You are on page 1of 17

Content

Introduction.........................................................................................................................................1
1.1 Background ..........................................................................................................................2
1.2 Network requirement............................................................................................................2
1.3 Topology diagram ................................................................................................................3
1.4 Network Capacity..................................................................................................................7
Performance management...................................................................................................................7
4. Configuration management...........................................................................................................10
5. Fault management.........................................................................................................................12
Security management........................................................................................................................13
7. Conclusion.....................................................................................................................................15
Reference...........................................................................................................................................17

Introduction
1.1 Background

ABC Net is an Internet service provider with headquarter in Sydney and regional ones in other

capital cities of Australia, supplying their customers with Internet access by different means. ABC

network is designed as a hub and spoke topology having five regional branches connecting to the

backbone office for different significant services such as WEB and DNS hosting.

Inside the main office and each regional one, there are four major blocks and a multiport firewall

connected to each block to provide a desired level of overall security. The first block at main

office is a Lan, using Fast Ethernet network plus wireless access point throughout the building,

making authorized users using mobile electronic equipments access to ABC network available

whereas only wired Fast Ethernet is used in regional branches. The second block of ABC network

is a subnet composed of database servers and billing servers. Due to the confidential information

stored in them, LDAP (Light Weight Directory Access Protocol) is used to authenticate the clients

who intend to connect to the network and a high performance firewall is situated at the front of

these subnets to provide security requirement. The third block of the network consists of publicly

servers that get outside connections to perform separate operation. Because of the access to

outside world, they are mostly vulnerable and the corporate firewall only confirm the traffic going

through the known ports of the machines to prevent from malicious hackers. The last block

provides remote access to clients. Users who have registered an account from ABC can use the

access to surfing the internet but they have to take charge of their private security issues.

1.2 Network requirement

According to the requirement, ABC NET requires a high-level reliability of the connection from

Headquarter to remote branches, and knowing utilization and availability of the remote-site

routers. Using the network management protocol, SNMP, method to collect and analysis the data

from the network is presented on fault management, performance management, configuration

management and security management.

2
In Headquarter and each branch, Cisco Device Manager is used to configure and to monitor the

status of routers and switches. This software is a web-based software and can be accessed from

anywhere in you network through a web browser. Furthermore, SNMP monitor is utilized to

manage any wireless laptop in the Lan of the headquarter. It is a simple SNMP discovery tool

discovering SNMP-supported devices within a defined IP address range in the network and the

system descriptor and system object ID of each one. Figure1.2.1 is the SNMP tool.

Figure 1.2.1

Our challenge is to design the management solution for ABC Net and define its operation for 3

tasks: a) utilization of the WAN from each site, b) utilization of the WAN routers themselves, c)

the availability of the routers at each location.

1.3 Topology diagram

According to the requirement of this case study, we have to draw two topology diagrams of the

ABC management network, both for the HQ and regional offices. Because all the regional offices

have the same topology diagram, so we draw one regional office, it can represent all the others.

Based on the information, we are required to present logical and connectivity for the local area

network. Figure 1.3.1 is the ABC Net ISP topology.

3
Figure 1.3.1

We are not familiar with any tool to draw a topology diagram, so we choose the packet tracer as

our choice, it may be not very good looking, however, we will make sure it can be clearly and

easily to understand. According to the original network topology, a modified network topology is

provided to maximize the performance and reliability requirement. Figure 1.3.2 is the

headquarter's topology diagram.

Figure 1.3.2

4
From the modified network topology, the connection between regional branches and headquarter

has been doubled. Because regional areas have to rely on headquarter to communicate with the

outside work and to provide some specific services for customers, high-level reliability of linking

is critical for regional branches. Besides the original connection between regional areas and

headquarter, a backup link is established in the case of a failure of the primary link. Primary link

and backup link can be provided by different ISP or NSP to assure the availability and reliability.

Inside the headquarter network, redundancy is enabled between routers connecting to remote

offices and core-switches.

