Network Management Systems

NETWORK MANAGEMENT SYSTEMS
A Network Management System is a collection of tools (hardware and

software) for network monitoring and control. It is the incremental hardware and
software additions implemented among the existing network components. The
software is used in accomplishing the network management tasks residing the host
computers and communication processors ( bridges, routers, front end processors,
cluster controller terminals etc.)
The functions performed by a network management system can be divided

into five broad categories: Configuration Management, Fault Management,
Performance Management, Security Management, and Accounting Management.
Prof. N Ravi Jerusalem College of

Engineering
"Network management includes the deployment, integration and coordination of the

hardware, software, and human elements to monitor, test, poll, configure, analyze,
evaluate, and control the network and element resources to meet the real-time,
operational performance, and Quality of Service requirements at a reasonable cost."

Engineering

Functions of Network
Management Systems
Configuration
Management
Fault
Management
Configure
Proactive
Reconfigure
Reactive
Document
Performance
Management
Security
Management
Capacity
Authorisation
Traffic
Keys
Throughput
Passwords
Response Time
Access Control

Engineering
Accounting
Management
Usage Charges
Rental Charges

Configuration and Name Management : Initializing a network and shutting down
gracefully
Maintaining, adding and updating the relationship among the
components and status of the components.
Fault Management: Determine the location of fault, Isolate the fault and continue
working, Minimize the impact of the fault, Repair or replace the failed component
Performance Management: Facility needed to evaluate the behaviour of managed

objects and the effectiveness of the communication activities, control effectiveness
of communication activities at various levels.

Engineering
Security Management:
Address the security aspects essential for network
management and to protect managed objects.
Protection of target network
security, access control of facilities, generating, storing, distributing encryption

keys, passwords, authorization control information etc.
Account Management :
accordingly
Established charges for use of services and charge

Engineering
Network Management Standards
OSI CMIP
SNMP: Simple Network

Management Protocol
Common Management Information Protocol
Internet roots (SGMP)
designed 1980s: the unifying net management standard started simple
too slowly standardized
deployed, adopted
rapidly
growth: size, complexity
currently: SNMP V3
de facto network
management standard

Engineering
Infrastructure for Network management
MANAGER
MANAGED
DEVICE
MANAGED
DEVICE
AGENT - DATA
AGENT - DATA
AGENT - DATA
MANAGED
DEVICE
MANAGED
DEVICE
AGENT - DATA
MANAGED
DEVICE
AGENT - DATA

Engineering
SNMP, SMI, MIB, ASN1

Simple Network Management Protocol (SNMP) is a popular protocol for network
management. It is used for collecting information from, and configuring, network
devices, such as servers, printers, hubs, switches, and routers on an Internet
Protocol (IP) network.
To do management tasks, SNMP uses two other protocols: Structure of

Management Information (SMI) and Management Information Base (MIB). In other
words, management on the Internet is done through the cooperation of three
protocols: SNMP, SMI, and MIB.

Engineering

SNMP defines the format of packets exchanged between a manager and an agent.
It reads and changes the status of objects (values of variables) in SNMP packets.
SMI defines the general rules for naming objects, defining object types (including
range and length), and showing how to encode objects and values.
MIB creates a collection of named objects, their types, and their relationships to
each other in an entity to be managed.

Engineering

GENERAL BLOCKS

Engineering
10

Engineering
11

Engineering
12

Engineering
13
2
3
4
14

Engineering
SNMP packet
Get Request
SNMP packet
Response

The Structure of Management Information is a component for network
management. Its functions are:
To name objects.
To define the type of data that can be stored in an object.
To show how to encode data for transmission
over the network.
SMI is a guideline for SNMP. It emphasizes three attributes to handle an object:

name, data type, and encoding method.

Engineering
15

OBJECT IDENTIFIER
All objects managed by SNMP are given an object identifier.

The object identifier always starts with 1.3.6.1.2.1.
Engineering
16

Engineering
17

CONCEPTUAL DATA TYPES

Engineering
18

ENCODING FORMAT

Engineering
19

Engineering
20

Integer
Octet String
Object Identifier

Engineering
21
The Management Information Base, version 2 (MIB2) is the

second component used in network management. Each agent
has its own MIB2, which is a collection of all the objects that the
manager can manage. The objects in MIB2 are categorized under
10 different groups: system, interface, address translation, ip,
icmp, tcp, udp, egp, transmission, and snmp. These groups are
under the mib-2 object in the object identifier tree (see Figure
24.12). Each group has defined variables and/or tables.
Engineering
22
MIB module specified via SMI

MODULE-IDENTITY
(100 standardized MIBs, more vendor-specific)
MODULE
OBJECT TYPE:
OBJECT TYPE:OBJECT TYPE:
objects specified via SMI

OBJECT-TYPE construct

Engineering
23
23
UDP

Engineering
24
24

Two ways to convey MIB info, commands:
agent data
managed device
request/response mode
managing
entity
TRAP MSG
RESPONSE
REQUEST
managing
entity
agent data
managed device
trap mode
Engineering
25
25

SNMP MESSAGE TYPES

Engineering
26

PDU FORMATS
Variables to get/set
Get/set header
PDU
type
(0-3)
PDU
type
4
Request
ID
Error
Status
(0-5)
Enterprise Agent
Addr
Error
Index
Trap
Type
(0-7)
Value .
Name
Value
Name
Specific
code
Time
stamp
Name Value .
Trap header
Trap info
SNMP PDU
Prof. NProf.
RaviN Jerusalem
Ravi Jerusalem
College
College
of
of
Engineering
Engineering
27
27

Encryption: DES-encrypt SNMP message
Authentication: compute, send MIC( m, k ): compute hash
(MIC) over message (m), secret shared key (k)
Protection against playback: use nonce

View-based access control:
SNMP entity maintains database of access rights, policies
for various users
database itself accessible as managed object!

