Keeping Tabs on Your Network

Download Report

Transcript Keeping Tabs on Your Network 

Keeping Tabs on
Your Network
First, a Horror Story
Types of Management Tools
What is SNMP?
Dartmouth’s Net Management
Rich Brown
Dartware, LLC
20 May 2005
InterMapper demo
Questions
A Horror Story

What happened…

How could it have been prevented?
What is Network Management?

A set of tools that:
– Help you know what’s happening in your net
– Help you administer your network
– Make you look good with your customers...
– By actually doing a good job
Network Management System
E-mail, Pagers
& Sounds
Servers
Routers &
Switches
Web Pages/
Remote Views
Wireless gear
Environmental
Sensors
Power Systems
Monitoring
System
Strip Charts
Diagram of the
network
Log Files
Types of Management Tools








Fault Management
Configuration Management
Security Management
Performance Management
Accounting Management
Asset Management
Planning Management
Content Management
What is SNMP?



SNMP is a protocol (set of rules) for conveying
management or status information from devices
such as servers, workstations, routers, switches,
radios and other gear to a management station.
Two ways to get data from a device
– Management station “pulls” data from a device
being tested (the SNMP Agent)
– Agent “pushes” a trap to the management station
The data values are defined by a MIB
What’s a MIB?



“Management Information Base”
MIB defines the kinds of data a device tracks
MIBs for various devices
– Router or Switch: traffic (packet & byte counts) & error
counts (receive, transmit, discards, etc)
– Web Server MIB shows pages served, 404s, 401s, etc.
– Mail Server MIB shows messages processed, queue lengths
– Environmental sensors: temperatures, switch closures, water
on floor, door alarm, others
– Typical Radio MIB: RSL, BER, number of subscribers,
bandwidth, inside/outside temperature, etc.
What’s an OID?
“Object Identifier”
 The “name” of the variable
 Always starts with 1.3.6.1…
– 1.3.6.1.2.1… for standardized MIBs
– 1.3.6.1.4.1… for vendor specific MIBs

Four Basic SNMP Operations
– Get
 Retrieves the value of a MIB variable stored on the agent
machine (gauge, counter, string, or address of another
MIB variable)
– GetNext
 Retrieves the value of the “next” MIB variable
– Set
 Changes the value of a MIB variable
– Trap
 An unsolicited notification sent by an agent to a
management application (typically a notification of
something unexpected, like an error)
Traps

Traps are unsolicited reports that are sent to a
management system by an SNMP agent process

When an interesting event occurs, an agent
generates a trap message and sends it to a
designated network address

Many events can be configured to signal a trap,
like a network cable fault, failing NNIC of hard
drive, a general protection fault, or a power
supply failure
Ports & UDP

SNMP uses User Datagram Protocol (UDP)
as the transport mechanism for SNMP
messages
 Like FTP, SNMP uses two well-known
ports to operate:
– UDP Port 161 SNMP Get/Set Messages
– UDP Port 162 SNMP Trap Messages
Advantages of using SNMP

Standardized
 Widely supported by many vendors
 Distributed management access
 Lightweight protocol
SNMP Management Solutions

Open Source
– Nagios, Big Brother, MRTG, perl scripts
 Commercial SMB
– InterMapper, WhatsUp Gold, IPMonitor
 Commercial Enterprise
– OpenView, Tivoli, Unicenter, BMC Patrol
Dartmouth’s Net Management

A variety of tools...
– InterMapper
– Aruba wireless monitoring tools
– Spam filtering
– NAT for entire campus
InterMapper Demo

InterMapper is a fault management tool
 Monitors network equipment and servers
24x7 to alert the manager about troubles
 Some performance management tools
 Get a demo from
http://www.intermapper.com
Questions

Ask now, or e-mail me
– [email protected]
Thanks!
Bonus Slides

These slides didn’t fit into the
presentation, but we kept them for your
information...
Why is it Important?


To give Good Service and be professional
A management system helps you to:
–
–
–
–

Know about problems before the phone rings
Know how your network’s configured—documentation
Know how your network is operating
Know about network limits before you hit the wall
You can start small
– Fault and Performance Management are critical
– Implement other tools as your network grows
Types of Network Management







Fault Management: Reactive and proactive network fault
management
Performance Management: Number of packets dropped, timeouts,
collisions, CRC errors, response times
Configuration Management: Inventory, configuration,
provisioning
Planning Management: Analysis of trends to help justify a network
upgrade or a bandwidth increase
Security Management: SNMP doesn't provide much here
Accounting Management: Cost management and chargeback
assessment
Asset Management: Statistics of equipment, facility and
administration personnel
Benefits of using SNMP

Vendor Neutral Tools for Monitoring
 Universal Support
 Monitor lots of interesting information
Client Pull & Server Push
SNMP is a client “pull” model
– The management system (client) “pulls”
data from the agent (server)
 SNMP also provides “server push” model
– The agent (server) “pushes” out a trap
message to a (client) management system

Fault Management

Discover that a problem exists
 Notify the responsible parties
 Isolate the problem; show what is working
 Possibly fix the problem
Configuration Management

Configure critical devices consistently
– e.g. R outers and Servers
 Take inventory of important software on
workstations
 Update computers automatically
Security Management

Controlling access to information on the
network
 Setting up accounts; testing passwords
 Firewalls & Intrusion Detection Systems
Performance Management

Collecting and analyzing data about use
 Setting thresholds for alarms
 Simulating alternatives to find maximum
performance
 Study trends and make predictions
Accounting Management

Tracking individual or group use of
network resources
 Billing for use
 Controlling use of network
Stand-alone vs. Platform

Stand-alone programs solve specific
problems; can be well-targeted and
inexpensive; usually are easy to set up;
but often duplicate notification, logging,
databases, etc.
 Platforms provide base services plus
plug-in modules; unified notifications,
logging, databases; but can be very
expensive to buy and hard to set up
Which ones do I need?

Everyone needs security management tools:
at least a firewall and access control
– This will become true at your home when you
get cable modem or DSL service
 Fault management tools give timely warnings
 For the other tools, it depends…