
atmVcCrossConnectIndexNext
of ATM MIB (RFC 1695)
atmTrafficDescrParamTable in
ATM MIB (RFC 1695)
ATM Relationship to TMN Business Management Layer

• ITU-T definition of five-layer model to

manage telecommunications network Service Management Layer
• ATM heavily used in WAN,
responsibility of public service ATM Management
providers
• The bottom three layers apply to ATM Network Management Layer

management
NML/EML reference point

• EL contains NEs e.g. ATM Element Management Layer

workstation, ATM switches, ATM
transport devices etc. EML/EL reference point
• EML manages NEs.
Element Layer
• The NML manages the n/w either
directly or via the EML.
• Reference points are abstract
interfaces between layers
Figure 9.20 ATM Relationship to TMN Layered Architecture
M4 Interface Managing System
Environment

M4 Interface
and /
or
• M4 interface defines conceptual
dual views
– Network element view
– Network view Managed System
Environment
• Two NMSs interface at network
view level ATM Network
View
• Each NMS interfaces with
network elements using network ATM NE
View
element view
Figure 9.21 Dual Views of the M4 Interface
 Network Element View
NMS
Environment

M4 Interface
(ATM NE View Only)

ATM ATM ATM ATM ATM

NE NE NE NE NE

Figure 9.22 NE-View Management Architecture

• Network element view architecture proposed by ATM Forum

• Multiple agent layers - SNMP and ILMI agents implied in the
representation
 NMS
Environment

Network View M4 Interface

(ATM Network View Only)

SubNMS SubNMS

M4 Interface
(ATM NE View Only)

ATM ATM ATM ATM ATM ATM

NE NE NE NE NE NE

Multi-Supplier Single-Supplier
Subnetwork Subnetwork

Figure 9.23 Example of Network-View Management Physical Configuration

• It consists of two ATM networks, single –supplier subnetwork and a

multi-supplier subnetwork.
•Three-tier architecture
• Each subNMS manages its respective domains
Combined NE and Network Views
NMS
Environment
M4 Interface M4 Interface
(ATM NE View Only) (ATM NE View Only)

M4 Interface
(ATM Network View Only)

SubNMS SubNMS

M4 Interface
(ATM NE View Only)

ATM ATM ATM ATM ATM ATM

NE NE NE NE NE NE

Multi-Supplier Single-Supplier
Subnetwork Subnetwork

Figure 9.24 Example of NE + Network-View Management Physical Configuration

• An NMS could function at both levels simultaneously

• Local elements can be managed using NE view and remote elements
using network view with subNMS
 M4 NE View Requirements:
Configuration Management
1. ATM NE configuration identification and
change reporting, which involves:
(a) Operations performed over the craft
interface
(b) Human intervention (removal/insertion
of equipment modules)
(c) Customer control channels (e.g., ILMI)
(d) Network failures
(e) Protection switching events
(f) Sub-ATM NE component initialization
(g) Secondary effects of atomic operations
performed by the management system
2. Configuration of UNIs, BICIs, and BISSIs
3. Configuration of VPL/VCL termination points
and cross-connections
4. Configuration of VPC and VCC OAM
segment end-points
5. Event flow control - event forwarding
discriminator function
 M4 NE View Requirements:
Fault Management

1. Notifying the network management system of

a detected failure
2. Logging failure reports
3. Isolating faults via demand testing

The specific functions are:

Failure reporting of the various alarms. OAM
(Operations, Administration and Maintenance)
cell loopback testing
 M4 NE View Requirements:
Performance Management

The functions of performance monitoring for an

ATM network are:
1. Performance monitoring
2. Traffic management
3. UPC (User Parameter Control) / NPC
(Network Parameter Control) disagreement
monitoring
4. Performance management control
5. Network data collection
To accomplish these general functions, the
following specific functions are specified:
1. Physical layer performance monitoring
2. ATM cell level protocol monitoring
3. UPC/NPC disagreement monitoring
 M4 Network View Requirements

1. Transport network configuration provisioning

(including subnetwork provisioning, and link
provisioning)
2. Transport network connection management
(including set-up/ reservation/ modification
for subnetwork connection, link connection,
trails and segments)
3. Network fault management (including
congestion monitoring, and connection and
segment monitoring)
4. Network security management
 M4 Network View Requirements:
Security Management
Table 9.10 Mapping of Threats and Objectives
Threat Confidentiality Data Integrity Accountability Availability
Masquerade x x x x
Eavesdropping x - - -
Unauthorized x x x x
access
Loss or - x x -
corruption of
information
Repudiation - - x -
Forgery x - x -
Denial of - - - x
Service

Table 9.11 Mapping of Security Requirements and Services

Functional Security Requirements Security Services
Verification of Identities User authentication
Peer entity authentication
Data origin authentication
Controlled access and authorization Access control
Protection of confidentiality Stored data Access control
----------------------- ------------------------------------------
Transferred data Confidentiality
Protection of data integrity Stored data Access control
----------------------- ------------------------------------------
Transferred data Integrity
Strong Accountability Non-repudiation
Activity logging Security alarm, audit trail and
recovery
Alarm reporting Security alarm, audit trail and
recovery
Audit Security alarm, audit trail and
recovery
Security recovery / Management of Security -
 Management of LANE
atmForum
{enterprises 353}

atmfLanEmulation
(4)

elanMIB lesMIB busMIB

(2) (3) (4)

elanAdminGroup (1) elanLecsGroup (3) busConfGroup (1) busFaultGroup (3)

elanConfGroup busStatGroup (2)
(2)

lesConfGroup (1) lesFaultGroup (4)

lesStatGroup (2) lesLecStatGroup (3)

