Network Implementation and Management Strategies

Outline

Explain why a network implementation strategy is needed Examine the principles of network design Explain why a network management strategy is needed Describe network management categories and related activities Classify current network management tools according to functionality Examine different network management strategies Select a management strategy for this book

Network Implementation Strategy Design

Network Implementation Design Analysis

Category Issues Geographical Distribution 1. 2. 3. 4. Office Subnets LAN Department (many offices) Subnets LAN Division ( many departments) LAN WAN Organization ( many divisions) Local q LAN q MAN q WAN National q WAN Global q WAN

Network Implementation Design Analysis (cont.)

Subnets 1. How many

Bridges Switches q Routers 2. Ethernet

q q

Connectivity

Wireless
q q

Number of receivers Location of hub(s)

10BASET

10BASE2 10BASE5 How many IP addresses

q

Static addresses Addresses supplied by DHCP

Network Implementation Design Analysis (cont.)

LAN 1. 2. 3. 4. 5. How many Domain names DNS (Domain Name Service) configuration Network address Subnets
How many Switched Ethernet Router

5. Connectivity

6. Ethernet 7. Token Ring 8. FDDI (Fiber Distributed Data Network)

Network Implementation Design Analysis (cont.)

MAN (Metropolitan Area Network) 1. Connectivity between LANs q FDDI q SONET(Synchronous Optical Network) q LAN q ATM q SMDS ( Switched Multi-megabit Data Service) q DQDB (Dual Queue Dual Bus) q Ethernet 1. Connectivity between LANs or MANs q PSTN q X.25 q TI-T3 q SONET q Frame Relay q SMDS q ATM q Distribution of services

WAN

Network Implementation Design Analysis (cont.)

Bandwidth Requirements 1. Video Bandwidth
2. Constant Time Dependent Bandwidth on Demand Audio Bandwidth Constant Time Dependent Bandwidth on Demand

3. Teleconferencing Bandwidth

Media Requirements

1. 2. 3. 4. 5.

Cable Wireless Microwave Satellite Optical Fiber

Network Implementation Design Analysis (cont.)

Technology 1. 2. 3. 4. What is available now Minimum required for the job Technology improvements during next 5 years Required to support expected growth

Service Level Agreements (SLA)

1. Specified bandwidth available at any time 2. Specified bandwidth available during specified time periods 3. Bandwidth on demand

Security Requirements

1. 2. 3. 4. 5.

Location of firewalls Firewall capabilities Location of proxy servers Encryption and authentication needs Network Intrusion Detectors (NID)

Budget

1. To support resources of optimum network 2. To support resources of minimum network

A Network Management Categories and Associated Metrics

CATEGORY METRICS Reliability Transmission error rates Dropped packets Link failures

Faults

Proactive prevention Detection Location Correction time

Availability

Mean time between failures (MTBF) of network

Performance

Time to provide a response to the user q Processor total use q Processor interrupts/sec q Processor queue length q Transmit packet lengths

A Network Management Categories and Associated Metrics (cont.)

Throughput Bytes per second that a user can expect to transmit reliably. Guaranteed throughput based on Service Level Agreement (SLA) Packet throughput Data

Voice

Ordered packet throughput

Video

Link bandwidth Bandwidth on demand

Use

Packets/sec Transactions/sec

Resource Use

Application software Network devices Services Permanent storage CPU

A Network Management Categories and Associated Metrics (cont.)

Policies Traffic What's Critical How many network control packets Which threshold alarms Alerts on what events What's Non-critical Backup-what and how often Application testing Software upgrades-how often Administration Type of service availability required Security level required Firewall protection requirements Network Intrusion Detection needs Number of Software License requirements User rights requirements and how distributed among which users. Number of redundant systems required Critical alternate paths Automatic responses to user questions about procedures Automatic responses to user questions about network problems Automatic reporting of problems and solutions to users and to a database

Redundancy

User Support

A Network Management Categories and Associated Metrics (ExampleMicromuse Netcool/OMNIbus)

ISO Network Management Categories

ISO Network Management Categories (Cont.)

