Let us consider a situation where you have decided to become something in life. You are at a crossroads, trying to decide what profession to enter, and you have before you the medical field, network management in information technology field, social sciences, and the engineering field. And here I am standing before you to show you why you have to make a profession in the information technology field and not any of the others. My work would therefore involve showing you what network management under information technology is. To do this, I will reveal that I am going to explain what a network is, what the devices are, its operations, its tools, and its techniques.
MCSE Training – Resources (Intense)
A network is made up of many heterogeneous (meaning different and diverse) infrastructure resources such as routers, bridges, hosts, terminal servers, modems, links, interfaces and end user devices such as phones, PCs, tablets, wearables, etc. Network management can be defined as the process of configuring, running, and maintaining network devices, servers and services, as well as continuous oversight and monitoring of the operation of all the devices connected to the network. The prompt identification and rectifying of system failure, performance monitoring and tuning are very important for the successfully functioning of a network.
Network management brings up the challenges of which devices will be managed, how to diagnose faults in the system and how to clear the faults identified. Network management solutions must therefore be able to scale well, manage a large number of devices without interfering with normal network operations, and must be able to operate under all conditions—even when the network is under stress.
In order to ensure optimal and secure management of network devices and services, it is necessary to plan the network’s architecture so that it provides the complete isolation of management traffic from production traffic. Another aspect of successful networks management is the thorough implementation of network protocols; they play important roles in the network traffic management.
Characteristics of a Robust Network Management Solution
Network management challenges are becoming more demanding and complicated every day and more sophisticated network management tools are being developed to counter them as well. Organizations should prioritize their network management needs and implement the solutions that meet these basic requirements exceptionally well. Some of the basic network management functions include:
The solution should be able to map out and logically assemble. in one panel, all critical network elements. such as servers, links, applications, and the entire network infrastructure, including switches, wireless routers, and load-balancers, among others.
The network management tools should be able to run virtually to monitor the network around the clock to detect potential network faults before they disrupt network operations by monitoring critical resources for availability, violations, server status (processing speed, available memory), service availability, system response times, etc.
c. Automatic Response:
Ability to send out notifications and alerts to the system admin and take automatic corrective actions by executing programmed scripts in that regard.
The solution should be able to generate periodic and on-demand reports on past network activities, amount of data utilized, the percentage of free disk space, and so on.
Network Management Protocols
There are the two major protocols of network management. They are internet control message protocol (ICMP), and simple network management protocol (SNMP).
a. Internet Control Message Protocol (ICMP)
ICMP generates a low-level request and response to ensure continual connectivity between two network devices. ICMP is a control protocol; hence it does not transmit application data, but rather information about the network status. ICMP is mainly used to send error messages. There are currently many network utilities based on ICMP messages that can detect errors in the communications of network applications in an environment, availability of remote servers, latency, and network congestion.
ICMP pings are request packets used to tests the status or availability of a device or server on a network. The ICPM then measures the ping’s round-trip time for messages sent between the originating host and the destination. A ping is lightweight with small packets, very flexible, and makes little interference on the network operations.
b. Simple Network Management Protocol (SNMP)
SNMP bestows the a network management system (NMS) with the ability to gather simple and well structured data from virtually any kind of device on the network. The SNMP protocol is mainly used to check the status of remote hosts. Most network devices are SNMP-compliant so, if a change occurs on a remote device, the device itself will generate an SNMP trap message defining the change and send it to the NMS server.
A SNMP trap enables a network device to alert/notify the network management system (NMS) about changes in the system through an SNMP message. SNMP traps are initiated by a device on its own while SNMP queries are initiated by the NMS. Devices send out SNMP trap messages through a one-way UDP port 162.
This is currently the most widely used version of the SNMP protocol. It sends out trap authentication messages using a community string that is sent through the network as clear text. SNMP v2c may be used if the network is secured from attacks because, if the message is waylaid by a malicious sniffing application, it could easily discover the community string and hamper the proper operation of the network. SNMP v2c is only recommended if the network or does not support SNMP v3. In that instance, additional security measures such as use of updated anti-virus program or firewall should be introduced to secure the packets being sent out.
The need for security within the network necessitated the introduction of SNMP v3. SNMP v3 is fortified with a hoard of important security features, such as message integrity, which prevents packets from being altered during transfer; authentication that the message came from the right sources; packet encryption, which prevents unauthorized applications from reading the messages; etc. Consequently, the NMS server must know the username, password, and ID configured on the remote device in order to be able to decrypt the SNMP v3 trap packets received.
Network Management System Implementation
Network management can be implemented using the following bands:
a. In-Band Management:
This involves the simultaneous use of interfaces and network equipment for production data activity traffic and data and activity management purposes. The major advantage of in-band management is that it does not require additional network equipment to operate. However, both management data and users’ data are processed through the same infrastructure, hence could have security implications. Also, in event of network congestion, the processing power of the devices would be drained faster, making it hard and slow for critical network devices to be accessed.
b. Out-of-Band management (OOBM):
This involves the use of a separate network infrastructure and a separate interface that are different from the network devices used for production traffic, for network management purposes. The physically separate infrastructure ensures the provision of more security for sensitive management traffic information and ensures that access to critical network devices is not impeded by a service outage or network congestion. A separate network infrastructure, however, involves additional expenses to procure required additional equipment and it also requires extensive manual administrative input.