Figure 9.25 ATM LAN Emulation MIB

• ATM LAN managed by SNMP MIBs defined by IETF

• LES, LECS, BUS, and LEC are managed by ATM Forum MIB
• ELAN MIB deals with information for a LEC to join an ELAN
• LES MIB used to create, configure, and monitor LESs
• BUS MIB used to create, destroy, configure, and determine BUS status; also
ELAN topology
 LAN Emulation
Table 9.12 LAN Emulation Module
Entity OID Description (brief)
elanMIB atmfLanEmulation 2 Information required for
LEC to join ELAN
elanAdminGroup elanMIB 1 Registry for LEC
assignment policy types
elanConfGroup elanMIB 2 Construct and destroy
ELAN configuration
elanLecsGroup elanMIB 3 Configure and monitor
LECs
lesMIB atmfLanEmulation 3 Information to create and
configure LES
lesConfGroup lesMIB 1 LES configuration and
topology information
lesStatGroup lesMIB 2 Used to measure
performance and fault
statistics
lesLecStatGroup lesMIB 3 Information on LE-ARP
and error statistics on
LEC-LES pairs
lesFaultGroup lesMIB 4 Information on faults
busMIB atmfLanEmulation 4 Information on BUS
busConfGroup busMIB 1 Information on BUS
configuration
busStatGroup busMIB 2 Information on BUS and
BUS-LEC statistics
busFaultGroup busMIB 3 Maintains BUS error
statistics

• ELAN created by
– creating a new ELAN using elanMIB
– creating a LES entry for that ELAN using lesMIB
– creating a BUS entry for that ELAN using busMIB
 ATM DXI Management
ATM ATM ATM
DTE DCE
DXI UNI Switch

Figure 9.26 ATM DXI Interface

ILMI

ATM ATM ATM

DTE DXI
DCE UNI Switch
DXI ILMI
SNMP

NMS

Figure 9.27 ATM DXI Local Management Interface

• Digital Exchange Interface defined between DTE (digital terminating

equipment) and DCE (digital circuit equipment) Example of DTE is hub and
DCE is DSU (digital service unit); ATM switch is part of public network
• Management of DXI and ATM UNI done using ILMI specifications
• NMS manager uses SNMP with proxy agent for ILMI management objects
Network Management Applications
 Network and Systems Mgmt
Business
Management

Service
Management

Network System
Management Management

Element Resource
Management Management

Network System
Elements Resources

Networked Information Systems

Figure 13.1 Network and System Management

• TMN architecture expanded to include systems management

 Management Applications
• OSI Model
– Configuration
– Fault
– Performance
– Security
– Accounting
• Reports
• Service Level Management
• Policy-based management
 Configuration Management
• Network Provisioning
• Inventory Management
– Equipment
– Facilities
• Network Topology
• Database Considerations
 Circuit Provisioning
• Network Provisioning
– Provisioning of network resources
• Design
• Installation and maintenance
– Circuit-switched network
– Packet-switched network, configuration for
• Protocol
• Performance
• QoS
– ATM networks
• Examples:
– TIRKS (Trunk Integrated Record Keeping
System) for circuit-switched networks
– E1 in TIRKS for equipment management
– F1 in TIRKS for facilities management
 Network Topology
• Manual
• Auto-discovery by NMS using
– Broadcast ping
– ARP table in devices
• Mapping of network
– Layout
– Layering
• Views
– Physical
– Logical
 Traditional LAN Configuration Hub 1

Port A
A1
Segment A

A2

Router

Port B
Segment B B1

Hub 2
B2
Figure 13.2 LAN Physical Configuration

A1 A2
Segment A / Hub 1

Router

Segment B / Hub 2

B1 B2

Figure 13.3 Logical Configuration of Two LAN Segments

• One-to-one mapping between physical and logical configuration

 Virtual LAN Configuration
Hub 1
Segment A
A1

Segment B B1
Port A / Segment A
Port A / Segment B Segment A
Router
Switch A2
Segment B
Hub 2
B2

Figure 13.4 VLAN Physical Configuration

A1 (Hub 1) A2 (Hub 2)
Segment A / Hub 1 & 2

Router
switch
Segment B / Hub 1 & 2

B1 (Hub 1) B2 (Hub 2)

Figure 13.5 Logical Configuration of Two VLAN Segments

• Physical and logical configurations different

• Physical location obtained from System group
 Fault Management
• Fault is a failure of a network component
• Results in loss of connectivity
• Fault management involves:
– Fault detection
• Polling
• Traps: linkDown, egpNeighborLoss
– Fault location
• Detect all components failed and trace
down the tree topology to the source
• Fault isolation by network and SNMP tools
• Use artificial intelligence /
correlation techniques
– Restoration of service
– Identification of root cause of the problem
– Problem resolution
 Performance Management
• Tools
• Performance Metrics
• Data Monitoring
• Problem Isolation
• Performance Statistics

• Tools:
– Protocol analyzers
– RMON
– MRTG
 Performance Metrics
• Macro-level
• Throughput
• Response time
• Availability
• Reliability

• Micro-level
• Bandwidth
• Utilization
• Error rate
• Peak load
• Average load
 Traffic Flow Measurement
Network Characterization
International
Backbones / National

Regional / Midlevel

Stub / Enterprise

End-Systems / Hosts

Figure 13.6 Traffic Flow Measurement Network Characterization

• Four levels defined by IETF (RFC 2063)

• Three measurement entities:
– Meters gather data and build tables
– Meter readers collect data from meters
– Managers oversee the operation
• Meter MIB (RFC 2064)
• NetrMet - an implementation(RFC 2123)
 Data Monitoring and
Problem Isolation
• Data monitoring
– Normal behavior
– Abnormal behavior (e.g., excessive collisions, high packet loss, etc)
– Set up traps (e.g., parameters in alarm group in RMON on object
identifier of interest)
– Set up alarms for criticality
– Manual and automatic clearing of alarms

• Problem isolation
– Manual mode using network and SNMP tools
– Problems in multiple components needs
tracking down the topology
– Automated mode using correlation technology
 Performance Statistics
• Traffic statistics
• Error statistics
• Used in
– QoS tracking
– Performance tuning
– Validation of SLA
– Trend analysis
– Facility planning
– Functional accounting
 Event Correlation Techniques
• Basic elements
– When a centralized NMS receives a notification
it is called receiving an event.
– A single problem source may cause multiple symptoms.
– Each symptom detected is reported as an independent event.
– we don’t treat each event independently and try to resolve it.
– Thus, it is important that the NMS correlates all these events
and isolate the root cause of problem.

