Upload
blaze-james-riley
View
217
Download
1
Embed Size (px)
Citation preview
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 1
Unit 16 – Local Area Network Management
ENTERPRISE NETWORK MANAGEMENT
BUSINESS ISSUES
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 2
INTRODUCTION A local area network is a complex combination of hardware and software
technologies linked by networking technologies. Overview of the key issues surrounding the management of each major
aspect of local area networks including standards and protocols, interoperability issues, currently available technology, key vendors, and market trends.
Figure 15-1 highlights some of the elements of a LAN that must be managed.
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 3
Figure 15-1 Elements of a Local Area Network That Must Be Managed
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 4
Enterprise Network Management Architecture and Protocols Figure 15-14 shows today’s enterprise network management architecture. Enterprise network management systems are really management application
programs running on a management server. Agents
software programs which run on networking devices such as servers, bridges, and routers to monitor and report the status of those devices.
forward this network management information to enterprise network management system which compile and report network operation statistics to the end-user, most often in some type of graphical format.
Management Information Base, MIB the network management information gathered must be stored in some type of database
with an index and standardized field definitions (called objects) so that network management workstations can easily access this data.
one fairly standard MIB is known as the RMON MIB, which stands for remote network monitoring MIB.
a protocol is required to encapsulate the management data for delivery by network and transport layer protocols. The de facto standard is simple network management protocol (SNMP).
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 5
Figure 15-14 Enterprise Network Management Architecture
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 6
An alternative to the centralized enterprise management console is distributed device manager (DDM).
DDM relies on distributed network probes that are able to gather information from a variety of network devices and relay that information to numerous distributed device manager consoles.
Probes are placed at junction of LAN and WAN segments in order to isolate the source of network traffic problems.
It minimize the management traffic locally rather than supplying to centralized enterprise management console.
See Figure 15-15.
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 7
Figure 15-15 Distributed Device Manager Architecture
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 8
Web-Based Management Figure 15-16 shows the Web-Based Enterprise Management (WBEM) logical
architecture. Network manager could manage any networked device or application from any
location on the network, via any HMMP (hypermedia management protocol)-compliant browser.
SNMP and DMI may either interoperate or be replaced by HMMP. Management data from a variety of software agents would be incorporated into the
WBEM via the HMMS (hypermedia management schema). All web-based management information is stored and retrieved by the request broker,
HMOM (hypermedia object manager). DMTF (Desktop Management Task Force) develops a protocol to support
HMMS, CIM (common information model). CIM allows management data gathered from a variety of enterprise and desktop voice
and data technology all to be transported, processed, displayed, and stored by a single CIM-compliant web browser.
Management data would be stored in MOF (modified object format) like DMI’s MIF format or SNMP’s MIB format.
See Figure 15-17.
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 9
Figure 15-16 Web-Based Enterprise Management Logical Architecture
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 10
Figure 15-17 Management Data: CIM, CMIP, DMI, and SNMP
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 11
Web-based management has the benefits: Users would have to deal with only one common interface Vendors could save a tremendous amount of development costs by developing
management applications for a single platform. Current technology provides a web browser interface to the user in one of
two ways: A web server application is embedded with the enterprise network management
platform, and the user access that embedded web server via a web browser. Communication between network devices and management platform is still via SNMP.
A web server application is embedded within a given network device. Communication between the user and the network device is via HTTP.
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 12
SNMP (Original) The original SNMP required internetworking device-specific agents to be polled
for SNMP encapsulated management data. Alarm conditions or exceptions to preset threshold could not directly reported on an as-needed basis.
Agents simply sent empty datagrams back to managers when requests could not be fulfilled. The receipt of the empty packet merely caused the manager to repeat the request for information, thus increasing network traffic.
The original SNMP did not provide for any means of manager-to-manager communication. All internetworked devices has to report directly to the single enterprise network manager rather than to regional manager.
It was limited to TCP/IP as its transport protocol. It was unusable on NetWare, Macintosh, or other networks.
SNMP does not offer any security features which would authenticate valid polling managers or encrypt traffic between agents and managers.
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 13
SNMP2 A new version of SNMP to deal with the shortcomings of the original version.