(Performance Management)
Tells Tells Tells

you how the network is doing you what your network is doing you where everything is in the network

(Fault Management) (Configuration Management) (Security Management)

Tells
Tells

you who is using your network

you when your network is used

(Accounting Management)

Performance Management ( )

Performance Management
Measuring

the performance of network hardware, software, and media

Measuring Metrics
Overall

throughput Percentage utilization Error rate Response time

Performance Management SubCategories and Related Activities

Collecting Baseline Utilization Data Measuring link utilization using a probe Counting packets received/transmitted by a specific device Measuring device processor usage Monitoring device queue lengths Monitoring device memory utilization Measuring total response times Measuring utilization and response times at different times of the day Measuring utilization and response times on different days over an extended period

Collecting a History of Utilization Data

Capacity Planning

Manually graphing or using a network management tool to graph utilization as a function of time to detect trends Preparing trend reports to document projected need for and the cost of network expansion.

Performance Management SubCategories and Related Activities (cont.)

Setting Notification Thresholds Having a network management tool poll devices for values of critical parameters and graphing these values as a function of time Setting polling intervals Setting alarms/alerts on those parameters when the threshold is reached or a percentage of it is reached Initiating an action when the threshold is reached such a sending a message to the network manager. Having the network management tool create a database of records containing device name, parameter, threshold and time for off-line analysis. Using the database to extract time dependence of utilization Using the time dependence of parameters to decide when network upgrades will be necessary to maintain performance Using a simulation tool to develop a model of the network Using the models parameters and utilization data to optimize network performance Query/Response time interval

Building Databases

Running Network Simulations

Latency

Implementing Steps of Performance Management

1. 2. 3. (Threshold) 4.

:
processor

load, disk access rate, network interface card utilization forwarding rate, processor load, percentage of dropped frames on each interface, number of packets being held in a queue.

/:
packet

(Link Utilization)
(e.g, Ethernet, Token Ring, FDDI)
util% = total bits sent + total bits received bandwidth

Full-Duplex Serial Link (e.g. 64K, ..., T1, T3) util% =

Max (total bits sent , total bits received)

bandwidth

SNMP

SNMP MIB II ifInOctets ifOutOctets SNMP ifInOctetsifOutOctets

= / ()

Example

T1(1.544Mbps) 10:00 AM: ifInOctets = 1,500,000 ifOutOctets = 1,200,000 10:05 AM: ifInOctets = 2,500,000 ifOutOctets = 7, 200,000

2,500,000 - 1,500,000 = 1,000,000 Bytes Out: 7,200,000 - 1,200,000 = 6,000,000 Bytes = Max (1,000,0006,000,000) Bytes = 6, 000,000 Bytes = 48,000,000 bits Util% = 48,000,000/(1,544,000 60 5) 100% = 10.36%
In:

Service Level Measurement

Total Response Time

Rejection Rate
Availability

Service Level Measurement (Cont.)

Total Response Time

the

amount of time it takes a datum to enter the network and be processed and for a response to leave the network. From the viewpoint of applications Round Trip Time (R.T.T) is measured from the viewpoint of transport protocol.

Service Level Measurement (Cont.)

Rejection Rate
the

percentage of time the network cannot transfer information because of the lack of resources and performance.

Availability
the

percentage of time the network is accessible for use and operational. Usually measured as MTBF (Mean Time Between Failure)

Analysis of Performance Information

Graphic

performance informantion

Historical

plots: weekly, monthly, quarterly, yearly Real-time graphical analysis Trend Prediction

Example of Performance Management

Example of Performance Management (TANET-NCTU-1)

Example of Performance Management (TANET-NCTU-2)

Reference: http://mrtg.twaren.net/mrtg

What to be Analyzed/Graphed?