In order to promote effective network administration, management and security, it is recommended that the entire network setup be divided into various segments. This can be done through partitioning the network and creating VLANs for each group. VLANs can be created in the following order:
a. Management VLAN:
This is a VLAN that is created chiefly for management traffic only in order to enhance security.
b. Enterprise VLAN:
A VLAN meant only for enterprise servers only, e.g., web server, DNS server, proxy server, e-mail server, etc.
c. Workgroup VLAN:
This is set aside for workgroup servers only, e.g., application servers, database servers, storage servers, etc.
d. ADMIN VLAN:
This is or administrator use only.
e. USERS VLAN:
This VLAN is meant for normal users who may be service subscribers or staff who do not have admin or management privileges.
Network Devices Configuring and Communication Protocols
These are the various protocols available for system configuration and recommendations for use with different types of devices.
Telnet protocol is supported by most devices and is widely used in the industry, as it is one of the oldest protocols available. It is mostly used to access the system’s command line interface. Telnet can be used both for both data transfer and management communication protocol. It does not support data encryption, hence it is only used for clear text. Its lack of encryption mechanism means telnetting is not secure for use in today’s threat-laden networking environment.
b. Secure Shell (SSH):
It comes with a data encryption mechanisms, so it is recommended for communication between the client and the servers. SSH performs the same functions of telnet but it has lots more functionalities, such as creation of VPN connections, remote directory mounting, port forwarding or tunneling, secured file transfer, single line command execution, web browsing through SOCKS protocol, etc.
c. Remote Desktop Protocol:
RDP is mainly used for graphic administrative connections to server desktops. It works by streaming data across the network to communicate with clients. As a result, it may require constant statistics monitoring to ensure a required command is executed.
d. Windows Management Protocols:
Standards protocols such as internet control message protocol (ICMP) and simple network management protocol (SNMP) are deemed insufficient for Microsoft Windows systems monitoring and management, hence Microsoft created additional protocols meant for use only on Windows systems. WMPs rely on other applications and standard protocols for packet routing and switching support. They are mainly used to manage web servers, mail servers, DNS servers, etc.
e. NetFlow Protocol:
NetFlow protocol was developed by Cisco Systems for monitoring and generating network statistics. It has various versions and its variants are also produced by other vendors under various names. When NetFlow protocol is started on a system, it begins to gather the statistics of all the traffic passing through that device. The information is then periodically exported to the administrator’s system to process the data according to the set objectives. The results of the analysis are presented in graphs and tables for easy interpretation.
f. System Logger (SysLog) Protocol:
The SysLog protocol is used for gathering error messages, warning messages, and other system events on network devices, thus enabling easier detection of problems and their solutions automatically or through manual troubleshooting. The main disadvantage of SysLog is that it does not process confirmation mechanisms; hence, when data is sent through it, it does not provide a delivery report.
g. Remote Frame Buffering (RFB) Protocol:
This is similar to remote desktop protocol except it is used more for virtual network computing to provide web access to various devices. Some variants of RBF do not support data encryption and so have to be complemented with HTTPS to provide encrypt data during transfer.
Selecting a Network Management System
Users have the choice of choosing from a wide range of network management systems. Some are free and open source while others are expensive licensed applications. Striking a balance between various features, compatibility, pros and cons, and expenses related to each application can be quite challenging. Below are some important considerations that can help users evaluate and select an appropriate network management system.
a. Simple Interface:
The management interface should be easy to understand and easy to deploy, and its reports should be easy to interpret and easily customizable.
b. Proactive Network Monitoring:
The network management system should be able to predict network failures in advance so that they can be prevented. A good network management tool should help in monitoring the status of critical devices and alert the administrator if operating conditions deteriorate. It should have the ability to continually collect and monitor traffic in real time, pinpoint network issues, and take proactive measures to avert network outage.
c. Network Discovery:
The network management system should be able to identify and discover all the devices hooked to the network and map their connections and also recognize new devices as they are connected to the network.
d. Heterogeneous Support:
It is virtually impossible to find a network that is homogenous, i.e., all network components and programs are manufactured by same vendor. The networking environment is often littered with devices from multiple vendors. Although most vendors offer software utility or programs that support their devices, they do not support devices from other electronic device manufacturers. The NMS must be able to support devices from multiple vendors.
e. Alerts & Notifications:
Network alerts are a prerequisite for any modern network management tool. They should alert the administrator whenever critical emergencies crop up in the network. Also, it should be possible to send data to programmed destinations and notify the receiver.
Network administrators and users are often required to provide periodic reports on the performance of the network. Therefore, the network management system should be able to generate custom reports automatically or as required. Reports also help the network administrator to identify certain network trends.
g. Extension Capabilities:
It should be possible to add devices to the network if service expansion is required. Also, some parts of the network infrastructure such as storage, servers, and routers should be capable of being separated and automated to create a virtual network. The network management system should be able to monitor all segments of the network and take on additional devices without being overwhelmed
h. Ability To Execute Remedial Scripts:
If there is a problem in the network, the NMS should be able to execute programmed scripts to remediate the problem on its own. This helps to reduce downtime and save on personnel cost, as there will be little need for the network administrator to perform lengthy troubleshoots in attempts to fix network problems every time they crop up.
Brad Hale: Network Management – Back to the Basics- http://solarwinds.com
Cisco Systems; Introduction to Network Management; Networkers 2004.
Cost Effective Network Management for Today’s SMEs. A Manage Engine White Paper www.manageengine.com
Ericsson AB: Simple Network Management Protocol (SNMP); June 23, 2015.
Esad Saitovic & Ivan Ivanovic; Network Monitoring and Management; AMRES Led Working Group On Network Monitoring (AMRES BPD 101); February 2011.
IEEE Network magazine; Network Management.