Transcript Networking

Networking
Unit 16 – Local Area Network Management

ENTERPRISE NETWORK MANAGEMENT

BUSINESS ISSUES
CMPC531\tc_16.ppt \\ page 16 - 1
Networking
INTRODUCTION



A local area network is a complex combination of hardware and software
technologies linked by networking technologies.
Overview of the key issues surrounding the management of each major
aspect of local area networks including standards and protocols,
interoperability issues, currently available technology, key vendors, and
market trends.
Figure 15-1 highlights some of the elements of a LAN that must be
managed.
CMPC531\tc_16.ppt \\ page 16 - 2
Networking
Figure 15-1 Elements of a Local Area Network That Must Be Managed
CMPC531\tc_16.ppt \\ page 16 - 3
Networking
ENTERPRISE NETWORK MANAGEMENT
Enterprise Network Management Architecture and Protocols
 Figure 15-14 shows today’s enterprise network management architecture.
 Enterprise network management systems are really management application
programs running on a management server.
 Agents



software programs which run on networking devices such as servers, bridges, and routers
to monitor and report the status of those devices.
forward this network management information to enterprise network management
system which compile and report network operation statistics to the end-user, most often in
some type of graphical format.
Management Information Base, MIB



the network management information gathered must be stored in some type of database
with an index and standardized field definitions (called objects) so that network
management workstations can easily access this data.
one fairly standard MIB is known as the RMON MIB, which stands for remote network
monitoring MIB.
a protocol is required to encapsulate the management data for delivery by network and
transport layer protocols. The de facto standard is simple network management protocol
(SNMP).
CMPC531\tc_16.ppt \\ page 16 - 4
Networking
Figure 15-14 Enterprise Network Management Architecture
CMPC531\tc_16.ppt \\ page 16 - 5
Networking





ENTERPRISE NETWORK MANAGEMENT
An alternative to the centralized enterprise management console is
distributed device manager (DDM).
DDM relies on distributed network probes that are able to gather
information from a variety of network devices and relay that information to
numerous distributed device manager consoles.
Probes are placed at junction of LAN and WAN segments in order to isolate
the source of network traffic problems.
It minimize the management traffic locally rather than supplying to
centralized enterprise management console.
See Figure 15-15.
CMPC531\tc_16.ppt \\ page 16 - 6
Networking
Figure 15-15 Distributed Device Manager Architecture
CMPC531\tc_16.ppt \\ page 16 - 7
Networking

ENTERPRISE NETWORK MANAGEMENT
Web-Based Management


Figure 15-16 shows the Web-Based Enterprise Management (WBEM) logical
architecture.
Network manager could manage any networked device or application from any
location on the network, via any HMMP (hypermedia management protocol)compliant browser.




SNMP and DMI may either interoperate or be replaced by HMMP.
Management data from a variety of software agents would be incorporated into the
WBEM via the HMMS (hypermedia management schema).
All web-based management information is stored and retrieved by the request broker,
HMOM (hypermedia object manager).
DMTF (Desktop Management Task Force) develops a protocol to support
HMMS, CIM (common information model).



CIM allows management data gathered from a variety of enterprise and desktop voice
and data technology all to be transported, processed, displayed, and stored by a single
CIM-compliant web browser.
Management data would be stored in MOF (modified object format) like DMI’s
MIF format or SNMP’s MIB format.
See Figure 15-17.
CMPC531\tc_16.ppt \\ page 16 - 8
Networking
Figure 15-16 Web-Based Enterprise Management Logical Architecture
CMPC531\tc_16.ppt \\ page 16 - 9
Networking
Figure 15-17 Management Data: CIM, CMIP, DMI, and SNMP
CMPC531\tc_16.ppt \\ page 16 - 10
Networking

ENTERPRISE NETWORK MANAGEMENT
Web-based management has the benefits:



Users would have to deal with only one common interface
Vendors could save a tremendous amount of development costs by developing
management applications for a single platform.
Current technology provides a web browser interface to the user in one of
two ways:


A web server application is embedded with the enterprise network management
platform, and the user access that embedded web server via a web browser.
Communication between network devices and management platform is still via
SNMP.
A web server application is embedded within a given network device.
Communication between the user and the network device is via HTTP.
CMPC531\tc_16.ppt \\ page 16 - 11
Networking

SNMP (Original)





The original SNMP required internetworking device-specific agents to be polled
for SNMP encapsulated management data. Alarm conditions or exceptions to
preset threshold could not directly reported on an as-needed basis.
Agents simply sent empty datagrams back to managers when requests could not
be fulfilled. The receipt of the empty packet merely caused the manager to
repeat the request for information, thus increasing network traffic.
The original SNMP did not provide for any means of manager-to-manager
communication. All internetworked devices has to report directly to the single
enterprise network manager rather than to regional manager.
It was limited to TCP/IP as its transport protocol. It was unusable on NetWare,
Macintosh, or other networks.
SNMP does not offer any security features which would authenticate valid
polling managers or encrypt traffic between agents and managers.
CMPC531\tc_16.ppt \\ page 16 - 12
Networking