Device Information
memory

usage, processor utilization, disk access rate, number of sessions. error rate, error percentage

Link Information
utilization,

Threshold Setup
Set thresholds on a variety of items affecting network performance When the thresholds are crossed, events are reported. In general, the values of thresholds are determined according to past experience.

Thresholds

Threshold Priority
In

general, priority: low, medium, high Multiple threshold values for the same item Thresholds for multiple items

Use rearm mechanism to avoid frequent threshold events

Rearm
util%

Threshold Rearm

123 4

time

Performance Prediction
Use

Regression to predict future trend. Apply Statistics Theory Should consider possible factors that affect the prediction. Network Simulation

Prediction
util% Threshold value Predicted utilization increase Computed actual utilization

time

Fault Management ( )

Fault Management
Detection

of a problem, fault isolation and correction to normal operation A goal is to use trend analysis to predict faults and change network conditions so that the network is always available to users

Fault Management involves the following steps

Discover

the problem Isolate the problem Fix the problem (if possible)

Fault Management Sub-Categories and Related Activities

Prioritization Prioritize faults in the order in which they should be addressed Use in-band management packets to learn about important faults Identify which fault events should cause messages to be sent to the manager Identify which devices should be polled and at what intervals Identify which device parameter values should be collected and how often Prioritize which messages should be stored in the managers database Management Station is passive and only receives event notifications Management Station is active and polls for device variable values at required intervals Application periodically requests a service from a service provider Using a cable tester to check that links are not broken

Timeliness Required

Physical Connectivity Testing

Fault Management Sub-Categories and Related Activities (cont.)

Software Connectivity Testing Using an application that makes a request of another device that requires a response. q The most often application for this is Ping.Exe. It calls the Internet Control Message Protocol ( ICMP) which sends periodic Echo Request messages to a selected device on a TCP/IP network q Application on one device makes a request of an application on another device Devices are configured conservatively to minimize chances of dropped packets. Devices are periodically polled to collect network statistics Thresholds configured and alarms generated Text media used for report Audio media used for report A color graphical display used to show down devices Human manager is notified by pager Remote Monitors used Protocol analyzers used Traps sent to Network Management Station Device statistics monitored Graphical trends generated to identify potential faults

Device Configuration

SNMP Polls Fault Reports Generated

Traffic Monitored

Trends

Executing Steps for Fault Management

Discover the problem Identifying the occurrence of a fault on the network. Isolate the problem Isolating the cause of the fault. Fix the problem (if possible) Correcting the fault.

Discover the Problem

Event report

(Event Report)

Periodic Polling

Periodic Polling
5~15

SNMP: Counter (32-bit)

PING
PING: Packet Internet Groper PINGICMP ECHO / ECHO Reply TCP/IP

(Round Trip Time) (Packet Loss Rate)

An Example of PING

Ping (Log)
(Interface) (Operational Status)

(Log)

()

(Interpret Event)
(Polling)

(Event Correlation)
(Polling)

/(Event/Action)

()

Poll Reply Network Polling Generate

Event Receive Network Event Critical Network Event Interpret Network Event

Generate

Alert User

No

Event= Link Down ?

Yes Check Carrier Signal on Source Alert User Link Down No

Carrier Exist ?

Yes
Put Interface in Loopback Test Physical Layer Alert User Physical Layer Down

No

Test Pass ?

Yes

Alert User Remote Device Down

()

(Text)

(Picture)

(Audio)

Pager
B.B.

Call

E-mail
E-mail


POP
Critical Major Minor Warning Normal Unknown Disable

POP
Mail WWW DNS

RAS T1
Channel/Port

State

Critical Major

Minor Warning Normal Unknown

Color
Packet Loss Rate Round Trip Time

>80%

>60%
> Threshold

>40%

>20%

<20%

Alarm Reporting
Round Trip Time Threshold Setting Trouble Ticketing Audio Alarm Pager Alarm E-Mail Alert

Example of Fault Management

User
PC
UNIX

....

Firewall / Router ....

