Network Management 1 - University of Greenwich
Download
Report
Transcript Network Management 1 - University of Greenwich
COMP1706: MOBILE AND NETWORK TECHNOLOGIES
Network Management 1
Dr. George Loukas
University of Greenwich, 2014-2015
Network Management: Definition
“Activities, methods, procedures and tools that pertain to the
operation, administration, maintenance and provisioning
of network systems”
Network Management: Operation
“Activities, methods, procedures and tools that pertain to the
operation, administration, maintenance and provisioning
of network systems”
Keeping the network and the services up and running
smoothly
E.g. Monitoring the network to spot problems before
users are affected
Network Management: Administration
“Activities, methods, procedures and tools that pertain to the
operation, administration, maintenance and provisioning
of network systems”
“Housekeeping”: Keeping track of resources in the
network and how they are assigned to ensure things are
under control
E.g. Keep track of routers and switches and diagnose
unusual or problematic behaviour
Network Management: Maintenance
“Activities, methods, procedures and tools that pertain to the
operation, administration, maintenance and provisioning
of network systems”
Repairs and upgrades.
E.g. when a device needs a new Operating
System or a device is removed / added to the
network
Network Management: Provisioning
“Activities, methods, procedures and tools that pertain to the
operation, administration, maintenance and provisioning
of network systems”
Configuring resources in the network to support a given
service.
E.g. Setting up the network for a new customer to receive
Voice service.
History of Network Management
1960s
Network Operations
Centres (NOC)
1920s
regional Traffic
Control Bureaus
1980s - Internet and
Standardisation
FCAPS etc.
History of the AT&T Network – History of Network Management: http://www.corp.att.com/history/nethistory/management.html
Managed object
Managed objects can be
Network elements (hardware, system)
Software (non-physical)
Hubs, bridges, routers, transmission facilities
Programs, algorithms
Administrative information
Contact person, name of group of objects (IP group)
Network Management Infrastructure
Agent
Agent
Managed Object
Managed Object
Managed Object
Agent
Manager
Managed Object
data
Managed Object
Agent
Agent
Management structure
Management
Node
Managed
Node/Object
Unmanaged
Node/Object
Agent
Software
Unmanaged
Node/Object
Managed
Node/Object
Agent
Software
Management Concepts
Managed devices send traps / alerts when they
recognise potential problems
On receipt of these alerts, manager nodes react by:
Operator notification
Event logging
Automatically attempting to fix the problem
Device shutdown
Requesting more
information
Components of Network management
NMS
Network
Agent
Network
Agent
Network
Objects
Network
Objects
Figure 1.25 Network Management Components
Network Management: Principles and Practice© Mani Subramanian 2010
Interoperability
NMS
Vendor A
Messages
Services & Protocols
NMS
Vendor B
Network
Agent
Network
Agent
Network
Agent
Network
Agent
Network
Objects
Network
Objects
Network
Objects
Network
Objects
Figure 1.26 Network Management Interoperability
Network Management: Principles and Practice© Mani Subramanian 2010
Phases of Network Management
Formulate
policy
Monitoring
Analysis
Control
Define the
normal
operating
conditions and
expectations for
the network
Collect the
status of the
network to
verify if it is
following the
policies
formulated
Determine if the
network is
operating
correctly and, if
not, determine
the cause of
the problem
and what
should be done
to correct the
situation
Implement the
action plans
from the
analysis stage
to correct the
behaviour of
the network
•
As with all management processes, there is a continuous loop of planning,
implementation, monitoring and controlling
•
The question that needs to be asked is: “Would it cost more if I ignored a problem?”
Management Architecture and Model
Network
Management
SNMP
Organisation
model
Information
model
Network
management
components
(manager, agent)
Structure of
management
information
system (SMI)
Functions of
components,
relationships
Management
information base
(MIB)
Two-tier, threetier architecture
Object oriented
Communication
model
Functional
model
Unidirectional
messages
Simple
messages (getresponse and
traps)
PDUs (e.g.
GetRequest,
Trap etc.)
Network Management: Principles and Practice© Mani Subramanian 2010
F
C
A
P
S
Organisational Model
Manager
Organisation
model
Information
model
Agent
Sends requests to agents
Monitors alarms
Houses applications
Provides user interface
Network
Management
Gathers information from objects
Configures parameters of objects
Responds to managers’ requests
Generates alarms and sends them to managers
Managed object
Network element that hosts management agent
Communication
model
Functional
model
Two-Tier Model
Agent built into network element
Example: Managed switch, managed router
Management Database resides in the manager not
in the agent
MDB
Manager
Managed objects
Unmanaged objects
MDB Management Database
Agent process
Figure 3.2 Two-Tier Network Management Organization Model
Network Management: Principles and Practice© Mani Subramanian 2010
Three-Tier Model
Middle layer plays the dual role
Agent to transmit information to the top-level manager
Manager to the managed objects (collect data from
managed object, process and store results in its database)
Example of middle level: Remote monitoring agent (RMON)
MDB
Manager
MDB
Agent / Manager
Managed objects
MDB Management Database
Agent process
Figure 3.3 Three-Tier Network Management Organization Model
Network Management: Principles and Practice© Mani Subramanian 2010
Manager of Managers
Agent NMS manages the domain (local management)
MoM presents integrated view of domains (global monitoring)
Domain may be geographical, administrative, vendor-specific
products, etc.