Figure 1.3.3 is the local area network of HQ.

Figure 1.3.3

Local area network of ABC provides networking connection for different department inside

headquarter building and wireless connection for authorized mobile users. Each department is

subnet into different Vlans, allowing staff of the same department in different level of ABC

building to communicate with each other successfully as they were in the same working area.

Switch trunking and router subinterfaces are configured to enable different Vlan communication

and hence it enhances the security of sensitive information of different department from others. As

the number of staff inside the ABC headquarter building is relatively large, the linking between

switches are doubled to increase the bandwidth to provide adequate speed.

5
Figure 1.3.4 is Regional offices network (Canberra)

Figure 1.3.4

In regional office, ABC Net provides direct services to the clients and contains a little fragment of

access servers to decrease the traffic flow between regional offices and headquarter. In order to

supply security function, a firewall is used to secure the traffic from different portion of the

network to the destination and prevent any other unauthorized or corrupted information flow. For

availability and reliability, primary link and backup link are use to connect routers to switches.

Figure 1.3.5 is the Local area network for regional offices

6
Figure 1.3.5

Local area network only provides fast Ethernet Lan for staff in different department for

communication.

1.4 Network Capacity


Network capacity is one of the most important issues in network management. Its primary goal is

to ensure that the network can meet the current needs and the future requirements to perform a

most effective manner. In this case study, we are required to make the DS3 links with a capacity

of 44.736 Mbps. These are provided by NSP. The solution of the double size of the Melbourne

and Adelaide will be discussed in the performance management.

Performance management

Performance management is a process to make sure that network is accessible to end users and

network traffic are going through the media to its destination in no congestion environment. It

requires getting data of utilization from the current network, and analyzing the data to understand

the status of utilization of devices, setting thresholds for the network and making use of simulation

to predict future trend and to improve the performance (Leinwand & Conroy 2000, p. 104).

7
For ABC Net, regional branches are connected to headquarter using DS3 wan link. In regional

offices, a single 24 port manageable Ethernet switch connected to regional router is nearly 75%

utilized with end devices. GetIf, a tool allowing to collect and graph interface information from

SNMP-supported devices, and Cisco device manager, a web-based software to configure and

manage Cisco devices, are used to monitor the volume of traffic flow and to monitor the

utilization of CPU and ram of the Cisco networking devices. Figure 3.1 is tool of Getif. Figure 3.2

is Cisco device manager.

Figure 3.1

8
Figure 3.2

Data is recorded by Getif automatically in a format that easy to deal with. Having got the network

data from the past 12 months, network administrator can produce a general conclusion of the

traffic flow and of networking resources utilization and predict the traffic trend incoming and

outgoing the specific interface. If the utilization of the routers are getting higher and higher or the

data flow is large in a certain time, regional network administrator should report this situation to

the administrator in headquarter to take appropriate action, such as providing more bandwidth or

replacing a more powerful networking device to maximize the network performance. Switches in

regional branches are about 75% populate with end user devices, thresholds are set to 80%

utilization for bandwidth of DS3 link connecting to headquarter and 85% resources utilization of

networking devices, such as routers and switches. Inside each regional office, access server

collects the real-time data of the number of registered users connecting to a specific router for

services according to the information stored in protected servers before.

The headquarter, as the central point and is responsible for the operation of the whole ABC Net,

thresholds of utilization of networking device, such as routers connecting to remote sites, are set to

9
70% in order to keep track of the status of the network. When thresholds set in regional areas are

crossed, emails are sent to predefined mail box to notify the network administrator about the

event. Network administrator also periodically checks the operation of routers and interfaces using

different tool, such as command ping, traceroute. If there is a failure or the result is different from

previous test, network administrator must solve the problem step by step.