UNIX

Internet

Mail Server

WWW Server

...
RMON Device

DNS

FDDI

....
UNIX

...
PC

PC

Example of Fault Management

Configuration Management ( )

Configuration Management
The

process of finding and setting up (configuring) network devices Automated configuration is becoming a more important part of network management as the sizes of networks grow

Configuration Management SubCategories and Related Activities

Configuration (Local) Choice of medium access protocol Choice of correct cabling and connectors Choice of cabling layout Determining the number of physical interfaces on devices Setting device interface parameter values q Interrupts q I/O Addresses q DMA numbers q Network layer addresses (e.g. IP, NetWare, etc) Configuration of multiport devices (e.g. hubs, switches and routers) Use of the Windows Registry Comparing current versus stored configurations Checking software environments SNMP service From the network management station q Disabling device ports q Redirecting port forwarding q Disabling devices q Comparing current versus stored configurations q Configuring routing tables q Configuring security parameters such as community strings and user names q Configuring addresses of management stations to which traps should be sent Verifying integrity of changes

Configuration (Remote)

Configuration Management SubCategories and Related Activities (cont.)

Configuration (Automated) Using the Dynamic Host Configuration Protocol (DHCP) to configure IP addresses Using Plug and Play enabled NICs for automatic selection of interrupts and I/O addresses Domain Name Services (DNS) addresses Trap messages from agents

Configuration Management SubCategories and Related Activities (cont.)

Inventory (Manual) Maintaining records of cable runs and the types of cables used Maintaining device configuration records Creating network database containing for each device: q Device types q Software environment for each device q operating systems q utilities q drivers q applications q versions q configuration files (.ncf, .ini, .sys) q vendor contact information q IP address q Subnet address Auto-discovery of devices on the network using an NMS Auto-determination of device configurations using an NMS Creation of a network database Auto-mapping of current devices to produce a network topological map Accessing device statistics using an NMS and the Desktop Management Protocol

Inventory (Automated)

(SNMP)

(Autodiscovery)

Auto-discovery
A method used by a network management system to dynamically find the devices attached to a data network.

Ping 2.
1.

1. Ping
(1). Send out a query, such as ICMP Echo (ping) to every possible address on the network. (2). When a device answers the query, ask for detailed information using network management protocol (e.g. SNMP).

Eexample of Auto-discovery (I)

* Suppose the IP Address of NMS is 140.131.59.20 and the network attached is a Class B network (i.e. netmask is 255.255.0.0). => Possible Addresses: 140.131.0.1 ~ 140.131.255.254 * If there exists another network, e.g. 163.25.149.0, interconnected with network 140.131.0.0, there exists a router containing at least two interfaces with IP address 140.131.x.x and 163.25.149.x. * Use SNMP to query the IP address table of the devices found by Ping, we can get more information about the existence of other networks and devices.

2.
(1). Find one device on the network and query it by NM protocol to discover all of the devices it has communicated with recently.
(2). Repeatedly use NM protocol to query the devices found previously.

Eexample of Auto-discovery (II)

* Suppose the IP Address of NMS is 140.131.59.20 and its default gateway is 140.131.59.254. => * Use SNMP to query 140.131.59.20 itself or 140.131.59.254.

ARP Cache, TCP/UDP Connection Table, IP Address Table, Routing Table.

* Use SNMP to query the devices found in the previous query.


Status Propagation

Compound Status
Default Propagate Most Critical Propagate At Threshold Values (0-100%) % Warning % Minor % Major % Critical


Manual modification is not efficient. Automatic modification should be recorded NMS can verify the configuration change.


Stored in a central location Consistency and Availability of configuration data is important. CM data can be stored in ASCII Text Files or DBMSs.