Its major objectives are: Reduce network traffic Segment large networks Support multiple transport protocols Increase security Allow multiple agents per device
Managers can retrieve several pieces of network information at a time from a given agent through a new SNMP2 procedure (bulk retrieval mechanism).
Agents enable to send error or exception conditions to managers when requests for information cannot be met.
SNMP2 allows multiple manager entities to be established within a single network. SNMP2 manages large networks by multiple managers in a hierarchical arrangement.
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 14
Overall network traffic is reduced as network management information is confined to the management domains of the individual network segment managers.
Information will only be passed to the centralized network management system if at the request by the central manager or certain predefined error conditions occur on a subnet. See Figure 15-19.
SNMP2 works transparently with AppleTalk, IPX, and OSI transport protocols. SNMP2 allows not just monitoring and management of remote network devices,
but actual remote configuration of those device as well. SNMP2 is also known as Secure SNMP, allows users to access carriers’
network management information and incorporate it into the wide area component of an enterprise NMS.
SNMP2 can deploy multiple agents per device. On a distributed server, one agent could monitor the processing activity, a second could monitor the database activity, and a third could monitor the networking activity, with each reporting back to their own manager.
The key points of the various SNMP2 alternatives could be referred to Figure 15-20.
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 15
Figure 15-19 SNMP2 Supports Manager-to-Manager Communications
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 16
Management information bases (MIBs) serve as repositories for enterprise network performance information to be displa
yed in meaningful format by enterprise NMS. The original RMON MIB standard which was developed in 1991 has been updat
ed as RMON2. Original RMON MIB required compatible technology to collect and analyze stat
istics on the physical and data-link layers, RMON2 to collect and analyze statistics on network layer protocols as well.
RMON2 requires technology to be able to identify from which applications a given packet was generated.
RMON2-compatible agent software which resides within internetworking devices and reports performance statistics to enterprise NMSs (called RMON probe).
Some of the key functional areas of the RMON2 specification could be referred to figure 15-21.
Shortcoming of RMON2: inability to collect and provide data regarding WAN performance.
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 17
RMON3 Provide much-needed standard for the WAN monitoring and management category. It provides a way for many of the current proprietary WAN management tools to
interoperate and share data. Offers management and statistics-gathering supported for switched networks, virtual
LANs. Can measure application program response times for distributed applications degraded
performance. Another effort to monitor distributed applications is known as the application MIB.
Application MIB identify three key group of variables for proper application tracking and management:
Definition variables would store background information concerning applications (e.g. application name, manufacturer, version, release, installation date, license number, and number of consecutive users).
State variables would report on the current status of a given application. Three possible states are up, down, and degraded.
Relationship variables would define all other network-attached resources on which a given distributed application depends. This includes databases, associated client applications, and other network resources.
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 18
In June 1999, IETF approved the Switch Monitoring (SMON) MIB as a proposed standard.
SMON acts as an extension to RMON, allowing switch traffic and Virtual LAN traffic to be monitored remotely.
SMON offers some of the functionality proposed for RMON3.
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 19
Enterprise Network Management Technology Technology Architectures
Network management technology can be categorized into one of the three possible architectures:
Point products or element manager to address a particular systems administration or network manag
ement issues. Adv: narrow in scope, provide the sought-after solution, relatively easy to install and u
nderstand. Disadv: do not necessarily integrate with other system administration and network ma
nagement tools.
Frameworks offer an overall systems administration or network management platform with integrat
ion between modules and a shared database into which all alerts, message, alarms, and warning can be stored and correlated. It is an open frameworks.
Adv: offer the network administrator a single, correlated view of all systems and network resources
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 20
Disadv: development or integration of modules within the farmework can be difficult and time consuming. Not all management modules may be compatible with a given framework.
Integrated suites use their own network management and system administration applications. Adv: applications are more tightly integrated and linked by a set of common services t
o offer a more consolidated view of network resources. Disadv: do not offer the open pick-and-choose architecture of the framework.