• Event Correlation techniques

– Rule-based reasoning
– Model-based reasoning
– Case-based reasoning
– Codebook correlation model
– State transition graph model
– Finite state machine model
 Rule-Based Reasoning
Working Memory Data Level

Modify
Create Remove
attributes
new data data
of data
elements elements
elements

Recognize Inference Engine Act Control Level

Match Select
Invoke
potential best
action
rules rule

Knowledge Level Knowledge Level

Figure 13.7 Basic Rule-Based Reasoning Paradigm

• Knowledge base contains expert knowledge on problem symptoms and actions to be taken
if -> then
condition -> action
• Working memory contains topological and state information of the network; recognizes system going
into faulty state
• Inference engine in cooperation with knowledge base decides on the action to be taken
• Knowledge executes the action
 Rule-Based Reasoning
• Rule-based paradigm is an iterative process

• RBR is “brittle” if no precedence exists

• An exponential growth in knowledge base poses
problem in scalability “Knowledge acquisition bottleneck”
• Alarm condition for packet loss
if packet loss < 10% alarm green
if packet loss => 10% < 15% alarm yellow
if packet loss => 15% alarm red
Solution using fuzzy logic
Configuration for RBR Example
Backbone
Alarm A
Router A

Router B Alarm B

Hub C Alarm C

Server D1 Server D2 Server D3 Server D4 Alarms Dx

Figure 13.8 RBR-Based Correlation Example Scenario

 RBR Example
The correlation rule can be specified as follows:
Rule 0: Alarm A : Send rootcause alarm A
Rule 1 Alarm B If Alarm A present Related to A and ignore
Rule 2 Alarm C If Alarm B present Related to B and ignore
Rule 3 Alarm Dx if Alarm C present Related to C and ignore
Correlation window: 20 seconds.

Correlation window = 20 seconds

Arrival of Alarm A | Alarm A sent

Arrival of Alarm B |
(Correlated by rule 1)
Arrival of Alarm C |
(Correlated by rule 2)
Arrival of Alarms Dx |
(correlated by rule 3)
End of correlation window |
 Model-Based Reasoning
NMS / Correlator

Backbone
Network

Router
Model
Router

Hub1 Hub2 Hub3

Hub1 Hub2 Hub3 Model Model Model

Physical Network Equivalent Model

Figure 13.11 Model-Based Reasoning Event Correlator

• Object-oriented model
• Model is a representation of the component it models
• Model has attributes and relations to other models
• Relationship between objects reflected in a similar relationship between models
 Example:
MBR Event Correlator
Hub 1 fails
Recognized by Hub 1 model

Hub 1 model queries router model

Router model Router model

declares failure declares no
failure
Hub 1 model Hub 1 model
declares NO failure declares Failure

13-21
 Case
Library
Case-Based Reasoning

Input Retrieve Adapt Process

• Unit of knowledge
– RBR rule
– CBR case Figure 13.12 General CBR Architecture
• CBR based on the case experienced
before; extend to the current situation by
adaptation
• Three adaptation schemes
– Parameterized adaptation
– Abstraction / re-specialization
adaptation
– Critic-based adaptation
 CBR: Matching Trouble Ticket
Example: File transfer throughput problem
Trouble: file_transfer_throughput=F
Additional data: none
Resolution: A=f(F), adjust_network_load=A
Resolution status: good

Figure 13.13 Matching Trouble Ticket

• Trouble ticket in case library: A = f(F)

• Parameter A is a function of Parameter F
 CBR: Parameterized Adaptation
Trouble: file_transfer_throughput=F'
Additional data: none
Resolution: A'=f(F'), adjust_network_load=A'
Resolution status: good

Figure 13.14 Parameterized Adaptation

• A = f(F)
• A’ = f(F’)
• Functional relationship f(x) remains the same
 CBR: Abstraction / Re-specialization
Trouble: file_transfer_throughput=F
Additional data: none
Resolution: A=f(F), adjust_network_load=A
Resolution status: good

Trouble: file_transfer_throughput=F
Additional data: none
Resolution: B=g(F), adjust_network_bandwidth=B
Resolution status: good

Trouble: file_transfer_throughput=F
Additional data: adjust_network_load=no
Resolution: B=g(F), adjust_network_bandwidth=B
Resolution status: good
Figure 13.15 Abstraction / Re-specialization
Adaptation

• Two possible resolutions

– A = f(F) Adjust network load level
– B = g(F) Adjust bandwidth
• Resolution based on constraint imposed, like choosing to adjust bandwidth and
not load is a policy decision
 CBR: Critic-Based Adaptation
Trouble: file_transfer_throughput=F
Additional data: network_load=N
Resolution: A=f(F,N), adjust_network_load=A
Resolution status: good

Figure 13.16 Critic-Based Adaptation

• Human expertise introduces a new case

• N (network load) is an additional parameter added to the functional
relationship
 Network