Engineering
28

SNMP uses the services of UDP on two well-known ports, 161 and 162. The well-known
port 161 is used by the server (agent), and the well-known port 162 is used by the client
(manager).

Engineering
29
SNMP V3
SNMPv3 has added two new features to the previous version:
security and remote administration. SNMPv3 allows a
manager to choose one or more levels of security when
accessing an agent. Different aspects of security can be
configured by the manager to allow message authentication,
confidentiality, and integrity.
SNMPv3 also allows remote configuration of security
aspects without requiring the administrator to actually be at
the place where the device is located.

Engineering
30
ABSTRACT SYNTAX NOTATION(ASN)

The need of a common language
In order to cooperate the following needs arise
L A N - Or g A
PU BL IC
A shared interpretation of what

the data means and a common
protocol for interchange
A shared view on data
structure
The ASN.1 Notation
Transfer coding rules
The ASN.1 Encoding
schemes: BER, PER, ..
WAN
L A N Or g C
L A N Or g B

Engineering
31
General purpose notation and encoding scheme:

Developed to be applied to the MHS protocols (X.400)
(born in 1982)
Generalised as general tools ISO 8824 Notation and ISO
8825 Encoding rules in 1990, Revised in 1995
General use in many application fields today

Engineering
32

Engineering
33

Engineering
34

OSI
Prot ocol
St ack
A p p lic at io n
Pr e se n t a t io n
Applied first to the Presentation layer

in the Open Systems
Interconnection.
Sessio n
Transpo rt
Net w o rk
Dat alin k
Ph y si c al
Soon used to define the protocols of

the Applications layer:
FTAM, ROSE, MHS, etc.
Also used for lower layers

Engineering
35
O SI
Pr o t o c o l
St a c k
O SI
A p p lic at io n
PDU
Pr o t o c o l
A p p lic at io n
ASN.1
for the
data syntax
PDU
Se s s i o n
Se s s i o n
T r an sp o r t
T r an sp o r t
Net w o r k
Dat alin k
Ph y s i c a l
St a c k
BER
for the
(sequential)
transfer syntax
Engineering
Net w o r k
Dat alin k
Ph y s i c a l
36

A PDU can be a complex element (letter, document, ) and:
specified using datatypes of SDL, LOTOS, UML, ...
implemented using datatypes of CHILL, C++, Java, ...
ASN.1 provides a language independent syntax and ASN.1
compilers take care of the mapping
C++, Java, SDL...
PDU
PDU
ASN.1
C++, Java, SDL...
ASN.1
BER
C++, Java,...
Decode
Encode
Engineering
37

A module is a set of ASN.1 definitions assembled for a specific
purpose.
The structure of a module is:
ModuleDefinition::=
DEFINITIONS::=
ModuleIdentifier DEFINITIONS
BEGIN
ModuleBody
END
ModuleIdentifer is an element of type Object Identifiers

Object Identifiers are adminstrered by ISO, ITU-T, etc. A Module
Identifier represents an official reference to the Module.

Engineering
38

ModuleBody::=
Exports -- definitions that may be exported to other modules
Imports -- definitions that are imported from other modules
AssignmentList --this modules definitions
|
-- | means or
empty
Type assignment
WeatherReport ::== SEQUENCE{..}

Name of type
Reference to the defined type
Value Assignment
sampleWreport
Name of the value
WeatherReport ::== {}
The type of this value

Engineering
Actual value spec
39

A type assignment has three syntactic elements:
the type reference (the name allocated to it),
the symbol ::= (means defined as) and

the appropriate type notation
WeatherReport ::= SEQUENCE
{
stationNumber
INTEGER {1..99999}
timeOfReport
UTCTime
.........
}
Engineering
40

A value assignment has four syntactic elements:
the value reference (the name allocated),
the type to which the value belongs
the symbol ::= (means defined as) and
the appropriate value notation
Sample value assignment:
sampleReport
WeatherReport ::=
{
stationNumber
73290
timeOfReport
900102125703Z
.........
}
Engineering
41

Simple types
BOOLEAN (true or false)
INTEGER (any positive or negative whole number or
zero)
REAL (mantissa, base, exponent)
BIT STRING (ordered string of bits)
OCTET STRING (ordered string of octets)
NULL (null is the only allowed value)
OBJECT IDENTIFIER (identifies a place in a tree)
ENUMERATED (a list of names of values)
CHARACTER STRING (several are defined)
Engineering
42

Structure Types
SEQUENCE/SEQUENCE OF
An ordered collection; of indicates all entries are the
same type
SET/SET OF
an unordered collection; of indicates entries are the
same type
CHOICE
collection of types from which one is chosen
SELECTION
references a CHOICE type
Engineering
43

Engineering
44

Network Management Systems

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Network Management Systems

Încărcat de

Drepturi de autor:

Formate disponibile

NETWORK MANAGEMENT SYSTEMS

A Network Management System is a collection of tools (hardware and

The functions performed by a network management system can be divided

Prof. N Ravi Jerusalem College of