International School of Management & Technology: Assignment Cover Sheet

Network Management 2021
INTERNATIONAL SCHOOL OF
MANAGEMENT & TECHNOLOGY
ASSIGNMENT COVER SHEET
STUDENT DETAILS
Student ID Reg No.
Family Name Dhungana Given Name Ashish
Enrolment Year 2018 Section N2
Semester 4th sem Email ashish@ismt.edu.np
UNIT DETAILS
Unit Title Network Management Unit Code T/615/1639
Assessor Name Santosh Rauniyar Issued Date 07/22/2021
Assignment Title Megatech Networking management solution
Assignment No 1/1 Submission Date 11/20/2021
Qualification BTEC HND IN Campus ISMT college

COMPUTING
Ashish Dhungana (4th I

semester)
STUDENT ASSESSMENT SUBMISSION AND

DECLARATION
When submitting evidence for assessment, each student must sign a declaration confirming that
the work is their own.
Student Name Ashish Dhungana Assessor Name Santosh Rauniyar
Issue Date 07/22/2021 Submission Date 11/20/2021
Programme Network Engineering
Unit Name T/615/1639 – Unit 35: Network Management
Assignment Title Megatech Networking management solution
Plagiarism
Plagiarism is a particular form of cheating. Plagiarism must be avoided at all costs and students
who break the rules, however innocently, may be penalized. It is your responsibility to ensure
that you understand correct referencing practices. As a university level student, you are expected
to use appropriate references throughout and keep carefully detailed notes of all your sources of
materials for material you have used in your work, including any material downloaded from the
Internet. Please consult the relevant unit lecturer or your course tutor if you need any further
advice.
Student Declaration
I certify that the assignment submission is entirely my own work and I fully understand
the consequences of plagiarism. I understand that making a false declaration is a form of
malpractice.
Pearson Education 2018
Benju Kadariya (4th semester) Higher Education Qualifications II

Contents Introduction:
................................................................................................................................................................ 1
Network Management: ........................................................................................................................... 1
Network management concepts and principles: ..................................................................................... 1
Network provisioning ........................................................................................................................ 1
NOC ................................................................................................................................................... 1
Fault management: ......................................................................................................................... 2
Trouble management (issue ticket administration): ....................................................................... 2
Configuration management: ........................................................................................................... 2
Performance management: ............................................................................................................. 2
Security management: .................................................................................................................... 2
Network installation and maintenance ................................................................................................... 2
Components of network management: .................................................................................................. 3
Importance of network management:..................................................................................................... 4
Comprehensive design of a network ...................................................................................................... 6
About Scenario:.................................................................................................................................. 6
According to the abovementioned scenario, the proposed implemented design of a network is shown
in the diagram below: ......................................................................................................................... 7
IP addressing .......................................................................................................................................... 8
Using appropriate analytical tools to analyze findings and data: ........................................................... 8
User and user group management: ....................................................................................................... 10
Usage graph: ........................................................................................................................................ 10
Network device port bandwidth and status: ......................................................................................... 10
Alert and notification for quick response:............................................................................................ 10
Implementing Nagios XI:..................................................................................................................... 10
Implementing PRTG ............................................................................................................................ 12
Comprehensive network configuration with screenshots: ................................................................... 12
Ashish Dhungana (4th Sem) III

Server Configuration ........................................................................................................................ 16
DHCP Server Configuration for VLAN 10 ..................................................................................... 16
DNS Server on Vlan 10 ................................................................................................................... 17
WEB Server Configuration on Vlan 10 ........................................................................................... 18
Conclusion: .......................................................................................................................................... 21
Part 2: ................................................................................................................................................... 22
Introduction: ......................................................................................................................................... 22
Goals of SNMP architecture and RMON ............................................................................................ 45
Conclusion: .......................................................................................................................................... 46
Part 3: ................................................................................................................................................... 47
Introduction: ......................................................................................................................................... 47
Tools and methods to manage network................................................................................................ 47
Diagnostic tools................................................................................................................................ 47
Monitoring tools:.............................................................................................................................. 47
Configuring SNMP in PRTG ............................................................................................................... 47
Configuring SNMP in Nagios XI......................................................................................................... 59
Implementing network security............................................................................................................ 72
Network threats: ................................................................................................................................... 73
Risk assessment: .................................................................................................................................. 74
Implementing risk assessment process: ............................................................................................... 74
Importance of network security in network: ........................................................................................ 75
Importance of carrying out risk assessment on a network: .................................................................. 76
• Identifying security vulnerabilities: .......................................................................................... 76
• Determining new security requirements: .................................................................................. 76
• Justify spending......................................................................................................................... 77
• Make smart purchase ................................................................................................................ 77
Ashish Dhungana (4th Sem) IV