CBR-Based Critter Spectrum

• CRITTER is CBR-based Configuration

Management

trouble resolution system Fault

Detection

• Integrated with Cabletron

Spectrum NMS CRITTER

• “Propose” is additional Fault Management

Fault Resolution

(5th) module to CBR

Case
Library

architecture; permits
manual intervention
Input Retrieve Adapt Propose Process

Application User-based
Determinators
Techniques Adaptation

User

Figure 13.17 CRITTER Architecture

 Codebook Correlation Model:
Generic Architecture
Configuration Event
Model Model

Correlator Problems

Network Monitors

• Monitors capture the alarm events and input them to the correlator
• Configuration model contains the configuration of the network
• Event model represents events and their causal
relationships
• Correlator correlates alarm events with the event model and
determines the common problem that caused the alarm events
 Codebook Approach
Approach:
• Correlation algorithms based upon coding approach to even
correlation
• Problem events viewed as messages generated by a system and
encoded in sets of alarms that they cause
• Correlator decodes the problem messages to identify the problems
Coding technique comprises of two phases:
1. Codebook selection phase: Problems to be monitored are
identified and the symptoms/alarms they generate are associated
with the problem using expert knowledge.
This generates codebook (problem-symptom matrix)
2. Correlator compares the alarm events with the codebook and
identifies the problem.
 Causality Graph
E4 E5 E6 E7

E1 E2 E3

Figure 13.19 Causality Graph

• In order to generate the codebook matrix of problem-symptom,

let us first consider a causality graph.
•Casuality graph represents symptom events caused by other events
• Each node is an event, nodes are connected by directed edges.
• An event may cause other events
• Directed edges start at a causing event and terminate at a resulting event
• Picture causing events as problems and resulting events as symptoms
 Labeled Causality Graph
S1 S2 S3 S4

P1 P2 P3

Figure 13.20 Labeled Causality Graph for Figure 13.19

• Ps are problems and Ss are symptoms

• P1 causes S1 and S2
• Note directed edge from S1 to S2 removed;
S2 is caused directly or indirectly (via S1) by P1
• S2 could also be caused by either P2 or P3
 Codebook
P1 P2 P3
S1 1 1 0
S2 1 1 1
S3 0 1 1
S4 0 0 1

• We can now generate the codebook of problem-symptom matrix for

the previous causality graph.
• Codebook is problem-symptom matrix
• It is derived from causality graph after removing
directed edges of propagation of symptoms
• Number of symptoms >= number of problems
• 2 rows are adequate to identify uniquely 3 problems
 Correlation Matrix
P1 P2 P3
S1 1 1 0
S3 0 1 1

• Correlation matrix is reduced codebook

 Correlation Graph
S1 S3

P1 P2 P3

Figure 13.23 Correlation Graph for Figure 13.20

• Correlation graph is derived from correlation matrix

 Generalized Causality Graph
9 10

5
11
8
7

3 4

1 2

(a) Event Causality Graph

• Causality graph has 11 events - problems and symptoms

• Mark all nodes that have only emerging directed edges as problems -
Nodes 1, 2, and 11
• Other nodes are symptoms
 P-S Causality Graph
S
S S
9 P 10

5
11
8
7 S

3 4 S
S

1 2

P P
(b) Problem-Symptom Causality Graph

• To reduce causality graph to correlation graph:

– Symptoms 3, 4, and 5 are cyclical: replace with one symptom, say 3
– S7 and S10 are caused by S3 and S5 and hence ignored
– S8 causes S9. Keep S9 and eliminate S8; reason for this would be more
obvious if we go through reduction of codebook to correlation matrix
 Correlation Graph and Matrix
9 3 6

1 11 2

Figure 13.25 Correlation Graph

P1 P2 P11
S3 1 1 1
S6 0 1 0
S9 1 0 1

Correlation Matrix
• Note that problems 1 and 11 produce identical symptoms thus
unable to distinguish between problem 1 and 11
 Codebook Enhancements

• Each column in code matrix is differentiated from other columns by

atleast one-bit
• Codebook described so far assumes Hamming distance of 1 for
uniqueness
• Noise affects accuracy
• Increase Hamming distance to >1
 State Transition Model
ping node

response ping

receive response

Figure 13.27 State Transition Diagram for Ping / Response

• Used in Seagate’s NerveCenter correlation system

• Integrated in NMS, such as HP OpenView
• Used to determine the status/health of a node
 State Transition Model Example
NMS / Correlator

Backbone
Network

Router

Hub1 Hub2 Hub3

Physical Network

• NMS pings hubs every minute

• Failure indicated by the absence of a response
 ping hub

response ping
State Transition Graph
receive response

No response

pinged twice
(Ground state)

No response

pinged 3 times

No response

Request
No response
receive response
from Router, ping router
from router
No action
Response

Response received
from Router
Action: Send Alarm

Figure 13.28 State Transition Graph Example

 Finite State Machine Model
Client Server

Request
Send Request Receive Request
Message

Communication
Response Request Send Receive
Channel

Response
Receive Response Send Response
Message

Figure 13.29 Communicating Finite State Machine

• Finite state machine model is a passive system; state transition graph

model is an active system
• An observer agent is present in each node and reports abnormalities,
such as a Web agent
• A central system correlates events reported by the agents
• Failure is detected by a node entering an illegal state
 Security Management
• Security Management is both a technical and an administrative issue
in information management.
• It involves securing access to the network and the information
flowing in the network.
• The scope covers both Intranet and internet.
• Security threats
• Policies and Procedures
• Resources to prevent security breaches
• Firewalls
• Cryptography
• Authentication and Authorization
• Client/Server authentication system
• Message transfer security
• Network protection security
 Security Threats

• SNMPv3 addressed security threats Modification of information

Masquerade
using USM Message stream modification
(user-based security model)
• USM has two modules:
– Authentication module
• Data integrity
• Data origin
– Privacy module
Management Management
• Data confidentiality Entity A Entity B
• Message timeliness
• Message protection

Disclosure

Figure 7.10 Security Threats to Management Information

 Policies and Procedures
Basic guidelines to set up policies and procedures:

1. Identify what you are trying to protect.

2. Determine what you are trying to protect it from.
3. Determine how likely the threats are.
4. Implement measures, which will protect your assets in
a cost-effective manner.
5. Review the process continuously and make
improvements to each item if a weakness is found.

