Chapter 19: Network Management Business Data Communications, 5e Fault Management • A fault is an abnormal condition that requires management attention (or action) to repair • Fault is usually indicated by failure to operate correctly or by excessive errors • Users expect quick and reliable resolution Business Data Communications, 5e 2 Responding to Faults • When faults occur, it is critical to quickly: – Determine exactly where the fault is – Isolate the rest of the network from the failure so that it can continue to function without interference – Reconfigure or modify the network to minimize the effect of removing the failed component(s) – Repair or replace the failed components to restore the network to its initial state Business Data Communications, 5e 3 User Requirements for Fault Management • Tolerant of occasional outages, but expect speedy resolution • Requires rapid and reliable fault detection and diagnostic management functions • Impact and duration of faults can be minimized with redundancy • Good communication with users about outages and faults is critical Business Data Communications, 5e 4 Accounting Management • Reasons for accounting management: – Internal chargebacks on network use – User(s) may be abusing access privileges and burdening the network at the expense of other users – Users may be making inefficient use of the network – Network manager can plan better for network growth if user activity is known in sufficient detail. • Accounting reports should be generated under network manager control. • Facility must provide verification of users' authorization to access and manipulate accounting information Business Data Communications, 5e 5 Configuration Management • Concerned with: – initializing a network and gracefully shutting down part or all of the network – maintaining, adding, and updating the relationships among components and the status of components themselves during network operation • Operations on certain components should be able to be performed unattended • Network manager needs the capability to change the connectivity of network components • Users should be notified of configuration changes Business Data Communications, 5e 6 Performance Management • Issues of concern to the network manager include: – – – – – What is the level of capacity utilization? Is there excessive traffic? Has throughput been reduced to unacceptable levels? Are there bottlenecks? Is response time increasing? • Network managers need performance statistics to help them plan, manage, and maintain large networks Business Data Communications, 5e 7 Security Management • Concerned with – generating, distributing, and storing encryption keys – monitoring and controlling access to networks – access to all or part of the network management information – collection, storage, and examination of audit records and security logs • Provides facilities for protection of network resources and user information • Network security facilities should be available for authorized users only Business Data Communications, 5e 8 Network Management Systems • Collection of tools for network monitoring and control, integrated in these ways: – A single user-friendly operator interface for performing most or all network management tasks – A minimal amount of separate equipment • Consists of incremental hardware and software additions implemented among existing network components • Designed to view the entire network as a unified architecture, and provide regular feedback of status information to the network control center Business Data Communications, 5e 9 Network Management System Architecture Business Data Communications, 5e 10 Components of the NMS • All nodes run the Network Management Entity (NME) software • Network control host or manager runs the Network Management Application (NMA) • Other nodes are considered agents Business Data Communications, 5e 11 Network Management Entity • Collection of software contained in each network node, devoted to the network management task • Performs the following tasks: – Collect statistics on communications and network-related activities. – Store statistics locally – Respond to commands from the network control center – Send messages to NCC when local conditions undergo a significant change Business Data Communications, 5e 12 Simple Network Management Protocol (SNMP) • Originally developed for use as a network management tool for networks and internetworks operating TCP/IP. • A collection of specifications that include the protocol itself, the definition of a database, and associated concepts. • Network Management Model – – – – Management station Agent Management information base Network management protocolP Business Data Communications, 5e 13 SNMPv1 Configuration Business Data Communications, 5e 14 Role of SNMPv1 Business Data Communications, 5e 15 SNMPv2 • Released in 1992, revised in 1996 • Addressed functional deficiencies in SNMP • Accommodates decentralized network management • Improves efficiency of data transfer Business Data Communications, 5e 16 Elements of SNMPv2 • Each "player" in the network management system maintains local database of network management information (MIB) • Standard defines information structure and allowable data types (SMI) • At least one system must be responsible for network management; others act as agents • Information exchanged using simple request/respond protocol, usually running over UDP Business Data Communications, 5e 17 Structure of Management Information (SMI) • Defines framework within which a MIB can be defined and constructed – data types that can be stored – formal technique for defining objects and tables of objects – scheme for associating a unique identifier with each actual object in a system • Emphasis on simplicity and extensibility Business Data Communications, 5e 18 SNMPv2 Protocol Operation • Basic unit of exchange is the message – Outer message wrapper – Inner protocol data unit (PDU) • Common fields in PDUs – Request-id field is an integer assigned such that each outstanding request can be uniquely identified. – Variable-bindings field contains a list of object identifiers; depending on the PDU, the list may also include a value for each object. Business Data Communications, 5e 19 SNMPv2 PDU Format QuickTime™ and a TIFF (LZW) decompressor are needed to see this picture. Business Data Communications, 5e 20 SNMPv3 • Released in 1998, addressed security deficiencies in SNMP and SNMPv2 • Does not provide a complete SNMP capability; defines an overall SNMP architecture and a set of security capabilities for use with SNMPv2 Business Data Communications, 5e 21 SNMPv3 Services • User-Based Security (USM) model – Authentication – Privacy • View-Based Access Control Model (VACM) – Access Control Business Data Communications, 5e 22