• Improve planning ...................................................................................................................... 77
• Document due diligence ........................................................................................................... 77
• Educated employees: ................................................................................................................ 77
• Increased motivation: ................................................................................................................ 77
• Improved communication and decision-making ....................................................................... 78
Conclusion: .......................................................................................................................................... 78
References ............................................................................................................................................ 79
Ashish Dhungana (4th Sem) V

Part 1:
A Report
On
Network Management Principles and Concepts
By: To:
Ashish Dhungana Mr. Santosh Rauniyar
Sec: N2
Ashish Dhungana I
(4th Sem)
Table content
Introduction: ........................................................................................................................................... 1
Network Management:........................................................................................................................... 1
Network management concepts and principles:..................................................................................... 1
Network provisioning ........................................................................................................................ 1
NOC ................................................................................................................................................... 1
Fault management: ......................................................................................................................... 2
Trouble management (issue ticket administration): ....................................................................... 2
Configuration management:........................................................................................................... 2
Performance management:............................................................................................................. 2
Security management: .................................................................................................................... 2
Network installation and maintenance ................................................................................................... 2
Components of network management: .................................................................................................. 3
Importance of network management: .................................................................................................... 4
Comprehensive design of a network ...................................................................................................... 6
About Scenario: ................................................................................................................................. 6
in the diagram below:......................................................................................................................... 7
IP addressing .......................................................................................................................................... 8
Using appropriate analytical tools to analyze findings and data: ........................................................... 8
User and user group management: ....................................................................................................... 10
Usage graph: ........................................................................................................................................ 10
Network device port bandwidth and status: ......................................................................................... 10
Alert and notification for quick response:............................................................................................ 10
Implementing Nagios XI: .................................................................................................................... 10
Implementing PRTG ............................................................................................................................ 12
Comprehensive network configuration with screenshots: ................................................................... 12
Ashish Dhungana II
(4th Sem)
Server Configuration ........................................................................................................................ 16
DHCP Server Configuration for VLAN 10 ..................................................................................... 16
DNS Server on Vlan 10 ................................................................................................................... 17
WEB Server Configuration on Vlan 10 ........................................................................................... 18
Conclusion: .......................................................................................................................................... 21
Abstract:
Due to large range of connection and vendor options available today's network environment is
extremely complicated. The network environment is open, allowing a wide range of goods to
communicate with one another. Because of the complexity and high degree of interconnectedness, a
complete management facility is required. Tivoli NetView for OS/390 (NetView) allows you to control
and manage a complex multivendor network from a single location. Network management is one of
the most important yet confusing topics in telecommunications today. It covers the responsibilities of
operations, administration, maintenance, and provisioning (OAM&P) that are necessary to provide,
monitor, interpret, and control the network and the services it provides.
The public network has traditionally been designed to handle voice and data services using analog and
digital technology. Methods of network management were introduced for each technology and service.
As the pace of technological advancement increases, new products are introduced even more quickly,
requiring the support of multiple generations of equipment and software.
Ashish Dhungana III

(4th Sem)
Introduction:
This task is all about the network management principle and concepts. So, first and foremost, I will
examine the principles and concepts, as well as the equipment required to secure the network.
Similarly, I will design the MEGATECH's network and implement it according to a predefined
network specification, as well as provide a comprehensive network configuration with screenshots of
my work.
Network Management:
Network management is the process of administering, managing, and operating a data network, using
a network management system. Modern network management systems use software and hardware to
constantly collect and analyze data and push out configuration changes for improving performance,
reliability, and security. It is defined as the process of managing a network for fault and performance
using various tools and technologies to keep up with the business requirements. The objective of
network management is to achieve an error free network. In today's environment, multiple network
management tools are employed making the whole process a complex one.
Network Management System identifies, configures, monitors, updates and troubleshoots network
devices -- both wired and wireless -- in an enterprise network. A system management control
application then displays the performance data collected from each network component, allowing
network engineers to make changes as needed. It refers to the broad subject of managing computer
networks. There exists a wide variety of software and hardware products that help network system
administrators manage a network. Network management covers a wide area, including:
• Security: Ensuring that the network is protected from unauthorized users.
• Performance: Eliminating bottlenecks in the network.
• Reliability: Making sure the network is available to users and responding to hardware and software
malfunctions.
Network management concepts and principles:

Generally, the network management functions consist of three major groups and they are explained
below:
Network provisioning:
The process of setting up a network so that authorized users, devices, and servers can access it is known
as network provisioning. The network provisioning group is in responsible for network planning and
Ashish Dhungana (4th Sem) 1
design, as well as staying up to date on emerging technologies and incorporating them into the
architecture (Cisco, 2021). Additionally, network provisioning can help companies run more
efficiently and securely. Business operations become more secure and streamlined as network
management staff spends less time on setup and configurations.
NOC:
A network operations center (NOC) is a centralized location where a company's services, databases,
external services, firewalls, and network may be monitored and managed 24 hours a day by a
company's staff. Fault management, issue ticket administration, configuration management,

performance management, and security management are some of the applications that help manage
the OSI network management application's five components are performed in NOC.
Fault management:
The main work of fault management is to detect, isolate, notify and correct problems. This includes
keeping an eye on the network and, therefore, immediately resolving any problems that arise
(Brenkosh, 2021). This is, in most circumstances, the NOC's most important function.
Trouble management (issue ticket administration):

Troubleshooting connects alarms to services and resources, runs tests, runs diagnostics to isolate issues
to a replaceable component, restarts services, and performs activities to fix the identified fault.
Configuration management:
Configuration management tracks and maintains the network's device configurations. Configuration
file management, device inventory, and software are all included. As a result, configuration
management functions are used to deploy or alter a network.
Performance management:
Performance management collects and analyses network resource statistics in order to identify the
performance levels of network links and devices. This data can be utilized to identify and correct
performance issues in advance.
Security management:
Security management restricts and logs access to network resources. This function protects the
network from malicious attacks and tracks unauthorized access to resources.
Network installation and maintenance:

Network Management
Network Provisioning Network Operations Network Maintenance
Planning Fault Management Fault management
Trouble ticket
Configuration Management
Design administration
Performance Management
Network
Security Management installation
Accounting Management
Network repairs
Reports Management
Facilities
Inventory Management Installation
Data gathering and Analysis Routine network

tests
Figure 1: Network management functional grouping
Components of network management:

The network management system consists of various kind of protocols that are used to send data across
the network between the system's various agents and the management process. Similarly, object library
is also main component of network management which is the database that is shared between agent
and managers to gain more information regarding network elements. Mostly, three network
management are famous and they are mentioned below:
• Agent: Agent provides the status of managed network elements and get instructions to take
action of the element by help of managing process.
• MIB: MIB determines the structure and content of managing information. it is mostly used by
agent and management process.
• Managing process: Managing process is responsible for agent operations.

Figure 2; Components of network management.
Importance of network management:

The process, tools, and applications used to administer, operate, and maintain a network infrastructure
are referred to as network management. Network management also includes performance management
and fault investigation. Basically, it's a method of keeping your network healthy, which in turn keeps
your business healthy.

Figure 3: Network Design of MEGATECH.
According to our scenario there are multiple devices such as routers, servers, switches and so on. So,
in order to manage those multiple devices, network management is essential. All these devices are
connected with each other using different protocols and it will be tough to run it with dedicated uptime
(Crider, 2018). So, network management is used which helps to monitor, test and analyze all the
components of the network.
There is several importance of network management which is explained below:
1. Cost reduction:
That NOC team use sophisticated software which make your network more reliable and your
employees will suffer less downtime as a result of network outages. With the proper designing
of the network, cost can be reduced. The network should be design and service should be
delivered in such a way that it benefits all types of network users. In this way, a huge number
of clients can use the services at the lowest possible price.