Provide for central storage of all network information. Autodiscovery mechanism Automapping facility Automatic data acquisition Allow user to manually add additional configuration information Search function

 ()
Automatically compare current and stored configuration data. View running configuration graphically. Make configuration change. Centralized storage and easy retrieval of data. Configuration Event/Alarm. Graphical logical/physical view of devices

Configuration Alarms

 ()
The use of DBMS Evaluate device configurations Allow complex query of data in DBMS. Produce inventory reports. Provide simple query interface for critical data.

Example of Traceroute

Example of Configuration Management

Example of Configuration Management: (CHTNet)

Security Management ( )

Security Management
The

process of controlling access to information on the networked system

Security Management SubCategories and Related Activities

Applying Basic Techniques Identifying hosts that store sensitive information Management of passwords Assigning user rights and permissions Recording failed logins Setting remote access barrier codes Employing virus scanning Limiting views of the Enterprise network Tracking time and origin of remote accesses to servers

Identifying Access Methods Used

Electronic Mail File Transfer Web Browsing Directory Service Remote Login Remote Procedure Call Remote Execution Network Monitors Network Management System

Security Management Sub-Categories and Related Activities (cont.)

Using Access Control Methods Encryption Packet filtering at routers Packet filtering at firewalls Source host authentication Source user authentication

Maintenance

Audits of the activity at secure access points Executing security attack programs (Network Intrusion Detection) Detecting and documenting breaches

Accessing Public Data Networks

No restrictions - hosts are responsible for securing all access points Limited access - only some hosts can interface with the Public Data Network using a proxy server

Using an Automated Security Manager

Queries the configuration database to identify all access points for each device. Reads event logs and notes security-related events. Security Manager shows a security event on the network map. Reports of invalid access point attempts are generated daily for analysis

Functions of Security Management

The creation, deletion, and control of security services and mechanisms. The distribution of security-relevant information. The reporting of security-relevant events.


(Confidentiality) (Authentication) (Integrity) (Non-repudiation) (Access control) (Availability)


1. Identifying the sensitive information to be protected 2. Finding the access points 3. Securing the access points 4. Maintaining the access points

Access Point

A piece of network hardware or software that allows access to the data network.

Software services Hardware components Network media

Finding the Access Points

Physical Wiring/Media Network Services

Remote

Login File Transfer E-mail Remote Execution Directory Service

NMS

Securing the Access Points

(1). Packet Filtering (2). Host Authentication (3). User Authentication (4). Key Authentication (5). Encryption

(1). Packet Filtering

Packet filtering usually can be performed in bridges, switches, and routers. Packet filtering stops packets to or from unsecured hosts before they reach an access point. Issues
Each

network device to perform packet filtering must be configured. Packet filtering doesn't work if the unsecured host changes its address.

Packet-Filtering Routers
Protected Network Router with ACLs

Users

Users

ISP and Internet

Micro Webserver

zip

E-mail Server

100

Micro Webserver

Web Server

Public Access

(2). Host Authentication

Allow access to a service based on a source host identifier, e.g. network address.
Service
Remote Login File Transfer Directory

Allow
Host-B, Host-C, 140.131.59.20 Host-A, Host-B, PC-bmw, Host-C, 140.131.62.211, PC-benz

Issues

A host can change its network address. Different users in the same host have the same authority.

(3). User Authentication

Enable service to identify each user before allowing that user access. Password Mechanism

Generally, passwords are transferred on the network without any encryption. Use encrypted passwords. Users tend to make passwords easy to remember. If the passwords are not common words, users will write them down.

Host Authentication + User Authentication

(4). Key Authentication

Key
A

unique piece of information that authenticates the data in a transaction. destination host requires the source host of a transaction to present a key for the transaction. server that validates requests for transactions between hosts by giving out keys.

Key Authentication
The

Key Server
A

Source (S)

Key Server (K)

Destination (D)

1. S requests remote login to D S 2. S requests a key to K. S K 3. K validates the request. K 4. K send a key to S.

5. S requests login with valid key to D.

(5). Encryption

Network
atek49ffdlffffe ffdsfsfsff

encryption
ciphertext
Dear John: I am happy to know ...

atek49ffdlffffe ffdsfsfsff

decryption
Dear John: I am happy to know ...

ciphertext

plaintext

plaintext

Cryptography / Encryption

Encryption

Encode, Scramble, or Encipher the plaintext information to be sent.