• References:
– Formal statement of rules for protecting organization’s
technology and assets (RFC 2196)
– Introduction to Firewalls (NIST)
– Orange Book by National Computer Security
Center (NCSC) rates computers based on
security design features
 Secured Communication Network
Client A

Firewall
Secured Client B
Gateway
Network A Router
Network B
Server A

Figure 13.30 Secured Communication Network

• Firewall secures traffic in and out of Network A

• Security breach could occur by intercepting the message going from
B to A, even if B has permission to access Network A.
• Most systems implement authentication with user id and password
• Authorization is by establishment of accounts
 Firewalls
• Protects a network from external attacks
• Controls traffic in and out of a secure network
• Could be implemented in a router, gateway, or a special host
• Firewalls use packet filtering or application-level gateways as
the two primary techniques of controlling undesired traffic.
• Benefits
• Reduces risks of access to hosts from an external network
• Controlled access to the network.
• Eliminates annoyance to the internal users
• Protects privacy (e.g. finger)
• Hierarchical implementation of policy and technology (e.g.
finger)
 Packet Filtering Firewall
Trash

SMTP Gateway

Ethernet
Packet Filtering
FTP Gateway Internet
Router
Screened
SMTP & FTP

Secured Network

Figure 13.31 Packet Filtering Router

• Filter packets based on protocol specific criteria at DLC, network, and

transport layers
• Implemented in routers - called screening router or packet filtering routers
• Filtering parameters:
– Source and/or destination IP address
– Source and/or destination TCP/UDP port address, such as ftp port 21
• Multistage screening - address and protocol
• Works best when rules are simple
 Application Level Gateway
Secured Secured
Firewall 1 Firewall 2 Internet
Network LAN

Proxy
Services
Application
Gateway

Figure 13.32 Application Level Gateway

• Firewalls 1 and 2 route traffic only from and to the secured LAN
• Secured LAN is gateway LAN
• Behavior of application gateway dependent on the application
• FTP traffic stored and forwarded after validation
• TELNET hosts validated for the session and then direct communication
established
• Firewalls protect a secure site by checking address e.g. IP
address, transport parameters such as FTP, and applications.

• However, how do we protect access from an external source

based on then user, who is using a false identification?

• How do we protect against an intruder manipulating the data ?

 Cryptography
• Secure communication requires
– Integrity protection: ensuring that the message is not tampered with
– Authentication validation: ensures the originator identification

• Security threats
– Modification of information
– Masquerade
– Message stream modification
– Disclosure
• Hardware and software solutions to authentication.
• Most secure communication is software based. Its foundation lies in
Cryptography
 Secret Key Cryptography
Transmission
Channel
Plaintext Encryption Ciphertext Decryption Plaintext

Secret Key

Secret Key
Figure 13.33 Basic Cryptographic Communication

• Caesar cipher: each letter replaced by another letter, which is three letters behind in the alphabet
• Maximum of 26 attempts to decode Caesar cipher
• Monoalphabetic cipher: Replace a letter with another randomly chosen; Maximum attempts to
decode 26!
• One secret key is needed between each pair
• Two standard algorithms implement secret key cryptography:
– DES (Data Encryption Standard): 64-bit message blocks and 56-bit key
– IDEA (International Data Encryption Algorithm): 64-bit message blocks and 128-bit key
• Message block derived using CBC (Cipher Block Chaining)
• Principle based on rearranging the blocks several times based on predetermined algorithm and
secret key
 Public Key Cryptography
Transmission
Channel
Plaintext Encryption Ciphertext Decryption Plaintext

Private Key
Public Key

Figure 13.34 Public Key Cryptographic Communication

• Asymmetric cryptography - public and private key

• Public key is distributed by the receiver to the senders to encrypt the
message.
• Private key is used by receiver to decode ciphertext
• Mailbox analogy
• Commonly used public key is RSA (Rivest, Shamir, and Adleman); 512-bit
key, variable block size
• RSA less efficient than DES and IDEA; used to encrypt secret key
 Message Digest
• Message digest is a cryptographic hash algorithm added to a message
• One-way function
• Analogy with CRC
• If the message is tampered with the message digest at the receiving end
fails to validate
• MD5 (used in SNMPv3) commonly used MD
• MD5 takes a message of arbitrary length (32-Byte) blocks and generates
128-bit message digest
• SHS (Secured Hash Standard) message digest proposed by NIST
handles 264 bits and generates 160-bit output

Example:
$ md5
The quick brown fox jumped over the lazy dog
^D
d8e8fca2dc0f896fd7cb4cb0031ba249
 Digital Signature

Plaintext

Plaintext
Plaintext

Plaintext
Transmission
Channel
Digital Signature
Encryption Signed Ciphertext Decryption
Signature Validation

Rita's Private Key (R)

Rita's Public Key (R)
Ian's Private Key (S)

Ian's Public Key (S)

Figure 13.37 Signed Public Key Cryptographic Communication
• Why do we need digital signature?
• Principle reverse of public key
• Signature created using private key and validated using public key
• Digital signature is a message digest generated from plaintext and private key by a
hashing algorithm
• Digital signature is concatenated with the plaintext and encrypted using public key
 Authentication and Authorization
• Authentication verifies user identification
– Client/server environment
• Ticket-granting system
• Authentication server system
• Cryptographic authentication
– One-way/Messaging environment
• e-mail
• e-commerce
• Authorization grants access to information
– Read, read-write, no-access
– Indefinite period, finite period, one-time use
 Ticket-Granting System
• Used in client/server authentication
Kerberos
system
• Kerberos developed by MIT
• Steps: User Client Authentication
Input Workstation Server
– User logs on to client
workstation
– Login request sent to
authentication server Application
– AS checks ACL, grants Server / Ticket-
Service Granting
encrypted ticket to client Server
– Client obtains from TGS
service-granting ticket
and session key
– Appl. Server validates ticket and Figure 13.38 Ticket-Granting System
session key, and then provides
service
 Authentication Server
Authentication
User Client Server
Authentication
Input Workstation
Proxy Server