For example, some user wants to use internet service while other want to use intranet service.
As a result, the NOC's network provisioning group should decide that once the packet is
received from the receiver, the receiver should give an acknowledgment to assure the sender
that the packet is from the receiver. (Schwartz, 2021) The packet will be retransmitted if the
sender does not receive it in a reasonable timeframe or if it is lost. The amount of time the
sender is ready to reply should be more than the round-trip delay.
2. Fault handling:
The failures in the network depend upon the quality of the network component or human
errors. Sometime the network will no longer reachable and can also become a complete
breakdown. Failures can arise as a result of equipment failure, which can be caused by aging,
hardware flaws, or human mistake. Teams in NOC will work for you twenty-four hours a day,
three hundred and fifty days a year. They use sophisticated software that monitors the health
of important equipment and services that operate across the organization. No matter when a
problem arises, the team is always prepared to deal with it as soon as possible.
3. Accountability:
Besides from fault handling and cost reduction, network management benefits in accountability
too. It keeps track of resource utilization, allow customers to be billed based on their usage.
The problem is also tracked, which helps in staying one step ahead of the user and improving
the company's portfolio. In addition, monitoring software sends an automated SMS or E-Mail
notice if there are any faults in the network, which helps in the pre-planning of issues and
immediate action to the issue.
Comprehensive design of a network:

About Scenario:
MEGATECH is a Small Business Enterprise providing computing services to local SMEs including
but not limited to Networking Management, Planning, Setup, Configurations, Testing and Security in
London. MEGATECH prides itself on providing unrivalled support to its customers. Due to the recent
business growth, MEGATECH has recently acquired new European Headquarters in Dublin.
MEGATECH therefore requires someone who can setup and manage their network at their new
European HQ in Dublin. MEGATECH is very conscious about security, especially Network Security
for their new European HQ in Dublin.

As I have been employed by MEGATECH as their European Network Manager and my principal duty
is setting up and managing the network at their new European HQ in Dublin including implementing
a secure working environment in terms of their Network Management.
As European network manager, my job is to build and operate a proof-of-concept prototype network.
Prototype contains a written paper that explains how my networking management solution may
improve security, scalability, and reliability while also addressing issues of availability.
in the diagram below:
Figure 4: Proposed network design

Cisco packet tracer is used to create a simple network design. The network's core routers are included
in the design, and they are the most essential device to monitor because they connect to the RRC
Centre's other branch networks. The core network, which is mentioned as the top priority in the
hierarchical architecture, is also directly related to the network management entities. To explain the
design, three Cisco Routers are routed with each other using the dynamic routing protocol OSPF, and
Network Management Tools are used to access all of the routers.

IP addressing:
Names of Devices IP Addresses/Network Subnet Mask
Address
Internet Service Provider Router to 25.25.25.0 255.0.0.0

Head Office Router
Head Office Router to Server 192.168.1.0 255.255.255.192

Distribution Switch
Head Office Router to VLAN 192.168.2.0 255.255.255.192

Distribution Switch
VLAN 10 (General) 192.168.10.0 255.255.255.128
VLAN 11 (Network Services Depart) 192.168.11.0 255.255.255.128
VLAN 12 (Human Resources) 192.168.12.0 255.255.255.128
VLAN 13 (Monitoring Depart) 192.168.13.0 255.255.255.128
VLAN 14 (IT Department) 192.168.14.0 255.255.255.128
VLAN 15 (for all Server) 192.168.15.0 255.255.255.128
DHCP Server 192.168.15.2 255.255.255.128
DNS Server 192.168.15.4 255.255.255.128
WEB Server 192.168.15.3 255.255.255.128
FTP Server 192.168.15.5 255.255.255.128
Active Directory Server 192.168.15.6 255.255.255.128
Using appropriate analytical tools to analyze findings and data:

For better management, the NOC staff deployed a variety of network management tools. The managed
network is defined as one in which network resources are planned, allocated, coordinated, controlled,
and developed. If a network is not properly maintained, it will overlap, causing confusion in the
classification of network management tools (Марковић, 2021). To avoid confusion, ISO has
recommended the implementation of a layer model that supports in the classification of the suitable
product during the synchronization of network resources and business goals.

