Documente Academic
Documente Profesional
Documente Cultură
Network Design
Chapter Summary
Pages 233-237
4/1/2017
This paper will review the subject of Network Management, based on information in the
Network Design Cookbook (Thomatis, Michel) and lecture notes taken at Quinnebaug Valley
Community College. The text lists seven general areas of Network Management: fault
Fault management monitors the availability of network devices and basic information,
such as utilization of the device and its interfaces. Performance Management provides
advanced monitoring of actual traffic through the network. Configuration Management provides
easy means of making mass configurations on a network, to include auditing configurations for
best security practices. Events and logging records the data and status activities of networks
and their devices, to get a better sense of usage and fault patterns. Desktop management
seeks to standardize desktop policies for network devices and promote anti-virus awareness.
This is closely related to security management, which seeks to address security issues affecting
an entire network.1
Management Agent and Network Management Station. Network Management Stations are
Protocol (SNMP) server, with the client being a workstation, called a Network Management
Workstation, that uses the SNMP server to manage network issues. These workstations use
1 Thomas, Michel. Network Cookbook (Version 10.2.8). Self-Published. Last Updated: August
19, 2016. Page 233.
Network Management Agents, which are daemons that receive, authenticate, and process
One of the most critical goals of network management is to do no harm to the network
while management activity is being done. These activities involve monitoring and making
adjustments to the network to enhance its performance. SNMP has three levels of intervention
In passive, SNMP is providing overall monitoring of the network and its devices. In active
mode, it is directly focused on a specific device, and affecting the performance of that device
through the Network Management Agent. In exceptional mode, there is a more direct takeover
of a device by the protocol, which can result in network shutdowns. This mode is implemented
in emergency situations.
The goal of SNMP protocol, which is to do no harm to a network while monitoring its
performance, creates a contradiction. SNMP must gain access to a networks devices through
its Network Management Agents, which in turn consume system resources that can hinder the
networks performance. So a careful balance must be made between SNMP sampling rates,
through its Network Management Agents, to get meaningful performance data, without SNMP
throughout the network at a given rate of time. This data is then averaged. More rapid data
sampling rates gives us more accurate results of network performance, which is called data
fidelity.
However, when sampling rates are too high, system resources are overburdened, which
can result in overall degraded network performance. What we may end up with is evidence of
structure network protocols to automatically generate bits that relay network functionality that
will ready to be received by SNMP agents. This built in compensation function for network
protocols may require a little extra memory, but it could help support network to SNMP
Network Managers may also be interested in who is generating network data , called
Netflow, as well as what is happening to the data while in the network system (which was
previously discussed). Network Managers may want to know who is consuming the most
bandwidth on the network, what kind of data is being generated, and when. This involves the
deployment of packet capture programs that look at data from Network Layer of the OSI model.
These programs do not have the ability to make network adjustments like SNMP, but it is
another way to view network activity for the purposes of trouble shooting, without the level
Another issue discussed in the text pertaining to Network Management is the matter of
authentication. The text pushes for a centralized, server based authentication system which
enables easy adjustments to changing passwords, user IDs, profiles, and accounts. This is
maintain authentication related data, which creates its own security risks. It will be easier for
potential hackers to break into a disorganized system using authentication data that had been
forgotten about, lost, and stolen. From there, the hacker can gain further entry into the system,
where they can get more access to information, or just reset data and change the access
information to penetrate the system further. This is closely linked to security management.
In centralized authentication systems, these violations are easier to detect and react to.
The text mentions a server based centralized authentication system called ACS/IAS, which
provides authentication services through the RADIUS and TACACS+ programs. CISCO also
band management seeks to provide a way to enable changes to a network outside the
traditional means of connectivity. Having such a system for an organizations network is critical if
there are sudden technical issues affecting the network and it is not possible to get on site to
address it.
This is linked to authentication and security issues, as this out of band management link
creates is own network security vulnerabilities. Any employee that had out of band management
privileges must have them revoked when they leave the department or organization, and access
talking to each other on a network, each looking for expected data to make a decision related to
a process, it is important for all devices to be using the same time system. If devices are making
decisions using different time systems, there may be significant time outs, as some devices will
stop waiting and look for data from another device related to another process. Data will get lost.
In some cases, network devices may retransmit a request for the same expected data,
forcing the sender to retransmit. If the receiving device does not keep its time window open long
enough for the sending device to be successful, both devices can send and retransmit to no
result. This will generate massive amounts of useless data on the network, slowing things down
Network Time Protocol is the protocol used to synchronize time in network management.
This protocol is based on the concept that each network has a device that is the authoritative
source of time for all of the networks devices. This authoritative source of time is then
referenced by other devices as the main source of network time that is to be used to carry out
operations.
Network time is measured in layers called stratums. The central time device is
measured at stratum zero. Devices that are connected to the stratum zero device are known as
stratum one devices. Devices connected to stratum one devices are known as stratum two
devices. This pattern goes all the way up to stratum fifteen. 3 Even if the network time is not in
synch with human time, as long as each device is referencing the same time source, the
network will continue to function well, albeit in its own time bubble.
If the stratum zero network device is accessed for management purposes, there may be
a distortion of time on a network. This could create time desynchronization between the network
that had its zero stratum device altered and surrounding networks, leading to the issues that
Indeed, this is a serious security vulnerability for all networks in general, where one
network thrown out of time synchronization can potentially affect the performance of
surrounding networks. An interesting idea to consider is a back up zero stratum timer, which
has enhanced protection, that can be reinserted back into the network with the correct time.
Perhaps a back up zero stratum device could be unconnected to the internet entirely while
continuing to connect time in isolation. This would make it impossible to access this device by
hacker intrusion, and be ready to be plugged into the network once the security breach has
been handled.