Service

Application
Server / Authentication
Service

• Architecture of Novell LAN Figure 13.39 Authentication Server

• Authentication server does not issue ticket

• Login and password not sent from client workstation
• User sends id to central authentication server
• Authentication server acts as proxy agent to the client and authenticates the user
with the application server
• Process transparent to the user
 Message Transfer Security
• Messaging one-way communication
• Secure message needs to be authenticated and secured.
• The three schemes are variations of the signed public key-
cryptographic communications
• Three secure mail systems
– Privacy Enhanced Mail (PEM)
– Pretty Good Privacy (PGP)
– X-400: OSI specifications that define framework; not
implementation specific.
 Privacy Enhanced Mail
• Developed by IETF (documented in RFC 1421 - 1424)
• End-to-end cryptography between originator and recipient process.
• Provides
– Confidentiality
– Authentication
– Message integrity assurance
– Nonrepudiation of origin
• The cryptographic key, called the Data encryption key (DEK) could be
secret or public key-based originator and receiver agreed upon method.
• The originating and terminating ends must have common agreements.

• PEM processes based on cryptography and message encoding

– MIC-CLEAR (Message Integrity Code-CLEAR)
– MIC-ONLY
– ENCRYPTED
PEM Processes
MIC
(Originating end) Encrypted DEK
Text

SMTP Format SMTP MIC MIC-CLEAR e-mail

User Plaintext MIC/DEK
Conversion Text Generator PEM System

DEK

IK
MIC
(a) MIC-CLEAR PEM Process Encrypted DEK
Encoded Text
MIC/DEK

Encoder
SMTP Format SMTP MIC MIC ONLY e-mail
User Plaintext
Text
(Printable
Conversion Generator PEM System
code)

MIC

IK
Encrypted DEK
(b) MIC-ONLY PEM Process
Encrypted &
Encoded
Message
MIC/DEK

Encoder
SMTP Format SMTP MIC Padding & ENCRYPTED e-mail
User Plaintext (Printable
Conversion Text Generator Encryption PEM System
code)
DEK

DEK
Legend:

IK
DEK Data Encryption Key
IK Interexchange Key
MIC Message Integrity Code
(c) ENCRYPTED PEM Process
SMTP Simple Mail Transfer Protocol

Figure 13. 40 PEM Processes

 Pretty Good Privacy Signature

(Originating end) Encrypted &

Compressed
Message

Plaintext Encryption Compression

e-mail e-mail
Concatenation
conversion system
Signature
Plaintext
Generation

• PGP secure mail package developed by Phil Zimmerman

• Available in public domain Figure 13.41 PGP Process

• Signature generation
– Uses MD5 to generate hash code
– Encrypts hash code with sender’s private key using RSA algorithm
• Encryption of the message done using IDEA or RSA
• Compression done with ZIP
• e-mail conversion done using Radix-64
• PGP similar to encrypted PEM with added compression.
• Then main difference b/w PGP and PEM is how the public key is administered (PGP-Owner).
SNMPv3 Security (Outgoing message)
Encrypted
scopedPDU

scopedPDU Privacy
USM
Encryption Key Module wholeMsg HMAC Gen.
authenticated
Authentication wholeMsg
Module
password authKey
USM
authoritativeSnmpEngineId

Figure 13.42 SNMP Secure Communication

• Authentication key equivalent to DEK in PEM or private key in PGP

• Authentication key generated using user password and SNMP engine id
• Authentication key may be used to encrypt message
• USM prepares the whole message including scoped PDU
• HMAC, equivalent of signature in PEM and PGP, generated using
authentication key and the whole message
• Authentication module provided with authentication key and HMAC to
process incoming message
 Virus Attacks
• Executable programs that make copies and insert them into other
programs
• Attacks hosts and routers
• Attack infects boot track, compromises cpu, floods network traffic,
etc.
• Prevention is by identifying the pattern of the virus and
implementing protection in virus checkers
 Accounting Management

• Least developed
• Usage of resources
• Hidden cost of IT usage (libraries)
• Functional accounting
• Business application
 Report Management
Table 13.1 Planning and Management Reports
Category Reports
Quality of service / Network availability
Service level agreement Systems availability
Problem reports
Service response
Customer satisfaction
Traffic trends Traffic patterns
Analysis of internal traffic volume
Analysis of external traffic volume
Technology trends Current status
Technology migration projection
Cost of Operations Functional
Usage
Personnel

Table 13.2 System Reports

Category Reports
Traffic Traffic load - internal
Traffic load - external
Table 13.3 User Reports Failures Network failures
System failures
Category Reports Performance Network
Service level agreement Network availability Servers
System availability Applications
Traffic load
Performance
User specific reports User-defined reports
 Policy-Based Management
Network
Attributes

Policy Space

Domain Space

Policy Driver Action Space

Rule Space

Figure 13.43 Policy Management Architecture

• Domain space consists of objects (alarms with

attributes)
• Rule space consists of rules (if-then)
• Policy Driver controls action to be taken
• Distinction between policy and rule; policy assigns
responsibility and accountability
• Action Space implements actions
 Service Level Management
• SLA management of service equivalent to
QoS of network
• SLA defines
– Identification of services and characteristics
– Negotiation of SLA
– Deployment of agents to monitor and control
– Generation of reports
• SLA characteristics
– Service parameters
– Service levels
– Component parameters
– Component-to-service mappings
Telecommunications
Management Network
 TMN
• Necessity for interoperability of multi-vendor equipment used
by service providers.
• To provide standard interfaces between the service provider
operations.
• Need for management of more than just the network
components
• Networks / sub networks need to be managed
• Services - internal and external need management
• Business management needs to be addressed
• TMN is a joint effort by ITU-T and ISO
 OS: Trunk Testing System
Trunk
Test System