For networking devices in headquarter, consideration must be took significantly as any informal

events happening or unusual traffic flow existing could compromise the whole ABC Net operation

and even bring down ABC Net. If there is an unusual event happens in regional area, such as

customers report that the speed is slow, network administrator should use Cisco device manager to

check the current situation of the devices and bandwidth utilization. If the problem cannot be fixed

up in a short time, network administrator should isolate the problem in specific branches, not

allowing it to influence the rest of the network. In future, network sizes of Melbourne and

Adelaide are planned to double. Based on current situation, a faster link, for example, a capacity

of 89.5Mbps ,double size of the original one, must be employed to connect these two region sites

to headquarter, more powerful routers are considered to be selected to handle more network traffic

and Catalyst 4500 switches may be used to replace the existing ones to provide high port densities

and give more flexibilities.

4. Configuration management

Configuration management is to obtain data from the data network, use the data to manage the

installation of networking devices, store the data in a formal format and produce related reports

about that. A tool named SNMPC is used to discover the network devices within the network,

which gives network administrator a whole view of the network topology. Network administrator

uses this tool to check the network topology periodically. If there is a change of the topology or

there is a failure to find out a specific device, network administrator must pay attention to this and

take appropriate action.

10
Figure 4.1 is a screenshot of SNMPc

Figure 4.1

For ABC Net, in regional areas, all the configuration information of the network device within

that area is stored inside the regional protected servers. For the security and availability of the

configuration file, a backup is also stored in the protected servers in headquarter. All the

configuration files are kept securely with authorized access only. In regional offices, network

administrator periodically checks the running configuration file against the stored configuration

file in server. Basically, configuration is seldom changed. But if a change happens, network

administrator should use the tool to identify the position of the change of the configuration file

and find out who has done this, whether another network administrator did in some time before or

a hacker deliberately accesses the device and modifies it. After finding out the problem, network

administrator should decide whether or how to restore the configuration as expected. During this

process, Cisco device manager can also be used.

11
5. Fault management

In network management, fault management is an important part which can locate and correct

network fault. In this respect, the network manager can use network tools to maintain the

reliability and availability of a network. In fault management, there are three main processes.

1. Identify the fault

2. Isolate the cause of the fault

3. Correct the fault, if possible

In this case study, we should detect where the fault occurs first. In order to finish this process, we

need to gather information of the network state. There are two methods to gather network status

data; they are critical network events report and occasional polling of network devices. Based on

this case, we decide to use the critical network events report method which can gather information

of network device. By using this method, we can identify where the network fault occurs

immediately. For instance, if there are two access routers fail, due to our fault management

system, the network manager will receive a failure report when the failure occurs and the system

will log this report as an alert, then the network manager can locate these two failing routers in

time.

After the network manager locates the fault, the cause of fault can be isolated; this is the second

step of fault management. Normally, there are four activities in fault cause identification:

filtration, correlation, interpretation and diagnosis. In our case study, after the first step, we

already locate these two failed routers, one is in Brisbane and the other is in Perth. We make the

Perth router as an example to illustrate the isolation process. When the network manager receives

the critical network event report, the manager should analyse the report to identify what kind the

fault is. We assume that the cause of fault is link down. Then the manager has to identify which

12
link has to be fixed. Firstly, the manager will test the Redundant_3 switch by fault management

tool. If this switch is working, then test the edge router which connects to Redundant_3 switch and

Perth network. If there is a route between Redundant_3 switch and Perth edge router in the edge

router’s routing table. The network manager will configure the interface which connects to Perth

network as a loopback interface to check the physical layer. If the test success, the manager will

alert user that the remote device is down, which cause this network fault, if not, the manager will

alert user that the physical layer failure is the cause of this network fault.

Finally, when the network manager identifies the reason of the network fault, the manager can

correct the issue to maintain the availability of the network. We assume that the network fault due

to the interface which belongs to the Perth edge router is shut down by incorrect operation. The

network manager could use the network management tools to reconfigure that interface in order to

fix this problem.

Additionally, after the correct the fault, network manager suppose to record the fault and solution

as an event report and organize this kind of report as the resource of trend analysis. In this respect,

the manager will fix failure more efficiently when the same problem occurs.