Figure 5: Layer Network Management (Nenad Jovanovic, 2021)

Management of elements: It supports in the installation, setup, and upkeep of individual
network components.
Management of operations: It helps in network administration, status monitoring, management
errors, and alarm correlation.
Service management: This is a user delivery management service. For example, the service
provider might offer access management, data storage, and delivery software.
Business management: This refers to the network's business management components.
Budget/resource management, planning and contracts, business services, modeling, and
capacity planning are just a few examples.
I've chosen a top-down approach for the organization. For the evidence, the key business goals are
strictly limited to network management, planning, setup, configurations, testing, and security. For
proper network management, a number of parameters must be handled, as detailed below:

User and user group management:

The company is a very large organization with many different staff and employees as well as multiple
major networking devices. Users and groups should be created on each device for those staff and
employees who require device access. The procedure of creating users and groups takes time and is
insecure. In order to manage who can log in to a network device console, telnet session, Secure Shell
(SSH) session, and configure the privileges as needed for the operation, users and groups management
is required in the network.
Usage graph:
For our company, we use the Nagios XI and PRTG usage graphs. The graphical representation shows
how network devices are used and how well they perform. With Nagios XI and PRTG, SNMP support
is used to produce traffic graphs.
Network device port bandwidth and status:

A router is used to transport network traffic from one router to another through various branches in
any company. As a result, the most important part is to safeguard the router's port state, as it simply
requires routing and IP addressing. Port Bandwidth, CPU Usage, Memory, and Port Status are all very
important network parameters that must be monitored in any router. Although the CPU and memory
consumption are limited, an excess of memory and CPU usage can cause problems. As a result, a
network management alert system should be established alongside it. If it exceeds a specific threshold,
an alarm should be sent out, allowing network experts to respond quickly.
Alert and notification for quick response:

As already mentioned, the most significant characteristics in network management are alert and
notification. We've used technologies like PRTG and Nagios XI, and we've received alerts and
notifications from them. It operates by analyzing data received from the network device and sending
an alert to the concerned person or notifying with the defined address such as E-Mail or SMS Alert if
it detects something that disturbs or causes an error in the network or manual setting for alert.
Implementing Nagios XI:

Nagios is a collection of automated, integrated trending and capacity planning graphs that help
companies plan for infrastructure changes before they're distracted by older versions. It is significantly
more powerful, as evidenced by the fact that it employs the Nagios Core 4 monitoring engine and
offers customers with the greatest level of server performance monitoring (Nagios XI, 2021). High-
efficiency worker processes provide practically limitless scalability and effectiveness monitoring. It

has a powerful GUI that allows customers and team members to customize layout, design, and
preferences on a per-user basis, giving them the flexibility they desire.
The main reason for using Nagios is that it uses four states to describe status: OK, WARNING,
CRITICAL, and UNKNOWN. This status is better for faster action when a problem occurs because it
redirects the alert to the specified person rather than the monitoring value or graph, which is ignored
when it requires immediate attention.
Figure 6: Nagios Architecture (Nagios, 2021)

When it comes to nagios architecture, it was designed with server agent architecture in mind. It
monitors the host's status and services that are dependent on external programs. The scheduler, GUI,
and plugins are the three components of the nagios architecture.
• Scheduler: A Nagios server element that checks plugins and sends notifications based on the
results.
• GUI : A Nagios interface is used to display in CGI-generated web pages. It could be state
buttons that change from green to red, a sound, a graph, or anything else. When a plugin reports
an error after a soft alert, a green button becomes red and a sound is played.
• Plugins: Plugins are used to verify the status of a service and send the results to the Nagios
server.

Implementing PRTG:
PRTG is a unified monitoring tool that allows you to monitor almost any IP-enabled device. PRTG is
made up of the PRTG core server, which handles things like configuration, data administration, and
web server, as well as one or more probes that gather data and monitor devices via sensors. PRTG is
made up of a variety of sensors (PAESSLER, 2021). For sensors, we may say PRTG is more popular.
The fact that these tools come with a variety of sensors is a benefit. Its sensors include anything from
platform-specific sensors to generic hardware, bandwidth sensors, and custom scripts.
Figure 7: PRTG Architecture (PAESSLER, 2021)

It also includes pre-configured sensors for popular setups. Add these sensors to the target devices for
which they were designed to obtain monitoring data right away. We can also adapt our sensor to meet
our specific needs. It monitors data for target devices by polling or querying sensor data and listening
for or receiving sensor data. Listening for or receiver sensor data passively receives data that is pushed
to PRTG by devices or applications, whereas poll or query sensor data actively acquires data from the
devices and refreshes it on its own.
Comprehensive network configuration with screenshots:

In the below section, the detailed network configuration of various network management tools
deployed in the network is shown with the relative device configuration, and also, some testing is done
to assure everything is configured without any error.

