What Is Network Management?

Download Report

Transcript What Is Network Management?

1
Managing Enterprise Networks
The necessary minimal components required for making a system
manageable are:
• MBIs
• Agents/entities-host on network devices to provide management
facilities
• Scripts for manipulating MIB objects
• Java/C/C++ software modules for manipulating MIB objects
MIBs provide a detailed description of the managed data objects.
Typically, the description of each MIB object consist off:
• Accessibility (read-only, read write, not-accessible)
• Status (mandatory, deprecated)
• Description
2
Managing Enterprise Networks (cont.)
Agents (or entities in SNMPv3) are software components that
implement the MIB and map the objects to real data on the NE,
provide the managed object definitions for underlying systems:
• Serial interfaces
• Serial interface attributes such as bit rate, word size, and parity
• IP address
Standards based consolidation of management systems can help
enterprises to achieve the following:
• Fewer and simpler user interfaces for managing network systems
• Reduction in the time required for IT staff training
• Faster resolution of NEs problems, such as switch interface
congestion
3
Managing Enterprise Networks (cont.)
4
Manageability
For the number of reasons, not all NEs lend themselves to flexible,
integrated, centralized management. This tend to add to the cost of
ownership and arises for range of reasons:
• The NE is a legacy device with proprietary management
infrastructure
• The NE implements only SNMPv1 with support for set operations
• The NE implements only SNMPv1 without support for set (a set
operations is an update to a network-resident manage object
operations)
• The NE supports SNMPv3, but it has been poorly implemented
• The NE supports SNMP3 but has a number of low quality MIB
modules
• An NE is considered to have good manageability if it supports a
well implemented SNMPv3 agent and a high-quality MIB 5
Operating and Managing Large Networks
Some important aspects of enterprise network management are:
•Availability of NEs, interfaces, links, and services
• Discovery and inventory management
• Monitoring the status of NEs, interfaces, links, virtual circuits,
VLANs, and so on
• Measuring traffic levels and checking for network congestion
• Configuration – VLAN setup, SAN volume setup,storage
allocations, remote control software
• Service level agreement (SLA) reporting, SLA verification
between an enterprise and SP
• Security control – resistance to attacks from both sides of the
firewall
• Scalability – handling increased numbers of users, traffic, NEs,
• Disaster recovery
6
Layers 2, 3, and 2.5
The primary protocols that SNMP implements are the
User Datagram Protocol (UDP) and the
Internet Protocol (IP).SNMP also requires Data Link
Layer protocols such as Ethernet or TokenRing to
implement the communication channel from the
management to the managed agent.
Layer 2 and VLANs
• Layer 2 network that is logically divided in to VLANs
7
Layers 2, 3, and 2.5 (cont.)
The layer 2 technology has the following general characteristics:
• Path through the network can be resered either manually (by using
ATM PVCs or MPLS LSPs) or using signaling (such as ATM
PNNI, MPS LDP/RSVP-TE).
• Path can be assigned different class of service, a crucial
component for SLAs.
• Layer 2 forwarding is fast because address can be looked up with
hardware assistance. This is no longer an advantage of layer 2
devices because line-rate forwarding is now also possible with
layer 3 devices (., routers)
• ATM layer 2 forwarding allows for traffic policing where contract
non-complaint cells can be tagged or dropped
• DiffServ, policing and shaping are also available at layer 3
8
Layers 2, 3, and 2.5 (cont.)
Layer 3
• An IP network with an intermediate WAN that crosses an SP
network
Layer 2.5 (or Sub-IP)
• MPLS operates at what is often called layer 2.5, that is, not
quite layer 3 but also higher than layer 2
• MPLS can also be deployed on router and brings numerous
benefits to IP networks
• VoIP traffic would need a higher class of service than email traffic
• Traditional IP routing protocols, such as OSPF, IS-IS, and BGP4
• Traffic engineering becomes possible. This help a void congested
9
Port and Interface
Interfaces some times referred to as logical ports
• Routing such as OSPF, IS-IS, BGB-4
• Signaling, such as RSVP-TE and LDP
• MPLS
• IP
10
Why use Network Management?
There are a number of reason why network management is a
crucial
enterprise and SP component
• NEs don’t tend to have an over view of an entire network;
management systems do
• An IMS maintains useful records and audit trails of past
configuration actions
• If NEs don’t support SNMP, then and NMS can facilitate a
superior CLI
• NMS can facilitate network wide service like traffic
engineering,
QoS, planning, modeling, and backup/restore
11
Why Use Network Management? (cont.)
• NMS enable fast access to faults. Some network faults can be
meaning fully processed only by an NMS
• NMS assist in rebalancing networks after new hardware is add