Security management

The security management is another important part in the whole network management system. In

security management, the major task is protecting sensitive information in a company or an

organization. ‘Properly set up and maintained security management can offer a more practical

alternative while assuaging users’ security concerns and increasing their confidence in the

network’s effectiveness and security’ (A.L., 2000, p.77). In order to accomplish effecting security

management, there are four aspects in security to help network manager to secure the network.

1. Identifying the sensitive information to be protected.

2. Finding the access points.

13
3. Securing the access points.

4. Maintaining the secure access points.

As the first step, sensitive information identification is the core of security management. Based on

limited resource, the network manager should decide which information or data have to protect,

and which is not necessary. In this case study, there are two different main networks to secure in

different security strategies. One is the ABC internal network and the other is the external network

which is connected with ABC network. In the ABC internal network, there is a protected server

area which has been identified as a sensitive information section. Beside this section, there are

another two sections to be protected. One is the Public Access Server area, and the other is the

Billing/LAN section.

After sensitive information identification, the network manager should locate the access points

beside the information section which has to be protected. The manager can use network

management tools such as SNMPs to ‘examine each piece of software offering a service on the

network’. In this respect, the manager will find the access points which have to be secured more

accurately. In this case study, we already get the whole network topology. Due to the sensitive

information has been identified, the switch which is connected to Protected Server section, the

switch which connect Public Access Servers and Firewall, and the switch which is connected to

Billing/LAN area is the access point that have to been protected.

When finding out the access points, the network manager should set up the security policy to

protect these access points. Since the network is divided into different layers, access point security

technology can be used differently. Firstly, on the data link level the manager could use data

encryption to protect data security. Moreover, on the network level the device such as router and

switch may secure traffic flow based on packet filters which can be done in the configuration

management. To access sensitive information, there are three types to secure the access process.

They are Host Authentication, User Authentication and Key Authentication. Based on the

difference of data sensitivity, we can choose different authentication type to protect information.

In this case study, the Protected Sever Section and Billing/LAN Section has the highest security

14
priority. The key authentication is the best mode to protect that sensitive information, because ‘the

key authentication system provides a means to accomplish both host authentication and user

authentication with the added advantage of not having to rely solely on the destination host’.

(A.L., 2000, p.91) In the Public Access Server Section, the information sensitivity is not that high,

so the user authentication is enough to secure its information security.

As we analyze before, the whole network contains two different networks, so we have to have a

firewall between these two networks to secure information transaction. In this respect, in the

configuration management, the network manager should configure the security policies in firewall

to assure this.

The last step of security management is to maintain the secure access point,.The network manager

should monitor the network state to locate the potential or actual security breaches by using

network management tools. In this case study, the network manager could use the SNMPs and

ethereal application as the monitor software to monitor the network state and packet

communication, as a result, network manager could find out the security flaw and fix it in time.

7. Conclusion

This report explores the management of the devices in ABC Network. It indicates the analysis of

network management and management concept. Performance management, configuration

management, fault management and security management are explained to meet all the needs and

requirements. With the help of the SNMP, Getif, Cisco device manager, we can find the essential

problem immediately and fix up the problems in time to guarantee the best performance of the

network and provide the best service to the customers.

There are many different ways to complete this case study; we consider our solution as the best

one in our choice. Due to our current networking knowledge, there may be some inadequate

aspects of the solution, we will improve the methods and looking forward it.

15
16
Reference
Leinwand, A and Conroy Fang, K., Network Management: A Practical Perspective (2nd Edition),

Addison-Wesley,2000

Subramanian, M. Network Management: Principles and Practice, Addison-Wesley, 2000.

Terplan, K, Communication Networks Management (2nd Edition), Englewood Cliffs, N.J :


Prentice Hall, c1992

P. Chimento, Defining Network Capacity, Network Working Group, 2008 access at

http://www.faqs.org/rfcs/rfc5136.html

17