chapter 19: network management
DESCRIPTION
Chapter 19: Network Management. Business Data Communications, 5e. Fault Management. A fault is an abnormal condition that requires management attention (or action) to repair Fault is usually indicated by failure to operate correctly or by excessive errors - PowerPoint PPT PresentationTRANSCRIPT
Chapter 19:Network Management
Business Data Communications, 5e
Business Data Communications, 5e
2
Fault Management
• A fault is an abnormal condition that requires management attention (or action) to repair
• Fault is usually indicated by failure to operate correctly or by excessive errors
• Users expect quick and reliable resolution
Business Data Communications, 5e
3
Responding to Faults
• When faults occur, it is critical to quickly:– Determine exactly where the fault is
– Isolate the rest of the network from the failure so that it can continue to function without interference
– Reconfigure or modify the network to minimize the effect of removing the failed component(s)
– Repair or replace the failed components to restore the network to its initial state
Business Data Communications, 5e
4
User Requirements for Fault Management
• Tolerant of occasional outages, but expect speedy resolution
• Requires rapid and reliable fault detection and diagnostic management functions
• Impact and duration of faults can be minimized with redundancy
• Good communication with users about outages and faults is critical
Business Data Communications, 5e
5
Accounting Management
• Reasons for accounting management:– Internal chargebacks on network use– User(s) may be abusing access privileges and burdening the
network at the expense of other users– Users may be making inefficient use of the network– Network manager can plan better for network growth if user
activity is known in sufficient detail.
• Accounting reports should be generated under network manager control.
• Facility must provide verification of users' authorization to access and manipulate accounting information
Business Data Communications, 5e
6
Configuration Management
• Concerned with:– initializing a network and gracefully shutting down part or
all of the network– maintaining, adding, and updating the relationships among
components and the status of components themselves during network operation
• Operations on certain components should be able to be performed unattended
• Network manager needs the capability to change the connectivity of network components
• Users should be notified of configuration changes
Business Data Communications, 5e
7
Performance Management
• Issues of concern to the network manager include:– What is the level of capacity utilization?– Is there excessive traffic?– Has throughput been reduced to unacceptable levels?– Are there bottlenecks?– Is response time increasing?
• Network managers need performance statistics to help them plan, manage, and maintain large networks
Business Data Communications, 5e
8
Security Management
• Concerned with – generating, distributing, and storing encryption keys– monitoring and controlling access to networks– access to all or part of the network management
information– collection, storage, and examination of audit records and
security logs
• Provides facilities for protection of network resources and user information
• Network security facilities should be available for authorized users only
Business Data Communications, 5e
9
Network Management Systems
• Collection of tools for network monitoring and control, integrated in these ways:– A single user-friendly operator interface for performing
most or all network management tasks– A minimal amount of separate equipment
• Consists of incremental hardware and software additions implemented among existing network components
• Designed to view the entire network as a unified architecture, and provide regular feedback of status information to the network control center
Business Data Communications, 5e
10
Network Management System Architecture
Business Data Communications, 5e
11
Components of the NMS
• All nodes run the Network Management Entity (NME) software
• Network control host or manager runs the Network Management Application (NMA)
• Other nodes are considered agents
Business Data Communications, 5e
12
Network Management Entity
• Collection of software contained in each network node, devoted to the network management task
• Performs the following tasks:– Collect statistics on communications and network-related
activities.– Store statistics locally– Respond to commands from the network control center– Send messages to NCC when local conditions undergo a
significant change
Business Data Communications, 5e
13
Simple Network ManagementProtocol (SNMP)
• Originally developed for use as a network management tool for networks and internetworks operating TCP/IP.
• A collection of specifications that include the protocol itself, the definition of a database, and associated concepts.
• Network Management Model– Management station– Agent– Management information base– Network management protocolP
Business Data Communications, 5e
14
SNMPv1 Configuration
Business Data Communications, 5e
15
Role of SNMPv1
Business Data Communications, 5e
16
SNMPv2
• Released in 1992, revised in 1996
• Addressed functional deficiencies in SNMP
• Accommodates decentralized network management
• Improves efficiency of data transfer
Business Data Communications, 5e
17
Elements of SNMPv2
• Each "player" in the network management system maintains local database of network management information (MIB)
• Standard defines information structure and allowable data types (SMI)
• At least one system must be responsible for network management; others act as agents
• Information exchanged using simple request/respond protocol, usually running over UDP
Business Data Communications, 5e
18
Structure of Management Information (SMI)
• Defines framework within which a MIB can be defined and constructed– data types that can be stored – formal technique for defining objects and
tables of objects– scheme for associating a unique identifier with
each actual object in a system
• Emphasis on simplicity and extensibility
Business Data Communications, 5e
19
SNMPv2 Protocol Operation
• Basic unit of exchange is the message– Outer message wrapper
– Inner protocol data unit (PDU)
• Common fields in PDUs– Request-id field is an integer assigned such that each
outstanding request can be uniquely identified.
– Variable-bindings field contains a list of object identifiers; depending on the PDU, the list may also include a value for each object.
Business Data Communications, 5e
20
SNMPv2 PDU Format
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
Business Data Communications, 5e
21
SNMPv3
• Released in 1998, addressed security deficiencies in SNMP and SNMPv2
• Does not provide a complete SNMP capability; defines an overall SNMP architecture and a set of security capabilities for use with SNMPv2
Business Data Communications, 5e
22
SNMPv3 Services
• User-Based Security (USM) model– Authentication– Privacy
• View-Based Access Control Model (VACM)– Access Control