Advanced Network Management Prof. Chadi Assi assi@ciise.concordia.ca EV7.635

Text Books and References Network Management: Principles and Practice: Mani Subramanian, Addison Wesley, ISBN: 0-201-35742-9 SNMP, SNMPv2, SNMPv3 and RMON1 and 2: William Stallings, 3rd edition, Addison Wesley, ISBN: 0-201-48534-6 Network Management: A Practical Perspective Leinwand, A. and Fang K., Addison Wesley Essential SNMP Douglas Mauro and Kevin Schmidt, O’Reilly online version: http://www.unix.org.ua/orelly/networking_2ndEd/snmp/ Other RFCs and Research papers

Course Outline Network Management: Principles, Standards and Models. Computer Networks and the Internet Application, Transport and Network layer Network Management Protocols and Abstract Syntax Notation One (ASN.1). Simple Network Management Protocol (SNMP) Structure of Management Information (SMI), Management Information Base (MIB). SNMPv2 SNMPv3 Remote Monitoring (RMON), RMON 1 and 2.

Course Outline OSI Systems management, Telecommunications Management Network (TMN), and ATM Network Management. . Network Management Applications (Configuration, Performance, Fault and Security management). Distributed Management Framework (management by delegation, mobile agent based management, etc.) CORBA based management, web based management, JMX and DMTF.

Course Outline Marking Scheme: Midterm1         35% Midterm2         35% Project                         25% Assignments 5% More info: www.ciise.concordia.ca/~assi/courses/inse7120.htm

Background Today’s “Information Infrastructure” (or simply the Internet) is increasingly growing large number of interconnected heterogeneous sub-networks and a wide range of distributed applications (100s or 1000s of interacting hardware/software components) Other complex systems requiring monitoring, control jet airplane nuclear power plant Others In such a large network, many things can go wrong therefore disabling the network or a portion of it and degrading performance to an unacceptable level!

Background During the old days, a network can be managed by using only human efforts! In a small system, running few “pings” may help locating the problem As the Internet becomes a large global infrastructure, automated network management tools are essential Standardized tools that can be used across a broad spectrum of product types are also needed Therefore, a network management system (NMS) is a collection of tools for network monitoring and control Just as an airplane cockpit allows a pilot to monitor, control, analyze, configure, etc.

Network Management Failure of Interface Card A network admin by monitoring and analyzing network traffic may detect problems in any interface card and replace it e.g., increase in checksum errors in frames sent out by this interface; Host Monitoring A network admin periodically checks to see if all hosts are operational

Network Management Monitoring traffic/resource deployment By monitoring link utilization, a network admin may determine system bottleneck and provision higher bandwidth link instead, to avoid congestion

Network Management Rapid changes in routing tables If detected may prevent instabilities in routing and hence prevent a network from going down Intrusion detection Network admin requests to be notified when traffic is destined to/arrives from a suspicious source Detect the existence of a certain type of traffic (e.g., security attacks)

What is Network Management?* "Network management includes the deployment, integration and coordination of the hardware, software, and human elements to monitor, test, poll, configure, analyze, evaluate, and control the network and element resources to meet the real-time, operational performance, and Quality of Service requirements at a reasonable cost." *T.Saydam, T. Magendaz “From Networks and Network Management into Service and Service Management” Journal of Networks and System Management, Vol.4, No.4, Dec. 1996

What is Network Management? ISO (International Organization for Standardization) has created a network management model. 5 areas of network management are classified Performance Management Fault Management Configuration Management Security Management Accounting Management This classification has gained broad acceptance by vendors of both standardized and proprietary NMS

Performance Management Goal: Quantify, measure, report, analyze, and control the performance of different network components (such as routers, hosts, as well as end to end abstractions, such as a path through the network) Two functional categories Monitoring (ability to monitor and track activities on the network) Controlling (ability to make adjustments to improve network performance). Measuring Performance Throughput (whether reduced to unacceptable level!) Response time (i.e. network delays) Utilization Error rates (identify bottlenecks) Availability

Fault Management Goal: Log, detect, and respond to fault conditions in the network Immediate* handling of transient network failures (link, host, router hardware or software outages) Faults are to be distinguished from Errors A fault is an abnormal condition and requires management attention to repair (e.g. link cut) An Error is a single event! (e.g. single bit error on a line) *performance management takes longer term view in the face of varying traffic demands and occasional network device failures.

Illustrative scenario A client application exchanges data over a TCP connection with a DB server Distinct domains each administered by a different organization

Illustrative scenario Problem scenario A clock at an interface in WAN2 that supports T3 link loses SYNC 4 times a second for 0.25 ms  intermittent noise causing loss of 0.1% of T3 capacity  this small noise causes bit errors in a large number of packets routed over C-D  Bit errors cause packet losses, either at routers (if IP header corrupted) or at destinations

Illustrative scenario  performance of TCP connection degrades due to packet loss  TCP sender interprets this as congestion and hence reduces its window TCP increases its window gradually until new packet loss However due to the noise, the TCP window will not increase DB transactions by client will last longer DB server performance will degrade due to records lock-out, causing frequent aborts for remote transactions

Configuration Management Consists of the following steps: Gather information about current network, maintain an up-to-date inventory of all network components Use that data to modify the configuration of the network device (reconfiguration*) Goal: Allow a network manager to track which devices are on the network and the hardware and software configurations of these devices. * Reconfiguration of a network is often desired in response to performance evaluation or in support of network upgrade, fault recovery, or security checks.

Security Management Goal: Security at different levels Physical & Data Link Levels  Encryption Network Level  packet filters Application Level  (host, user and key) authentication Popular Level  Firewalls & VPNs Goal: Control access to network resources according to well defined policy. Identifying sensitive information (e.g., network management information) and protecting it

Accounting Management A network manager should track the use of network resources A user may be abusing his access privilege and burdening the network at the expense of other users. (e.g., a user may be violating his service contract) Planning for network growth Goal: Specify, log, and control user and device access to network resources …usage quotas, usage-based charging, the allocation of resource-access privileges… …Accounting reports should be generated periodically

Infrastructure for Network Management definitions: managing entity agent data managing entity data managed devices contain managed objects whose data is gathered into a Management Information Base (MIB) managed device agent data network management protocol managed device agent data agent data managed device managed device