Encryption Algorithm

The method performed in encryption.

A stream of bits that control the encryption algorithm.

Encryption Key

Plaintext

The text which is to be encrypted.

the text after encryption is performed.

Ciphertext

Encryption
Encryption Key Encryption Algorithm Ciphertext
atek49ffdlffffe ffdsfsfsff

Plaintext
Dear John: I am happy to know ...

Decryption
Decryption Key Decryption Algorithm

Plaintext
Dear John: I am happy to know ...

Ciphertext
atek49ffdlffffe ffdsfsfsff

Encryption / Decryption

Encryption Techniques

Private Key Encryption

Key = Decryption Key Also called Symmetric-Key Encryption, Secret-Key Encryption, or Conventional Cryptography.
Encryption

Public Key Encryption

Key Decryption Key Also called Asymmetric Encryption
Encryption

Private Key Encryption: - DES (Data Encryption Standard)

Adopted by U.S. Federal Government. Both the sender and receiver must know the same secret key code to encrypt and decrypt messages with DES Operates on 64-bit blocks with a 56-bit key DES is a fast encryption scheme and works well for bulk encryption. Issues:
How

to deliver the key to the sender safely?

Symmetric Key in DES

Other Symmetric Key Encryption Techniques

3DES
Triple

DES

RC2, RC4 IDEA

International

Data Encryption Algorithm

Key Size Matters!

Centuries Information Lifetime

Decades

168-bits

Years 56-bits Hours

100s

*Triple-DES (recommended for commercial & corporate information)

40-bits
10K 1M 10M Budget ($) 100M

Public Key Encryption:

- RSA

The public key is disseminated as widely as possible. The secrete key is only known by the receiver. Named after its inventors Ron Rivest, Adi Shamir, and Leonard Adleman RSA is well established as a de facto standard RSA is fine for encrypting small messages

Asymmetric Key in RSA

Key Length
Average Time for Exhaustive Key Search
32 Bits Symmetric Cipher (Conventional) 40 56 64 80 96 112 120 128 192 Bits Bits Bits Bits Bits Bits Bits Bits Bits Asymmetric (RSA/D-H) 274 384 512 1024 1536 2048 2560 3072 10240 Bits Bits Bits Bits Bits Bits Bits Bits Bits Number of Possible Key 56 Bits 128 Bits 2 2
32 56 128 31

= 4.3 X 10 = 7.2 X 10

16 38

= 3.4 X 10

32 Bits ==> 2 usec =36 min

55 Time required at 1 Encryption/uSEC 56 Bits ==> 2 usec =1142 Years

128 Bits ==> 2

127

usec =5X10 Years

24

32 Bits ==> 2 millsec Time required at 10 Encryption/uSEC

6

Performance 30~200 1

56 Bits ==> 10 Hours 128 Bits ==> 5X10 Years

18

Hybrid Encryption Technology: PGP (Pretty Good Privacy)

Hybrid Encryption Technique

First compresses the plaintext. Then creates a session key, which is a one-time-only secret key. Using the session key, apply a fast conventional encryption algorithm to encrypt the plaintext. The session key is then encrypted to the recipients public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient.

PGP Encryption

PGP Decryption
The recipient uses its private key to recover the temporary session key Use the session key to decrypt the conventionally-encrypted ciphertext.

PGP Decryption

Digital Signatures

Digital signatures enable the recipient of information to verify the authenticity of the informations origin, and also verify that the information is intact. Public key digital signatures provide

authentication data integrity non-repudiation

Technique: public key cryptography

Simple Digital Signatures

Secure Digital Signatures

Maintaining the Secure Access Points

Locate potential and actual security breaches. Audit Trail Security Test Programs

Attaching to a Public Network

No Access Full Access

All

individual computers should have security management. a firewall to enforce security between private and public networks.

