Network Management Imagine yourself as a network administrator, responsible for a 2000 user network. This network reaches from California to New York, and some branches over seas. In this situation, anything can, and usually does go wrong, but it would be your job as a system administrator to resolve the problem with it arises as quickly as possible. The last thing you would want is for your boss to call you up, asking why you havent done anything to fix the 2 major systems that have been down for several hours. How do you explain to him that you didnt even know about it? Would you even want to tell him that? So now, picture yourself in the same situation, only this time, you were using a network monitoring program.
Sitting in front of a large screen displaying a map of the world, leaning back gently in your chair. A gentle warning tone sounds, and looking at your display, you see that California is now glowing a soft red in color, in place of the green glow just moments before. You select the state of California, and it zooms in for a closer look. You see a network diagram overview of all the computers your company has within California. Two systems are flashing, with an X on top of them indicating that they are experiencing problems. Tagging the two systems, you press enter, and with a flash, the screen displays all the statitics of the two systems, including anything they might have in common causing the problem. Seeing that both systems are linked to the same card of a network switch, you pick up the phone and give that branch office a call, notifying them not only that they have a problem, but how to fix it as well.
Early in the days of computers, a central computer (called a mainframe) was connected to a bunch of dumb terminals using a standard copper wire. Not much thought was put into how this was done because there was only one way to do it: they were either connected, or they werent. Figure 1 shows a diagram of these early systems. If something went wrong with this type of system, it was fairly easy to troubleshoot, the blame almost always fell on the mainframe system. Shortly after the introduction of Personal Computers (PC), came Local Area Networks (LANS), forever changing the way in which we look at networked systems.
LANS originally consisted of just PCs connected into groups of computers, but soon after, there came a need to connect those individual LANS together forming what is known as a Wide Area Network, or WAN, the result was a complex connection of computers joined together using various types of interfaces and protocols. Figure 2 shows a modern day WAN. Last year, a survey of Fortune 500 companies showed that 15% of their total computer budget, 1.6 Million dollars, was spent on network management (Rose, 115). Because of this, much attention has focused on two families of network management protocols: The Simple Network Management Protocol (SNMP), which comes from a de facto standards based background of TCP/IP communication, and the Common Management Information Protocol (CMIP), which derives from a de jure standards-based background associated with the Open Systems Interconnection (OSI) (Fisher, 183). In this report I will cover advantages and disadvantages of both Common Management Information Protocol (CMIP) and Simple Network Management Protocol (SNMP)., as well as discuss a new protocol for the future.
I will also give some good reasons supporting why I believe that SNMP is a protocol that all network administrators should use. SNMP is a protocol that enables a management station to configure, monitor, and receive trap (alarm) messages from network devices. (Feit, 12). It is formally specified in a series of related Request for Comment (RFC) documents, listed here. RFC 1089 – SNMP over Ethernet RFC 1140 – IAB Official Protocol Standards RFC 1147 – Tools for Monitoring and Debugging TCP/IP Internets and Interconnected Devices [superceded by RFC 1470] RFC 1155 – Structure and Identification of Management Information for TCP/IP based internets. RFC 1156 – Management Information Base Network Management of TCP/IP based internets RFC 1157 – A Simple Network Management Protocol RFC 1158 – Management Information Base Network Management of TCP/IP based internets: MIB-II RFC 1161 – SNMP over OSI RFC 1212 – Concise MIB Definitions RFC 1213 – Management Information Base for Network Management of TCP/IP-based internets: MIB-II RFC 1215 – A Convention for Defining Traps for use with the SNMP RFC 1298 – SNMP over IPX (SNMP, Part 1 of 2, I.1.) The first protocol developed was the Simple Network Management Protocol (SNMP). It was commonly considered to be a quickly designed”band-aid” solution to internetwork management difficulties while other, larger and better protocols were being designed. (Miller, 46).
However, no better choice became available, and SNMP soon became the network management protocol of choice. It works very simply (as the name suggests): it exchanges network packets through messages (known as protocol data units (PDU)). The PDU contains variables that have both titles and values. There are five types of PDUs which SNMP uses to monitor a network: two deal with reading terminal data, two with setting terminal data, and one called the trap, used for monitoring network events, such as terminal start-ups or shut-downs. By far the largest advantage of SNMP over CMIP is that its design is simple, so it is as easy to use on a small network as well as on a large one, with ease of setup, and lack of stress on system resources.
Also, the simple design makes it simple for the user to program system variables that they would like to monitor. Another major advantage to SNMP is that is in wide use today around the world. Because of its development during a time when no other protocol of this type existed, it became very popular, and is a built in protocol supported by most major vendors of networking hardware, such as hubs, bridges, and routers, as well as majoring operating systems. It has even been put to use inside the Coca-Cola machines at Stanford University, in Palo Alto, California (Borsook, 48). Because of SNMPs smaller size, it has even been implemented in such devices as toasters, compact disc players, and battery-operated barking dogs.
In the 1990 Interop show, John Romkey, vice president of engineering for Epilogue, demonstrated that through an SNMP program running on a PC, you could control a standard toaster through a network (Miller, 57). SNMP is by no means a perfect network manager. But because of its simple design, these flaws can be fixed. The first problem realized by most companies is that there are some rather large security problems related with SNMP. Any decent hacker can easily access SNMP information, giving them any information about the network, and also the ability to potentially shut down systems on the network.
The latest version of SNMP, called SNMPv2, has added some security measures that were left out of SNMP, to combat the 3 largest problems plaguing SNMP: Privacy of Data (to prevent intruders from gaining access to information carried along the network), authentication (to prevent intruders from sending false data across the network), and access control (which restricts access of particular variables to certain users, thus removing the possibility of a user accidentally crashing the n …