Telecommunication Network
Transmission Transmission
Test System Test System
Nodes

Voice Voice
Public Switch Public Switch
Transmission Links

Figure 11.1 Operations System for Network Transmission

• Trunk is a logical connection between two switching nodes

• Periodic measurement of loss and S/N of all trunks
• Failing threshold set for QoS; failing trunks removed out of service
before the customer complains
 OS: Telephone Switch Traffic
Traffic
Measurement System

Data / Telecommunication
Network
Traffic Traffic
Counter Counter
Nodes

Router / Switch Router / Switch

Transmission Links

Figure 11.2 Operations System for Traffic Measurement

• Traffic monitored at switch appearance

• Call blocking statistics obtained
• Traffic and call-blocking statistics provide data for planning
• Importance in Operations, administration, maintenance, and provisioning (OAMP) of
telecomm n/w.
• Part of TMN i.e. Performance management system
 TMN Conceptual Model
Telecommunications Operations
Management Operations Operations
System
Network System System
NMS
Workstation

Data Communication Network

Switching Transmission Switching Transmission Switching

System System System System System
Voice Voice
Telecommunication Network

Figure 11.3 TMN Relationship to Data and Telecommunication Network

 TMN Conceptual Model
Service provider A Service provider B

Customers Customers

Services provided by Services provided by

Telecommunications Telecommunications
Provider Provider

Network Network

Q3 Q3

Operations Systems
X Operations Systems
Q3 Q3
OS OS OS OS

F F

Workstation Workstation

System Operators System Operators

• Components
• Interfaces Figure 11.4 TMN Conceptual Model
 TMN Architecture
TMN Architecture

Functional Physical Informational

Architecture Architecture Architecture

Figure 11.6 TMN Architecture

• Functional architecture:
– Defines functional modules or blocks in the TMN environment
– Reference points between modules
– The requirements for interface are specified
• Physical architecture:
– Defines Physical blocks and interfaces between them
– Physical interfaces between the blocks
• Informational architecture:
– Information exchange between managed object and managed system
– Uses Object oriented approach
 Functional TMN B OSF

Architecture
x
• Five Functional Blocks
TMN A
OSF q3 OSF
1. OSF: Functions
performed by Operations q3

systems: e.g., traffic q3

measurement OS, NMS, MF f WSF

testing, accounting,
qx qx
trouble tracking
2. NEF: Functions needed to NEF QAF
MF Mediation Function
NEF Network Element Function
support network elements OSF Operations Systems Function
QAF Q Adapter Function
(hub, routers, switches) WSF Workstation Function
NE providing information for
management ; packet
dropped collision rate are
Figure 11.7 TMN Functional Architecture
considered as NEF
 Functional Architecture TMN B OSF

x
3. MF: addresses the operations
TMN A
performed on the information content OSF q3 OSF

passing b/w NE and OS; e.g. filtering,

q3
store and forward, protocol conversion,
q3
threshold detection, etc. MF f WSF

• MF can be shared between multiple Oss

qx qx
and NEs.
• For e.g. a remote monitoring device (RMON) NEF QAF
MF Mediation Function
NEF Network Element Function
OSF Operations Systems Function
can monitor a remote LAN on various QAF Q Adapter Function
WSF Workstation Function
parameters such as statistics on users,
protocols, and packet loss and report the
analyzed data to accounting or performance
management operation system. Figure 11.7 TMN Functional Architecture

• Here, RMON device acts as a mediation device performing MF between NE on the

remote LAN and the OS.
 Functional Architecture TMN B OSF

4. WSF: Human-TMN activities interface; e.g., x

GUI TMN A
• this function addresses the presentation OSF q3 OSF

aspect.
• The conversion function that converts q3

q3
machine readable information to human- MF f WSF

interpretable format
• Belongs in one of the other three functional qx qx

blocks, OSF, MF, and QAF NEF QAF

MF Mediation Function
NEF Network Element Function
OSF Operations Systems Function
QAF Q Adapter Function
5. QAF: In order to accommodate the legacy WSF Workstation Function

function as a part of TMN, a TMN QAF has been

defined.
• TMN non compliant devices are connected to Figure 11.7 TMN Functional Architecture

a TMN-compliant system/network using a Q-

adapter interface
 TMN Reference Point
Function Block Function Block
Reference Point

Figure 11.8 TMN Reference Point

• TMN interface b/w Function blocks is called a TMN called reference point
• A reference point can be considered to be a conceptual point of information
exchange between functional blocks.
• Designated by lower case letters (upper case letter for associated physical
interfaces)
• The information exchange going across the TMN reference points can be classified
as q-class, f-class, and x-class.
• q: interfaces to the management application function. Includes q3 and qx.
• f: Interface between WSF block and any other functional block in TMN.
• x: Interface between OSF blocks that belong to different TMNs
 Physical Architecture
Operations
System
(OS)

TMN X Operations
System
(OS)

X/F/Q3

Data Communications Network (DCN) Workstation

F/Q3 F
Mediation
Device
(MD)
Q3

Qx

Q3
Data Communications Network (DCN)

Qx Qx

Network Network
Q Adapter Q Adapter
Element Element
(QA) (QA)
(NE) (NE)
 Physical Architecture
Operations
System
(OS)

• A TMN physical block could be an

TMN X Operations
embodiment of one or more block, besides System
(OS)
it equivalent functional block.
• For e.g. an OS could have its operation X/F/Q3

function as well as mediation device, which Data Communications Network (DCN) Workstation

does filtering of information. F/Q3 F

Mediation
• The Q3 interface is used b/w OS and Device
(MD)
either an NE or QA. Q3

• The Qx interface is shown between MD Qx

Q3
and QA/NE. Data Communications Network (DCN)