SNMP2




A new version of SNMP to deal with the shortcomings of the original version.
Its major objectives are:
 Reduce network traffic
 Segment large networks
 Support multiple transport protocols
 Increase security
 Allow multiple agents per device
Managers can retrieve several pieces of network information at a time from a
given agent through a new SNMP2 procedure (bulk retrieval mechanism).
Agents enable to send error or exception conditions to managers when requests
for information cannot be met.
SNMP2 allows multiple manager entities to be established within a single
network. SNMP2 manages large networks by multiple managers in a
hierarchical arrangement.
CMPC531\tc_16.ppt \\ page 16 - 13
Networking







Overall network traffic is reduced as network management information is
confined to the management domains of the individual network segment
managers.
Information will only be passed to the centralized network management system
if at the request by the central manager or certain predefined error conditions
occur on a subnet. See Figure 15-19.
SNMP2 works transparently with AppleTalk, IPX, and OSI transport protocols.
SNMP2 allows not just monitoring and management of remote network devices,
but actual remote configuration of those device as well.
SNMP2 is also known as Secure SNMP, allows users to access carriers’ network
management information and incorporate it into the wide area component of an
enterprise NMS.
SNMP2 can deploy multiple agents per device. On a distributed server, one
agent could monitor the processing activity, a second could monitor the database
activity, and a third could monitor the networking activity, with each reporting
back to their own manager.
The key points of the various SNMP2 alternatives could be referred to Figure 1520.
CMPC531\tc_16.ppt \\ page 16 - 14
Networking
Figure 15-19 SNMP2
Supports Manager-toManager Communications
CMPC531\tc_16.ppt \\ page 16 - 15
Networking

Management information bases (MIBs)







serve as repositories for enterprise network performance information to be
displayed in meaningful format by enterprise NMS.
The original RMON MIB standard which was developed in 1991 has been
updated as RMON2.
Original RMON MIB required compatible technology to collect and analyze
statistics on the physical and data-link layers, RMON2 to collect and analyze
statistics on network layer protocols as well.
RMON2 requires technology to be able to identify from which applications a
given packet was generated.
RMON2-compatible agent software which resides within internetworking
devices and reports performance statistics to enterprise NMSs (called RMON
probe).
Some of the key functional areas of the RMON2 specification could be referred
to figure 15-21.
Shortcoming of RMON2: inability to collect and provide data regarding WAN
performance.
CMPC531\tc_16.ppt \\ page 16 - 16
Networking

RMON3






Provide much-needed standard for the WAN monitoring and management category.
It provides a way for many of the current proprietary WAN management tools to
interoperate and share data.
Offers management and statistics-gathering supported for switched networks, virtual
LANs.
Can measure application program response times for distributed applications
degraded performance.
Another effort to monitor distributed applications is known as the application MIB.
Application MIB identify three key group of variables for proper application
tracking and management:



Definition variables would store background information concerning applications
(e.g. application name, manufacturer, version, release, installation date, license
number, and number of consecutive users).
State variables would report on the current status of a given application. Three
possible states are up, down, and degraded.
Relationship variables would define all other network-attached resources on which a
given distributed application depends. This includes databases, associated client
applications, and other network resources.
CMPC531\tc_16.ppt \\ page 16 - 17
Networking



In June 1999, IETF approved the Switch Monitoring (SMON) MIB as a
proposed standard.
SMON acts as an extension to RMON, allowing switch traffic and Virtual LAN
traffic to be monitored remotely.
SMON offers some of the functionality proposed for RMON3.
CMPC531\tc_16.ppt \\ page 16 - 18
Networking
ENTERPRISE NETWORK MANAGEMENT
Enterprise Network Management Technology
 Technology Architectures


Network management technology can be categorized into one of the three
possible architectures:
Point products




or element manager to address a particular systems administration or network
management issues.
Adv: narrow in scope, provide the sought-after solution, relatively easy to install and
understand.
Disadv: do not necessarily integrate with other system administration and network
management tools.
Frameworks


offer an overall systems administration or network management platform with
integration between modules and a shared database into which all alerts, message,
alarms, and warning can be stored and correlated. It is an open frameworks.
Adv: offer the network administrator a single, correlated view of all systems and
network resources
CMPC531\tc_16.ppt \\ page 16 - 19
Networking
ENTERPRISE NETWORK MANAGEMENT


Integrated suites




Disadv: development or integration of modules within the farmework can be difficult
and time consuming. Not all management modules may be compatible with a given
framework.
use their own network management and system administration applications.
Adv: applications are more tightly integrated and linked by a set of common services
to offer a more consolidated view of network resources.
Disadv: do not offer the open pick-and-choose architecture of the framework.
Desired Functionality





to track the operational status of distributed applications
to automate reporting of system status information
to automate repetitive system management tasks
to integrate application management and systems administration information
with network management information
to improve application performance by properly responding to system status
messages
CMPC531\tc_16.ppt \\ page 16 - 20
Networking

ENTERPRISE NETWORK MANAGEMENT
Currently Available Technology

Popular enterprise network management systems in frameworks or integrated
suites grades:


