M12 Network Management Ch 12

Created by

Fernando Villareal

Cards (30)

Network Management 
Network management - process of operating, monitoring, and controlling a network to ensure it works as intended and provides value to users.
What Do Network Managers Do? 
Operational Tasks
What Do Network Managers Do?
Strategic Tasks: •Develop long-range network plans (includes voice comms) to meet organization’s policies and goals• Keep abreast of latest technological developments in computers, data communications devices, network software, telephone technologies, and the Internet• Assist senior management in understanding business implications of network decisions and the role of the network in business operations (budget planning)
Designing for Network Performance (Managed Networks)
•Managed devices• Switches, routers, APs, etc. with onboard computers• Automatic reporting of certain issues• Provide features of unmanaged device, as well as ability to configure, manage, and monitor device •More expensive initial investment for better device; saves money in management costs long term
Designing for Network Performance (Managed Networks) 
•Device management (point management) software◦ Allows manager to monitor performance and configuration of network devices; sometimes referred to as health & status• System management (enterprise management) software◦ Analyzes inter-device patterns as well as individual device info◦ Correlates data, may prevent or mitigate Alarm Storms• Application management software◦ Concentrates on mission-critical application layer packets. Network management and network security data often overlap
Network Management Software
Network Management Software
Network Management Standards 
•Simple network management protocol (SNMP)◦ Commonly used protocol for managing network devices◦ Very simplistic; limited ruleset (pollingrequests & traps)◦ SNMP Extensions often used: Microsoft SNMP, Net-SNMP◦ Network management software uses SNMP to communicate with software agents on managed devices◦ Data is stored in management information base (MIB)◦ Application layer protocol; typically uses UDP for transport◦ Device agents receive requests on port 161 (10161 TLS)◦ Manager receives traps on port 162 (10162 TLS). Vendor-specific, protocols Netflow - Cisco
Network Management Standards – SNMP
Managing Network Traffic – Load Balancing 
Load balancer (virtual server)
◦Spreads traffic to devices in server farm (or cluster)
Managing Network Traffic – Policy-Based Management 
•Traffic shaping◦ By protocol or application◦ Blocking or limiting similar to quality of service (QoS)◦ By source/destination◦ Limiting bandwidth for some users
Reducing Traffic 
•We can limit traffic enough to have an impact on network performance • Three tools◦ Capacity management (bandwidth limiting)◦ Content caching (store files close to you) Content delivery (store files close to request)
Managing Network Traffic – Capacity Management 
Capacity Management (bandwidth limiting)
•Typically target/limit specific endpoints/usersSets flat limit on traffic capacity at choke point
Managing Network Traffic – Content Caching 
Content Caching - storing external web data locally
•Often implemented as a web cache or proxy server
Managing Network Traffic – Content Delivery 
•Content delivery (or distribution) network (CDN)◦Provision web content, including streaming media, to distributed servers closer to requests◦Pioneered by Akamai
Configuration Management 
•Configuration management - managing the network’s hardware and software configuration, documenting it, and ensuring it is updated• Configuring Network and Clients◦ Adding and deleting user accounts◦Updating software on client computers ◦ Desktop Management (automated software delivery)◦ Desktop management interface (DMI 2.0) standardTypically set to update overnight
Configuration Management 
•Documenting Configuration◦ Network diagrams◦ Network components◦ Network software - important for licensing◦ User/application profiles. Automation preferred; software tools available:
•Solarwinds Network Configuration Manager• Puppet Enterprise (DevOps)
Network Configuration Diagram
Performance Management 
•Network Performance Management◦ Ensure network operates efficiently◦ Network monitoring is critical◦Health and status of network circuits and devices◦ Fault management◦ Most organizations use network management software (as discussed previously)◦ Examples: Solarwinds Network Performance Monitor, Ipswitch Whatsup Gold, OpenNMS (Open Source)
Performance Management 
•Many organizations with large, complex networks choose to use a network operations center (NOC) to monitor and fix problems. Size and layouts vary depending upon network size and complexity
•Workstations (often shared for shiftwork)• Data wall, manager pulpit
Failure Control and Service Management 
•Help desk (sometimes combined w/NOC)• Humans as network sensors• Problem tracking / fault management• Usually automated (ex: Remedy)• Trouble tickets - automated reports
Performance Management Statistics 
•Performance Statistics (from fault tracking software)• Availability/uptime - goal typically 99% or greater• Mean time between failures (MTBF)• Measure of equipment reliability• Mean time to repair (MTTR)Often specified in support contracts. MTTR =(Total time for repairs)/(Number of repairs performed)
Improving Performance 
•Quality control chart• Statistics over time to identify trends• Important to understand baseline performance
Performance Management 
•WAN and Internet connection usually outsourced◦ Contracts with Common Carrier and ISP◦ Service Level Agreements (SLAs) are standard◦ Specify availability, fault correction (MTBF, MTTR)◦ Compensation for failure ◦Important to track in addition to organic network(s)
End User Support 
•Solving the problems users encounter while using the network• Major sources of problems with user equipment◦ Hardware device failures, generally easiest to fix◦ Lack of user knowledge on proper operation, also easier to fix◦ Problems with software, software settings or software incompatibility, generally hardest to fix• Training is an ongoing responsibility of network manager.◦ Conducted through in-class, one-on-one instruction and online self-paced courses
Cost Management – Sources of Costs 
•Total cost of ownership (TCO) ◦A measure of direct and indirect costs to operate a device (e.g., computer) per year◦ Includes cost of: ◦Repairs and software/hardware upgrades◦ Support staff (maintain, install, administer, etc.)◦ Training and technical support◦ Time “wasted” by the user when problems occur◦ TCO of a Windows computer◦ Estimated to be $5,000 and $10,000 per computer per year◦ Largest component is lost time◦ Some alternative measures (e.g., NCO) only include direct costs◦ Estimated at $1,500 – $3,500 per computer per year
Network Management Personnel Costs 
•Largest costs are personnel, not hardware
Network Traffic versus Network Management Budgets 
•One of the most challenging areas of network management over the past few years has been cost management• Data traffic has been growing much more rapidly than has the network management budget
Reducing Costs 
•Develop standard hardware/software configurations for client computers, servers, and network devices• Automate as much of the network management process as possible• Reduce the cost of installing new hardware/software by working with vendors• Centralize help desksMove to thin client or cloud-based architectures
Implications for Cyber Security 
•Benefits of network management◦ Creates a baseline of “normal” activity, so when something unusual happens, it is more easily recognized and triggers an investigation.◦ May lead to widespread security awareness, both within the network management organization and the organization itself.• Tips◦ Ask employees to protect their passphrases. ◦Conduct routine audits of other system activity. • Read (optionally) about features of network management systems:◦ Five Things Your Network Management System Should Include (Abraham, Secure Edge Networks, 2017)