MoM
MDB
Agent
Agent
Agent NMS
Agent NMS
Manager
MDB
Manager
MDB
Managed objects
Managed objects
Agent NMS
MoM Manager of Managers
MDB Management Database
Agent
Manager
Agent process
Figure 3.4 Network Management Organization Model with MoM
Network Management: Principles and Practice© Mani Subramanian 2010
Information model
The information comprises
syntax (format) and semantics (meaning)
about an object
Network
Management
Organisation
model
Information
model
Communication
model
Functional
model
SMI (Structure Management Information) and
MIB (Management Information Base) are used
for similar purposes: defining and identifying
specific managed objects
Structure of Management Information (SMI)
SMI defines for a managed object
Syntax
Semantics
Plus additional information such as status
unique Object ID
Example
sysDescr: { system 1 }
Syntax: model of object
Syntax:
OCTET STRING
Definition:
"A textual description of the entity. "
Access:
read-only
Semantics - textual
Status:
mandatory
implementation requirements
access
privileges to
the object
description of the
semantics
Management Information Base (MIB)
Information base contains information about objects
Organised by grouping of related objects
Defines relationship between objects
It is NOT a physical database. It is a virtual database that is
compiled into a management module
MIB files are difficult to
read. They are only
meant to be
imported/“compiled”
into a management
module. Below is an
example of a Cisco
MIB file:
Management Data Base Vs. Management Information Base
MDB real database; e.g.,
Oracle, Sybase
MIB virtual database; schema
compiled into the
management software.
An NMS can automatically
discover a managed object,
such as a hub, when added to
the network
The NMS can identify the new
object as hub only after the
MIB schema of the hub is
compiled into NMS software.
MDB
Manager
MIB
Managed objects
Figure 3.6 Network Configuration with Data and Information Base
MDB Management Database
MIB Management Information Base
Agent process
Network Management: Principles and Practice© Mani Subramanian 2010
Communication model
Means of
communicating
between the
manager and a
managed object,
using a requestreply protocol
Network
Management
Polling
Organisation
model
Communication
model
Functional
model
Polling
Requests for some information
Manager
node
Managed
object
Responds with the information
Alerts / Traps
Asynchronous
means of
communicating
between a
managed object
and the manager
Information
model
Alerts/Traps
Manager
node
Managed
object
This information might be of interest
Transfer Protocols
Manager
Applications
Operations / Requests / Responses
Traps / Notifications
Agent
Applications
Manager
Communication
Module
SNMP (Internet)
CMIP (OSI)
Agent
Communication
Module
Transport Layers
UDP / IP (Internet)
OSI Lower Layer Profiles (OSI)
Transport Layers
Physical Medium
Figure 3.12 Management Communication Transfer Protocols
Application: Format of communication and messages
Commands and responses (actual message)
Transport protocol: transport medium of message exchange
INTERMISSION
Functional Model
Network
Management
Organisation
model
Fault management
Configuration management
Accounting management
Performance management
Security management
Information
model
Communication
model
Functional
model
Fault management
Detect, isolate, log, notify, and respond to faults
encountered in the network
Deals with issues such as:
Is there a fault?
Where is the fault?
Can the faulty part of the network be isolated?
Is there a pattern to the fault occurrence?
FCAPS
Fault management
Fault management involves:
FCAPS
Determining symptoms
Isolating the problem
Identification and testing of a solution on all of the important
subsystems and platforms
Recording of the detection and resolution of the problem
Fault prevention:
Keep logs of fault occurrence and actively look for patterns to try
to predict the weak areas, or devices (e.g. a suspect device should
be removed and examined off-line BEFORE it fails completely)
Identify the Shortest Path First and provide redundancy
appropriately (e.g. the Spanning Tree Protocol can be used with
switches / bridges to enable redundant paths without loops)
Configuration management
FCAPS
Allows a network manager to track which devices
are on the managed network and the hardware
and software configurations of these devices
Configures aspects of the network devices such as
configuration file management, inventory
management, and software management
Deals with issues such as:
How are connection devices and services configured?
Are devices and services configured optimally?
Can groups of devices with common configuration be
identified?