Third-party or vendor specific network management in point products grade:


HP Openview, Sun Soft Solstice Enterprise Manager, CA-Unicenter TNG, TME 10 by
IBM/Tivoli Systems (includes IBM System View), PatrolView, (BMC Software),
Spectrum Enterprise Manager (Cabletron)
Transcend Enterprise Manager (3Com), Cisco Works, Optivity Enterprise (Bay
Network), American Power Conversion PowerNet
Current difficulties with actually implementing:

lack of interoperability between third-party application and enterprise network
management systems:
• Separate database maintained by each third-party application and enterprise
network management system.
• Redundant polling of agent software in order to gather performance statistics
• Multiple agents installed and executed on network devices for multiple
management platforms reporting.
CMPC531\tc_16.ppt \\ page 16 - 21
Networking
ENTERPRISE NETWORK MANAGEMENT



lack of interoperability between different enterprise network management systems:
• Exchange network topology information and maps
• Exchange threshold performance parameter and alarm information.
Figure 15-22 shows architectural view of how enterprise network management
systems interface to other enterprise network components.
Key functional areas of enterprise network management software are referred to
Figure 15-23.
Analysis – Network Analyzers
 LAN and WAN network analyzers are able to capture network traffic in real time
without interrupting normal network transmission.
 Analyzers are able to decode those packets, monitor packet traffic statistics, and
simulate network traffic through traffic generators.
 Filtering can isolate certain types of protocols or traffic from only particular
workstations or servers.
 Refer to Figure 15-24 for the Network analyzer capabilities according to OSI 7-layer
CMPC531\tc_16.ppt \\ page 16 - 22
Networking
Figure 15-22 Enterprise Network Management System Architecture
CMPC531\tc_16.ppt \\ page 16 - 23
Networking
ENTERPRISE NETWORK MANAGEMENT
Monitoring – Network Baselining Tools
 Network baselining tools are able to track network performance over extended
periods of time and report on abnormal or deviations from the accumulated baseline
data.
 It usually need several weeks of SNMP data to establish realistic baseline network
performance averages.
 It may possess autodiscovery or autoDNS capabilities that allow them to build
graphical representations of networks by monitoring network management traffic.
 Share the results through a wide variety of predefined and user-defined reports:
 Current network volume by day, week, and months as compared with historical
averages.
 Network traffic volume leaders by node, actual versus expected in terms of
utilization, errors or collisions
 Nodes that are in violation of a variety of user-defined thresholds
 Predicted number of days before a node will cross a user threshold
 Nodes whose performance is degrading
CMPC531\tc_16.ppt \\ page 16 - 24
Networking
ENTERPRISE NETWORK MANAGEMENT
Simulation – Network Modeling and Simulation Tools
 It predicts the performance of various networking scenarios, otherwise
known as what-if analysis.
 It uses the current network configuration as a starting point and applies whatif scenarios. The benefits:
 Ability to spot network bottlenecks such as overworked servers, network
failures, or disk capacity problems.
 Ability to test new applications and network configuration before actual
deployment.
 Ability to recreate circumstances in order to reproduce intermittent or
occasional network problems.
 Ability to replicate traffic volume as well as traffic transaction type and
protocol mix.
 Refer to Figure 15-25 for distinguish simulation software.
CMPC531\tc_16.ppt \\ page 16 - 25
Networking
ENTERPRISE NETWORK MANAGEMENT
Auditing – Network Auditing Tools
 It provides records of which network files have been accessed by which
users.
 Some network auditing tools offer:
 Keep time log of file accesses
 Determine which users are deleting files that seem to just disappear
 Audits when users copy files to diskettes
 Audit which software programs are installed and/or running on any
computer.
 Audit only specified files and/or specified users
 Integrate with security, system management or help desk products
 Report output format, text-based, graphical. Able to export to
spreadsheet, word processing, or database products
 Track and report on configuration changes
 Track logins and logout
CMPC531\tc_16.ppt \\ page 16 - 26
Networking




BUSINESS ISSUES
Senior management may look to the proper management of information
resources to enable a competitive advantage, deploy new network services
quickly and at a reasonable cost.
End users can successfully execute those applications that enable business
processes and achieve business objectives.
Network infrastructures must be flexible and reliable.
The ability to have networks change in response to changing business
conditions and opportunities is of critical importance to the network
manager.
Cost Containment
 It is necessary to have an accurate representation of the source of those costs.
Refer to Figure 15-26.
CMPC531\tc_16.ppt \\ page 16 - 27
Networking
BUSINESS ISSUES
Outsourcing
 Selective hiring of outside contractors to perform specific network
management duties.
 There are several keys to outsourcing success:



Identify those processes that can be most appropriately outsource
Successful management of the outsourcing process
Choose the right outsourcing provider for the right job
Flexibility
 Key philosophies:



Remove dependencies on customerized or proprietary hardware and software.
Move toward adoption of open protocols and off-the-shelf hardware and
software technologies
Adopt network management and systems administration packages that support
open APIs and can easily accommodate add-in modules.
CMPC531\tc_16.ppt \\ page 16 - 28
**** END ****