• Management system can provide network wide object support
for service profile
12
What Is Network Management?
Network management provides the means to keep network up
and running in as orderly a fashion as possible. Broadly speaking
the functional area required for effective network management are:
• Fault
• Configuration
• Accounting
• Performance
• Security
The above points describe what we are known as the OSI
functional areas of network management, FCAPS
13
Who Produces Network Management Software?
Equipment vendors such as Cisco, Nortel, Hewlett-Packard,
and Alcatel generally provide SNMP agent on their device,
separately purchased, integrated management systems are also
available from these and many other organizations
• These management systems typically run on UNIX
or Windows NT/2K platform and feature GUIs, and fairly
extensive FCAPS facilities
14
The Management System Pyramid
• OSS
• NMS
• EMS
15
Other Management Technology
• Microsoft Systems Management Server (SMS)
• Telnet-base menu systems
• Series link-based menu systems
• Desktop Management Interface (DMI)
16
Network Convergence and Aggregate Objects
From a network management perspective, VLANs are aggregate
object make up of:
• Switches
• Ports, MAC addresses, IEEE 802.1Q VLAN Ids
• Links between separate VLANs
Use the term notification to mean any one of three different
things
• Events
• Faults
• Alarms
17
SNMP: The De Facto Network Management Standard
The principal components of SNMP are:
• Agent
• Managers
• MIBs
• A communications protocol
SNMP Facilitates the Exchange of Network Information Between Devices
18
The SNMP Agent
SNMP agent are the entities that reside on manage devices.
Agent are the workhorses of management and provide the
following functionality:
• Implementing and maintaining MIB objects
• Responding to management operations such as requests
• Generating notifications, both traps (acknowledged) and
informs (acknowledged)
• Implementing security – SNMPv1 and SNMPv2 support
community-base security with clear-text passwords;
stronger security (authentication and encryption) is avaiable
with SNMPv3
• Setting the access policy for external managers
19
The SNMP Agent (cont.)
SNMPv3 also provides an access control framework, which
consists of:
• MIB view
• Access mode to managed objects either READ-ONLY or
READ-WRITE. A READ-ONLY
SNMP can be hosted on almost any computing device
• Windows NT/2K machines
• UNIX hosts
• Novell NetWare workstations and servers
• Many network devices, including hubs, router, switches, etc.
20
The SNMP Agent (cont.)
The agent listens on UDP port 161
21
The SNMP Agent (cont.)
An SNMP-Managed Network Consists of Managed Devices, Agents, and NMSs
22
The SNMP Manager
SNMP managers are the entities that interact with the agent
• Getting and setting the values of MBI objects instances
on agent
• Receiving notifications from agents
• Exchanging messages with other managers
Various mechanisms for accessing the EMS are allow including:
• Series
• Telnet
• SNMP
23
The SNMP Manager (cont.)
Facilities offered by management systems are:
• FCAP
• A centralized database
• Reporting
• Support for many simultaneous client users
• Topology discovery
• A full featured, multilevel GUI representing the managed
network
24
The MBI
SNMP MIB Tables
• The SNMPv1 SMI defines highly structured tables that are
used to group the instances of a tabular object
(that is, an object that contains multiple variables).
• Tables are composed of zero or more rows, which are indexed
in a way that allows SNMP to retrieve or alter an entire row
with a single Get, GetNext, or Set command.
MIB Object Attributes
• Syntax
• Max-Access
• Status
25
Criteria and Philosophy for standardized MIB
• Objects have to be uniquely named
• Objects have to be essential
• Abstract structure of the MIB needed to be universal
• For the standard MIB maintain only a small number of objects
• Allow for private extensions
• Object must be general and not too device dependant
• Objects can not be easily derivable from their objects
• If agent is to be SNMP manageable then it is mandatory
to implement the Internet MIB
26
SNPM Protocol Data Units (PDU)
Each SNMP message has the format
• Version Number
• Community Name - kind of a password
• One or more SNMP PDUs - assuming trivial authentication
27
SNPM Protocol Data Units (cont.)
28
SNPM Protocol Data Units (cont.)
29
SNPM Protocol Data Units (cont.)
30
SNPM Protocol Data Units (cont.)
31
The Simple Network Management Protocol has become the de facto
standard for internetwork management. Because it is a simple
solution, requiring little code to implement, vendors can easily build
SNMP agents to their products. SNMP is extensible, allowing
vendors to easily add network management functions to their
existing products. SNMP also separates the management
architecture from the architecture of the hardware devices, which
broadens the base of multivendor support. Perhaps most important,
unlike other so-called standards,SNMP is not a mere paper
specification, but an implementation that is widely available today.
32