1 / 18

Stephanie Clarke

Stephanie Clarke. Investigation and implementation of a network monitoring system in an academic College environment: Presentation. Introduction (1). St Catharine’s College, Cambridge has a diverse user population, many with their own computers on the network

sasha-obrien
Download Presentation

Stephanie Clarke

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Stephanie Clarke Investigation and implementation of a network monitoring system in an academic College environment: Presentation

  2. Introduction (1) • St Catharine’s College, Cambridge has a diverse user population, many with their own computers on the network • The Computer Office has little control over privately-owned computers • Remote hostels make on-site visits time consuming

  3. Introduction (2) • IP addresses are allocated to individual students but conflicts do arise • Not all users obey the rules, particularly regarding traffic levels • In the survey of users for this project most supported having restrictions on either traffic levels and/or content

  4. The need for this project • Users need a stable, reliable network • In order to manage the network effectively it is important to obtain timely information about problems • Although some basic information is available there is a need for a system to easily provide access to relevant information

  5. General design options • ‘Monitoring’ is a wide-ranging term • The literature search revealed a variety of options • Commercial and freeware tools are available • Some researchers have written tools aimed at specific tasks • The survey of system administrators for this project revealed that many monitored in some way but there was little consensus about how

  6. Design chosen • A succinct daily report would be generated highlighting matters of particular interest • More detailed data would be logged for reference

  7. Aspects of the report (1) • The report would include: • Information about users creating more than 500Mb in total (incoming + outgoing) in a day • Information about users in the top 20 traffic generators using KaZaA, Napster or Gnutella • Traffic on certain ports • Warnings about IP conflicts

  8. Aspects of the report (2) • And also: • A database of all IP addresses seen on the network, with corresponding MAC addresses and hostnames • Traffic graphs for all Ethernet switch ports • Other items of note

  9. Aspects of the report (3) • The ‘Other items of note’ requirement was open-ended, and ultimately included: • First-time connections seen that day • IP/MAC address pairs reappearing after 6 months or more • MAC address mismatches

  10. Limitations of available options • No available tool would do exactly what was wanted • The solution was to use a selection of tools to gather the data and to write scripts to interrogate this data and generate the reports

  11. Implementation • A self-contained system sitting on the edge of the network • Linux was chosen as the operating system, being free and suitable for the task • Different scripts were used in the generation of different aspects of the report, for robustness and ease of maintenance • Scripts were written in Perl

  12. Data generation tools (1) • Arpwatch provided the raw data for use in creating the database and the sections on first-time connections, IP conflicts, IP/MAC address pairs reappearing after 6 months or more and MAC address mismatches • Mrtg was used to create the traffic graphs

  13. Data generation tools (2) • Data on the top 20 traffic generators in College - available from the University of Cambridge - was interrogated for details on users creating more than 500Mb, those using KaZaA, Napster or Gnutella, and those using certain ports • The Data Protection Act 1998 prevented more detailed port traffic analysis

  14. User interface • Presented as a password-protected website • Menus added for ease of use • Previous reports can be reached if required

  15. Evaluation • The system provides information in a convenient format that was previously unavailable or difficult and time consuming to obtain • Problem detection and resolution is now much easier • The system has additional benefits beyond those originally envisaged

  16. Unexpected results • The system threw up some surprising information, including: • The number of IP conflicts that arise is higher than was previously supposed • The load varies widely between switches and is not always distributed in the pattern previously supposed

  17. Future possibilities • The system has potential for future expansion • Some tweaks to the system would make it even better, including: • Adding the dates an entry is first seen and most recently seen to the database • Adding the hostname to the ‘first seen’ section of the report

  18. Conclusions • The project resulted in a robust, easy-to-use system • The information it provides makes it a valuable asset to the College • The system will also be of assistance in planning future improvements to the network

More Related