1 / 37

Network Management Applications

In the Name of the Most High. Network Management Applications. by Behzad Akbari Fall 2008. Network and Systems Management. Management Applications. OSI Model Configuration Fault Performance Security Accounting Reports Service Level Management Policy-based management.

justinmccall
Download Presentation

Network Management Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. In the Name of the Most High Network Management Applications by Behzad Akbari Fall 2008

  2. Network and Systems Management

  3. Management Applications • OSI Model • Configuration • Fault • Performance • Security • Accounting • Reports • Service Level Management • Policy-based management

  4. Configuration Management • Inventory Management • Equipment • Facilities • Network Topology

  5. Network Topology • Manual • Auto-discovery by NMS using • Broadcast ping • ARP table in devices • Mapping of network • Layout • Layering • Views • Physical • Logical

  6. Network Topology Discovery 163.25.145.0 163.25.146.0 140.112.8.0 140.112.6.0 163.25.146.128 163.25.147.0 140.112.5.0 192.168.12.0 192.168.13.0

  7. Discovery In a Network • What to be discovered in a network ? • Node Discovery • The network devices in each network segment • Network Discovery • The topology of networks of interest • Service Discovery • The network services provided • NetworkTopology Discovery • Network Discovery + Node Discovery

  8. Node Discovery • Node Discovery • Given an IP Address, find the nodes in the same network. • Two Major Approaches: • Use Ping to query the possible IP addresses. • Use SNMP to retrieve the ARP Cache of a known node.

  9. Use ICMP ECHO • Eg: IP address: 163.25.147.12 Subnet mask: 255.255.255.0 • All possible addresses: • 163.25.147.1 ~ 163.25.147.254 • For each of the above addresses, use ICMP ECHO to inquire the address • If a node replies (ICMP ECHO Reply), then it is found. • Broadcast Ping

  10. Use SNMP • Find a node which supports SNMP • The given node, default gateway, or router • Or try a node arbitrarily • Query the ipNetToMediaTable in MIB-II IP group (ARP Cache) ipNetToMediaPhysAddress ipNetToMediaType ipNetToMediaIfIndex ipNetToMediaNetAddress 1 00:80:43:5F:12:9A 163.25.147.10 dynamic(3) 2 00:80:51:F3:11:DE 163.25.147.11 dynamic(3)

  11. Network Discovery • Network Discovery • Find the networks of interest with their interconnections • Key Issue: • Given a network, what are the networks directly connected with it ? • Major Approach • Use SNMP to retrieve the routing table of a router.

  12. Default Router Routing table

  13. Mapping of network

  14. Traditional LAN Configuration Physical Logical

  15. Virtual LAN Configuration Physical Logical

  16. Fault Management • Fault is a failure of a network component • Results in loss of connectivity • Fault management involves: • Fault detection • Polling • Traps: linkDown, egpNeighborLoss • Fault location • Detect all components failed and trace down the tree topology to the source • Fault isolation by network and SNMP tools • Use artificial intelligence / correlation techniques • Restoration of service • Identification of root cause of the problem • Problem resolution

  17. Performance Management • Tools • Protocol analyzers • RMON • MRTG • Performance Metrics • Data Monitoring • Problem Isolation • Performance Statistics

  18. Performance Metrics • Macro-level • Throughput • Response time • Availability • Reliability • Micro-level • Bandwidth • Utilization • Error rate • Peak load • Average load

  19. Performance Statistics • Traffic statistics • Error statistics • Used in • QoS tracking • Performance tuning • Validation of SLA (Service Level Agreement) • Trend analysis • Facility planning • Functional accounting

  20. Event Correlation Techniques • Basic elements • Detection and filtering of events • Correlation of observed events using AI • Localize the source of the problem • Identify the cause of the problem • Techniques • Rule-based reasoning • Model-based reasoning • Case-based reasoning • Codebook correlation model • State transition graph model • Finite state machine model

  21. Security Management • Security threats • Policies and Procedures • Resources to prevent security breaches • Firewalls • Cryptography • Authentication and Authorization • Client/Server authentication system • Message transfer security • Network protection security

  22. Security Threats • Modification of information: Contents modified by unauthorized user, does not include address change • Masquerade: change of originating address byunauthorized user • Message Stream Modification: Fragments of message altered by an unauthorized user to modify the meaning of the message • Disclosure • Eavesdropping • Disclosure does not require interception of message • Denial of service and traffic analysis are not considered as threats.

  23. Security Threats

  24. Polices and Procedures

  25. Secured Communication Network No Security Breaches ? • Firewall secures traffic in and out of Network A • Security breach could occur by intercepting the message going from B to A, even if B has permission to access Network A • Most systems implement authentication with user id and password • Authorization is by establishment of accounts

  26. Firewalls • Protects a network from external attacks • Controls traffic in and out of a secure network • Could be implemented in a router, gateway, or a special host • Benefits • Reduces risks of access to hosts • Controlled access • Eliminates annoyance to the users • Protects privacy • Hierarchical implementation of policy and and technology

  27. Packet Filtering Firewall

  28. Packet Filtering • Uses protocol specific criteria at DLC, network, and transport layers • Implemented in routers - called screening router or packet filtering routers • Filtering parameters: • Source and/or destination IP address • Source and/or destination TCP/UDP port address, such as ftp port 21 • Multistage screening - address and protocol • Works best when rules are simple

  29. Application Level Gateway DMZ (De-Militarized Zone)

  30. Authentication Server

  31. Authentication Server • Architecture of Novell LAN • Authentication server does not issue ticket • Login and password not sent from client workstation • User sends id to central authentication server • Authentication server acts as proxy agent to the client and authenticates the user with the application server • Process transparent to the user

  32. Accounting Management • Least developed • Usage of resources • Hidden cost of IT usage (libraries) • Functional accounting • Business application

  33. Report Management

  34. Policy-Based Management

  35. Policy-Based Management • Domain space consists of objects (alarms with attributes) • Rule space consists of rules (if-then) • Policy Driver controls action to be taken • Distinction between policy and rule; policy assigns responsibility and accountability • Action Space implements actions

  36. Service Level Management • SLA management of service equivalent to QoS of network • SLA defines • Identification of services and characteristics • Negotiation of SLA • Deployment of agents to monitor and control • Generation of reports • SLA characteristics • Service parameters • Service levels • Component parameters • Component-to-service mappings

More Related