Configuration management
FCAPS
Keeps track of “version” information of each
network device (e.g. some hardware platforms,
such as a specific router, might not support all
versions of an operating system. It is important that
correct, tested combinations of hardware and
software are installed)
Facilitates replicating “standard” configurations
onto many devices:
Standard images for all users in a particular department
Software installation
Standard basic configurations for a group of routers
Configuration management
FCAPS
Examples:
A network engineer might test router configurations (perhaps to
solve a specific problem) on set-aside test equipment (spare
routers) and store those configurations into a TFTP server. These can
then be downloaded into a laptop computer and loaded directly
into operational devices with much lower risk. A ‘library’ of such
configurations can be retained for future use
Typical configuration problems include mistyped IP addresses,
unsynchronised software updates or poorly chosen user names
Monitoring and control include IP addresses, subnet masks, DNS
settings, frame sizes, directories, disks, drivers for network cards,
video cards, user identities and groups
Accounting management
FCAPS
Collects usage information of network resources
Measures network utilisation parameters so that uses
on the network can be regulated appropriately
Reduces certain network problems (because
network resources can be apportioned based on
resource capacities) and increases fairness of
network access
Allows the network manager to specify, log, and
control user and device access to network
resources
Analysis of the results provides insight into current
usage patterns, and e.g. set usage quotas, usagebased charging or allocation of resource access
privileges
Accounting management
FCAPS
Costs can include computer resources (e.g. disk space,
processor time, network bandwidth) as well as the time and
effort spent enforcing restrictions and collecting funds
Accounting management involves:
gathering statistics
setting quotas
billing users
Accounting allows:
controlling the actions of users
making better use of the resources that are managed
helping to make decisions about improvements
monitoring usage trends
Performance management
FCAPS
Monitors and measures various aspects of performance to
maintain overall performance at a defined level
Quantifies, measures, reports, analyses and controls the
performance (e.g., utilisation, throughput) of different network
components, such as individual devices (e.g., links, routers, and
hosts) as well as end-end abstractions such as a path through
the network
Measures, models, plans, and optimises networks to ensure that
they carry traffic with the speed (e.g. bandwidth and latency),
reliability (e.g. fault tolerance, mean time between failures,
dropped packets, etc.), and capacity (e.g. throughput, link
performance etc.) that is appropriate for the nature of the
application and the cost constraints of the organisation
Performance management
FCAPS
Deals with issues such as:
What types of applications are present, and what are their QoS
requirements?
Where is the traffic coming from?
Where is the traffic going?
Are there any bottlenecks, if so, where?
Is the network operating the way it should (or the way it has in the past benchmarks)?
Are there any patterns in the traffic behaviour, if so, what do they
indicate?
Differs to fault management in that it takes a longer term view of
providing acceptable levels of performance in the face of varying
traffic demands and (hopefully rare) network device failures
while fault management is the immediate handling of transient
network failures (e.g., link, host or router hardware or software
outages)
Performance management
FCAPS
Examples of performance variables that might be
provided include:
Availability / up-time
Network throughput
User response times (of services in the network)
Link utilisation
Understanding what elements can affect
performance is a ‘technical issue’ but knowing what
to monitor and why is a ‘management function’.
Performance management can be done reactively
or proactively
Reactive Vs. Proactive
Performance management
FCAPS
Performance Management
Reactive
To react to a situation that has
already occurred
Example: Packets are being
dropped because congestion
has arisen and routers buffers are
full
Problems: Delay, Problem
Repetition
Proactive
Trying to predict the behaviour of the
network, or the devices it comprises
Example: A rising trend in router buffer
utilisation might indicate that congestion is
building up. This information could be used to
reconfigure the network to alleviate the
situation before serious levels of packet loss
occur
Problems: Complex and not always possible
to implement in all situations
A network management strategy should contain
both proactive and reactive techniques
Performance management
FCAPS
Main activities:
1.
Performance data is gathered on variables of interest to
network administrators
2.
The data is analysed to determine normal (baseline) levels
3.
Appropriate performance thresholds are determined for
each important variable such that exceeding these
thresholds indicates a network problem worthy of attention
4.
Management entities (agents) continually monitor
performance variables. When a performance threshold is
exceeded, an alert is generated and sent to the network
management system
Security management
FCAPS
Control and secure access to network devices,
network resources, and services to authorised
individuals according to some well-defined policy.
Control access to network resources according to
local guidelines so that the network cannot be
sabotaged
E.g. firewalls to monitor and control external access
points to one's network
Security management
Sensitive information must not be accessible to users
without appropriate authorisation.
Examples of attacks:
FCAPS
Eavesdropping
Masquerade, spoofing
Denial of Service
Security management systems work by partitioning
network resources into authorised and unauthorised
areas.
Security Policies, Firewalls in routers, Access Control
Lists (ACLs)
Security management
FCAPS
Security costs can include extra processing (e.g. for
encryption, authentication), extra administration
(e.g. setting up user IDs, monitoring for security
breaches etc.), extra hardware (e.g. firewalls, fibreoptic cable instead of easily tapped wires etc.)
Security management involves:
identifying requirements
identifying possible risks
securing risky areas
logging inappropriate access
Summary
Network
Management
Organisation
model
2-tier
3-tier
MoM
Information model
SMI
MIB
Communication
model
Requests/
Response
Traps
Functional model
FCAPS
Network Management: Principles and Practice© Mani Subramanian 2010