Desired Functionality to track the operational status of distributed applications to automate reporting of system status information to automate repetitive system management tasks to integrate application management and systems administration information wit
h network management information to improve application performance by properly responding to system status mes
sages
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 21
Currently Available Technology Popular enterprise network management systems in frameworks or integrated sui
tes grades: HP Openview, Sun Soft Solstice Enterprise Manager, CA-Unicenter TNG, TME 10 by
IBM/Tivoli Systems (includes IBM System View), PatrolView, (BMC Software), Spectrum Enterprise Manager (Cabletron)
Third-party or vendor specific network management in point products grade: Transcend Enterprise Manager (3Com), Cisco Works, Optivity Enterprise (Bay Netwo
rk), American Power Conversion PowerNet Current difficulties with actually implementing:
lack of interoperability between third-party application and enterprise network management systems:
• Separate database maintained by each third-party application and enterprise network management system.
• Redundant polling of agent software in order to gather performance statistics
• Multiple agents installed and executed on network devices for multiple management platforms reporting.
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 22
lack of interoperability between different enterprise network management systems:
• Exchange network topology information and maps
• Exchange threshold performance parameter and alarm information. Figure 15-22 shows architectural view of how enterprise network management
systems interface to other enterprise network components. Key functional areas of enterprise network management software are referred to
Figure 15-23.
Analysis – Network Analyzers LAN and WAN network analyzers are able to capture network traffic in real time
without interrupting normal network transmission. Analyzers are able to decode those packets, monitor packet traffic statistics, and
simulate network traffic through traffic generators. Filtering can isolate certain types of protocols or traffic from only particular
workstations or servers. Refer to Figure 15-24 for the Network analyzer capabilities according to OSI 7-layer
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 23
Figure 15-22 Enterprise Network Management System Architecture
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 24
Monitoring – Network Baselining Tools Network baselining tools are able to track network performance over extended period
s of time and report on abnormal or deviations from the accumulated baseline data. It usually need several weeks of SNMP data to establish realistic baseline network pe
rformance averages. It may possess autodiscovery or autoDNS capabilities that allow them to build graphi
cal representations of networks by monitoring network management traffic. Share the results through a wide variety of predefined and user-defined reports:
Current network volume by day, week, and months as compared with historical averages.
Network traffic volume leaders by node, actual versus expected in terms of utilization, errors or collisions
Nodes that are in violation of a variety of user-defined thresholds Predicted number of days before a node will cross a user threshold Nodes whose performance is degrading
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 25
Simulation – Network Modeling and Simulation Tools It predicts the performance of various networking scenarios, otherwise
known as what-if analysis. It uses the current network configuration as a starting point and applies
what-if scenarios. The benefits: Ability to spot network bottlenecks such as overworked servers, network
failures, or disk capacity problems. Ability to test new applications and network configuration before actual
deployment. Ability to recreate circumstances in order to reproduce intermittent or
occasional network problems. Ability to replicate traffic volume as well as traffic transaction type and
protocol mix. Refer to Figure 15-25 for distinguish simulation software.
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 26
Auditing – Network Auditing Tools It provides records of which network files have been accessed by which
users. Some network auditing tools offer:
Keep time log of file accesses Determine which users are deleting files that seem to just disappear Audits when users copy files to diskettes Audit which software programs are installed and/or running on any
computer. Audit only specified files and/or specified users Integrate with security, system management or help desk products Report output format, text-based, graphical. Able to export to
spreadsheet, word processing, or database products Track and report on configuration changes Track logins and logout
ENTERPRISE NETWORK MANAGEMENT
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 27
Senior management may look to the proper management of information resources to enable a competitive advantage, deploy new network services quickly and at a reasonable cost.
End users can successfully execute those applications that enable business processes and achieve business objectives.
Network infrastructures must be flexible and reliable. The ability to have networks change in response to changing business
conditions and opportunities is of critical importance to the network manager.
Cost Containment It is necessary to have an accurate representation of the source of those
costs. Refer to Figure 15-26.
BUSINESS ISSUES
NetworkingNetworking
CMPC531\tc_16.ppt \\ page 16 - 28
Outsourcing Selective hiring of outside contractors to perform specific network managem
ent duties. There are several keys to outsourcing success:
Identify those processes that can be most appropriately outsource Successful management of the outsourcing process Choose the right outsourcing provider for the right job
Flexibility Key philosophies:
Remove dependencies on customerized or proprietary hardware and software. Move toward adoption of open protocols and off-the-shelf hardware and softwar
e technologies Adopt network management and systems administration packages that support o
pen APIs and can easily accommodate add-in modules.
BUSINESS ISSUES
**** END ****