Limited Access
Use

 (Firewall)
Firewall Firewall

Packet

Filtering Firewall Dual-Homed Host Firewall Screened Host Firewall Screened Subnet Firewall

http://www.movies.acmecity.com/silent/6/doc/fwppt.zip

VPN (Virtual Private Network)

VPN:

VPN

X.25 Frame Relay ATM Internet

VPN (Virtual Private Network)

VPN

(Tunneling)

IPSec (IP Security) PPTP (Point-to-Point Tunneling Protocol) L2TP (Layer 2 Tunneling Protocol)

(Encryption/Decryption)

Private/Public/Hybrid Key Encryption

SKIP (Simple Key Management for IP) IKE (ISAKMP/Oakley) Username/Password + Token Number X.509 Certificate by Certificate Authority (CA)

(Key Management)

(Authentication)

Accounting Management ( )

Accounting Management
Tracking

each individual and group user's utilization of network resources to better ensure that users have sufficient resources Enable charges to be established for the use of network resources, and the costs to be identified for the use of those network resources

Accounting Management SubCategories and Related Activities

Gather Network Device Utilization Data Measure usage of resources by cost center Set quotas to enable fair use of resources Site metering to track adherence to software licensing Bill Users of Network Resources Set charges based on usage. Measure one of the following q Number of transactions q Number of packets q Number of bytes Set charges on direction of information flow

Use and Accounting Management Tools

Query usage database to measure statistics versus quotas Define network billing domains Implement automatic billing based on usage by users in the domain Enable billing predictions Enable user selection of billing domains on the network map Create historical billings trends Automatic distribution of billing to Cost Centers Project future billings by cost center

Reporting

AM

Metrics
Measurement

of network resources used.

Quotas
The

amount of a network's resources allowed for a user or group. process of charging users for the use of the data network and its associated services.

Billing
The

One-Time Installation Fee and Monthly Fees Fee Based on Amount of Network Resource Consumed
Total Total Total Total

numbers of transactions packets bytes sent bytes received

Fee Based on Amount of Time (For Dial-Up Serial Links)

Monitor for any metrics that exceeds a quota.

Store metric data into the database of NMS. Report the metric data that exceeds a quota. Use database's "trigger" ability to automatically generate reports

 ()
Perform network billing. Determine where to poll for billing information. Forecast the need of network resources

To establish reasonable metrics and quotas To predict network billing cost for users

Generate accounting reports

Billing Process Example

1. Get network topology from DBMS 2. Get region user selected on network map 3. Determine devices in region 4. Find devices to query (with the aids of user's input). 5. Get billing information 6. Get pricing information 7. Get polling rate 8. Start performing queries and calculations

Management Tools

Management Tools (Cont.)

Management Tools (Cont.)

Network Management Configurations

Centralized configuration
Management

is centralized to the network management station on the backbone network LANs are managed by a local NMS while an NMS host connects to the backbone network

Distributed configuration
The

Centralized Network Management

LAN 1 Node 1 Hub Agent WS Probe Agent Agent Router Agent Backbone Node

NMS

WS Agent

Router Agent

Probe Agent

WS Agent

Router Agent

Probe Agent

LAN 2 Node 2
Probe = Remote Monitor NMS = Network Management System WS = Workstation

LAN 3 Node 3

FIGURE 3-2: Centralized Network Management

Distributed Network Management

LAN 1 Hub Agent WS Probe Agent Agent Router Agent Backbone
NMS

Node 1

NMS

WS Agent

Router Agent

Probe Agent

NMS

WS Agent

Router Agent

Probe Agent

NMS

LAN 2

Node 2

LAN 3

Node 3

Probe = Remote Monitor NMS = Network Management System WS = Workstation -------- = In-band or out-of band management communication

FIGURE 3-3 : Distributed Network Management

Selected Management Strategy