• The F interface is implemented to connect

Qx Qx
a workstation to TMN.
• The X interface is between the OS Q Adapter
Network
Element
Q Adapter
Network
Element
(QA) (QA)
belonging to two different TMNs. (NE) (NE)
 Information Architecture
• Fig shows the information Operations / Requests
exchange between two
types of entities. Manager Responses Agent
• The manger performs
operation or makes request Notifications / Traps
from an agent.
• The agent executes the
operation on the network Figure 11.10 TMN Information Architecture
elements that is managing
and send responses to the
manger.
• The agent also sends
unsolicited messages to the
manager indicating alarm
events.
 Service Architecture
• Another functional model of TMN is based on the
Business Management
services provided in a TMN environment.
• The lowest layer is the network element layer q3

comprising NEs such as switches, routers, bridges etc. Service Management

• The next layer, the network element management layer,
q3
manages the network element.
• The third layer is the network management layer, which Network Management

manages the network. q3

• Functions include B.W., QoS, performance, etc.
Element Management
• The service management layer is concerned with
managing the services provided by a network service q3

provider to the customer or to another network service Managed Network Element

provider. Billing, trouble ticket handling, complaints,
order processing.. Figure 11.11 TMN Service Architecture

• The top layer is the business management layer, concerned with managing a
communications business such as fiscal considerations, personal needs, project
management, and customer needs and satisfaction.
 TMN TMN Management Services

Services
Business Service Network Element
Management Management Management Management

& Configuration Fault

System Management Functional Areas

Performance Security Accounting

Functions Management Management Management Management Management

DCF TMN Function Blocks

OSF WSF NEF MF QAF

System Management Functions TMN Functional Components

Object Alarm NM Presentation
Management Management Manager Function

CMISE
M-GET / M-SET /
GET-REQUEST SET-REQUEST M-CREATE

Remote Procedure Call

ACSE ROSE

Communication Transport Service

(OSI Presentation Layer)

Figure 11.13 TMN Services and Functions

• Now we have discussed various aspects of TMN Business Service
TMN Management Services

Network Element

architecture, let us look at the overall picture of how all

Management Management Management Management

System Management Functional Areas

these fit together. Configuration

Management
Fault
Management
Performance
Management
Security
Management
Accounting
Management

• The four TMN management services are at the top of DCF

OSF WSF NEF

TMN Function Blocks

MF QAF

hierarchy.
• They invoke the system management functions defined
System Management Functions TMN Functional Components
Object Alarm NM Presentation
Management Management Manager Function

in the system management functional areas. M-GET / M-SET /

M-CREATE
CMISE

•
GET-REQUEST SET-REQUEST

There are five components in the system functional

Remote Procedure Call

areas. ACSE ROSE

• The management applications in the system functional Communication Transport Service

areas performs either system management functions or

(OSI Presentation Layer)

TMN functions.
Figure 11.13 TMN Services and Functions

• The TMN functional blocks..

• System management functions…
• System management functions and TMN functions invoke the primitive services.
• Fig. shows the OSI primitive services of M-GET, M-SET, etc.
• Equivalent SNMP services will be GET-REQUEST, SET REQUEST, etc.
 TMN Management Services
• The applications communicate remotely Business Service Network Element
Management Management Management Management
with the communication transport service
using RPC. Configuration Fault
System Management Functional Areas

Performance Security Accounting

• In OSI model the RPC is accomplished Management Management Management Management Management

with ROSE and ACSE. DCF TMN Function Blocks

• ROSE Remote operation service OSF WSF NEF MF QAF

element.
• ACSE Application control service
System Management Functions TMN Functional Components
Object Alarm NM Presentation
Management Management Manager Function
element.
• In SNMP management model, the M-GET / M-SET /
CMISE

remote operation is accomplished using GET-REQUEST SET-REQUEST M-CREATE

RPC and TCP/IP. Remote Procedure Call

ACSE ROSE

Communication Transport Service

(OSI Presentation Layer)

Figure 11.13 TMN Services and Functions

 TMN Logical Physical Realization of

Example
Layered Architecture TMN Architecture

(NMF) Business
Management
Customer
Service
Management

q3 Service Q3 Performance and

Ref. Point Details Billing Data

Service Service Mgmt Service Mgmt Service Mgmt

Management Tarif/Charging Provisioning Other

Service-
q3 Service Q3 impacting
Ref. Point Configuration
Events

Network Net Mgmt Net Mgmt Net Mgmt

Management Routing Admin Traffic Admin Restoration

q3 Equipment Q3 Equipment
Ref. Point Configuration Alarms

Net Element
Element Net Element Net Element
Trans Eqpt
Management Cust Admin Switch Mgmt
Mgmt

Figure 11.14 TMN Realization Example (NMF)

 TMN Logical Physical Realization of

• AN example of the realization of TMN Layered Architecture TMN Architecture

architecture is presented in this figure. Business

Customer
Service
• The left side of fig shows the TMN logical
Management
Management

layered architecture and the right side a q3

Ref. Point
Service
Details
Q3 Performance and
Billing Data

physical realization of it.

• Each layer consists of several management
Service
Management
Service Mgmt
Tarif/Charging
Service Mgmt
Provisioning
Service Mgmt
Other

systems providing the various services. q3 Service Q3

Service-
impacting
• The layered architecture shows the TMN q3
Ref. Point Configuration
Events

reference points and the physical Network

Management
Net Mgmt
Routing Admin
Net Mgmt
Traffic Admin
Net Mgmt
Restoration

realization the corresponding Q3 interfaces.

• The network Management Forum (NMF)
q3
Ref. Point
Equipment
Configuration
Q3 Equipment
Alarms

has developed a program called Element Net Element Net Element

Net Element
Trans Eqpt

OMNIPoint, which stands for Open

Management Cust Admin Switch Mgmt
Mgmt

Management Interoperability Point. Figure 11.14 TMN Realization Example (NMF)

• Then objective is to help companies implement management standards across a wide range of
supplier’s equipment.
• It specifies mapping b/w the Internet and OSI standards that helps TMN implementation in a
hybrid management environment.