Keeping Tabs on Your Network
Download
Report
Transcript Keeping Tabs on Your Network
Keeping Tabs on
Your Network
First, a Horror Story
Types of Management Tools
What is SNMP?
Dartmouth’s Net Management
Rich Brown
Dartware, LLC
20 May 2005
InterMapper demo
Questions
A Horror Story
What happened…
How could it have been prevented?
What is Network Management?
A set of tools that:
– Help you know what’s happening in your net
– Help you administer your network
– Make you look good with your customers...
– By actually doing a good job
Network Management System
E-mail, Pagers
& Sounds
Servers
Routers &
Switches
Web Pages/
Remote Views
Wireless gear
Environmental
Sensors
Power Systems
Monitoring
System
Strip Charts
Diagram of the
network
Log Files
Types of Management Tools
Fault Management
Configuration Management
Security Management
Performance Management
Accounting Management
Asset Management
Planning Management
Content Management
What is SNMP?
SNMP is a protocol (set of rules) for conveying
management or status information from devices
such as servers, workstations, routers, switches,
radios and other gear to a management station.
Two ways to get data from a device
– Management station “pulls” data from a device
being tested (the SNMP Agent)
– Agent “pushes” a trap to the management station
The data values are defined by a MIB
What’s a MIB?
“Management Information Base”
MIB defines the kinds of data a device tracks
MIBs for various devices
– Router or Switch: traffic (packet & byte counts) & error
counts (receive, transmit, discards, etc)
– Web Server MIB shows pages served, 404s, 401s, etc.
– Mail Server MIB shows messages processed, queue lengths
– Environmental sensors: temperatures, switch closures, water
on floor, door alarm, others
– Typical Radio MIB: RSL, BER, number of subscribers,
bandwidth, inside/outside temperature, etc.
What’s an OID?
“Object Identifier”
The “name” of the variable
Always starts with 1.3.6.1…
– 1.3.6.1.2.1… for standardized MIBs
– 1.3.6.1.4.1… for vendor specific MIBs
Four Basic SNMP Operations
– Get
Retrieves the value of a MIB variable stored on the agent
machine (gauge, counter, string, or address of another
MIB variable)
– GetNext
Retrieves the value of the “next” MIB variable
– Set
Changes the value of a MIB variable
– Trap
An unsolicited notification sent by an agent to a
management application (typically a notification of
something unexpected, like an error)
Traps
Traps are unsolicited reports that are sent to a
management system by an SNMP agent process
When an interesting event occurs, an agent
generates a trap message and sends it to a
designated network address
Many events can be configured to signal a trap,
like a network cable fault, failing NNIC of hard
drive, a general protection fault, or a power
supply failure
Ports & UDP
SNMP uses User Datagram Protocol (UDP)
as the transport mechanism for SNMP
messages
Like FTP, SNMP uses two well-known
ports to operate:
– UDP Port 161 SNMP Get/Set Messages
– UDP Port 162 SNMP Trap Messages
Advantages of using SNMP
Standardized
Widely supported by many vendors
Distributed management access
Lightweight protocol
SNMP Management Solutions
Open Source
– Nagios, Big Brother, MRTG, perl scripts
Commercial SMB
– InterMapper, WhatsUp Gold, IPMonitor
Commercial Enterprise
– OpenView, Tivoli, Unicenter, BMC Patrol
Dartmouth’s Net Management
A variety of tools...
– InterMapper
– Aruba wireless monitoring tools
– Spam filtering
– NAT for entire campus
InterMapper Demo
InterMapper is a fault management tool
Monitors network equipment and servers
24x7 to alert the manager about troubles
Some performance management tools
Get a demo from
http://www.intermapper.com
Questions
Ask now, or e-mail me
– [email protected]
Thanks!
Bonus Slides
These slides didn’t fit into the
presentation, but we kept them for your
information...
Why is it Important?
To give Good Service and be professional
A management system helps you to:
–
–
–
–
Know about problems before the phone rings
Know how your network’s configured—documentation
Know how your network is operating
Know about network limits before you hit the wall
You can start small
– Fault and Performance Management are critical
– Implement other tools as your network grows
Types of Network Management
Fault Management: Reactive and proactive network fault
management
Performance Management: Number of packets dropped, timeouts,
collisions, CRC errors, response times
Configuration Management: Inventory, configuration,
provisioning
Planning Management: Analysis of trends to help justify a network
upgrade or a bandwidth increase
Security Management: SNMP doesn't provide much here
Accounting Management: Cost management and chargeback
assessment
Asset Management: Statistics of equipment, facility and
administration personnel
Benefits of using SNMP
Vendor Neutral Tools for Monitoring
Universal Support
Monitor lots of interesting information
Client Pull & Server Push
SNMP is a client “pull” model
– The management system (client) “pulls”
data from the agent (server)
SNMP also provides “server push” model
– The agent (server) “pushes” out a trap
message to a (client) management system
Fault Management
Discover that a problem exists
Notify the responsible parties
Isolate the problem; show what is working
Possibly fix the problem
Configuration Management
Configure critical devices consistently
– e.g. R outers and Servers
Take inventory of important software on
workstations
Update computers automatically
Security Management
Controlling access to information on the
network
Setting up accounts; testing passwords
Firewalls & Intrusion Detection Systems
Performance Management
Collecting and analyzing data about use
Setting thresholds for alarms
Simulating alternatives to find maximum
performance
Study trends and make predictions
Accounting Management
Tracking individual or group use of
network resources
Billing for use
Controlling use of network
Stand-alone vs. Platform
Stand-alone programs solve specific
problems; can be well-targeted and
inexpensive; usually are easy to set up;
but often duplicate notification, logging,
databases, etc.
Platforms provide base services plus
plug-in modules; unified notifications,
logging, databases; but can be very
expensive to buy and hard to set up
Which ones do I need?
Everyone needs security management tools:
at least a firewall and access control
– This will become true at your home when you
get cable modem or DSL service
Fault management tools give timely warnings
For the other tools, it depends…