Step 1:
Assigning IP address from Head Office Router to Server Distribution Switch and to VLAN
Distribution switch:
Figure 8: Adding IP
Step 2: Dhcp:
Server distribution switch:
Figure 9: Creating DHCP Pool in server distribution switch

Figure 10: After successful DHCP request
VLAN distribution switch:
Figure 11: Creating DHCP Pool in VLAN distribution Switch

Figure 12: After Successful DHCP request
Step 3: NAT:
Figure 13: NAT

Figure 14: NAT Translations
Server Configuration
DHCP Server Configuration for VLAN 10
Step 1: Adding Pool name, Default gateway, DNS Server, Start IP Address Subnet Mask on
concentrated DHCP Server for VLAN 10
Figure 15: DHCP Server Configuration
Step 2: IP ranges were successfully added to the VLAN for distribution.
Figure 4: Successfully Added range of IP.
Step 3: Adding the DHCP Server's IP helper address.

Figure 16: Adding helper address
Step 4: Finally, with DNS Server, a range of IP addresses is successfully shown and accepted on
VLAN.
Figure 17: IP Ranges are accepted
DNS Server on Vlan 10

Step 1: Adding resource records such as www.ashish.com, type = A Record, and address
=192.168.15.4, then selecting add.

Step 2: Adding IP helper-address of DNS Server.
Figure 18: Adding helper address
Step 3: Finally, DNS IP is successfully accepted.
WEB Server Configuration on Vlan 10

Step 1: Enabling HTTP and HTTPS port.

Figure 8: Enabling port
Step 2: Editing HTML document for accessing to the Vlan.

Figure 19 : Editing HTML Content
Step 3: Displaying the content on the Vlan 10 which is General Banking.

Conclusion:
Finally, this part of the study includes information on the principle and importance of network
management. Similarly, I created a comprehensive network design based on a given scenario,
MEGHATECH , and implemented a network design based on a specified network specification while
offering a comprehensive network configuration using screenshots of my own work.

Part 2:
Produce a Presentation which justifies the Protocols and Standards concerned with Networking
and Network Management. Your Presentation should cover at least following topics:
• Evaluate the following Network Protocols and Standards: SNMP, NETCONF, RMON,
TCP/IP, HTTP, DNS, DHCP, SSL, IPSec, IEEE, ITU, ISO, OSI including IANA and
ICANN.
• Compare and contrast two Protocols. Also, Compare and contrast SNMP and RMON.
Introduction:
This section contains important information related to the examination and comparison of various
network management protocols. Initially, numerous network protocols and standards are reviewed,
with a focus on the protocol's basic understanding in the context of network administration. In fact,
there is a comparison of several protocols, starting with IPsec and SSL and ending with SNMP and
RMON.























Goals of SNMP architecture and RMON:

SMNP is introduced primarily to reduce the complexity of management function realized by the
management agent itself where it intends to reduce the management agent software cost, increased
use of internet resources when management function is monitored remotely, imposing fewest
restriction in the management tools in regards of forms and sophistication and, simply the use of
network function (encyclopedia, 2021).
The overall goal of RMON is to make it possible to build RMON-compliant network monitoring
devices. These devices, also known as monitors or probes, are used to measure specific characteristics
of the network without interfering with normal operations. These devices are normally stand-alone and
located in remote areas of the network, sometimes even beyond network boundaries. Devices that are
RMON-compliant can be located in a remote place. RMON-compliant devices should be stand-alone
so that they can continue to function and collect statistics even if network management is unavailable.
Even if the network is not experiencing issues, RMON-compliant devices should execute diagnostics
and preserve records of network information (Jain, 2021). This establishes the network's normal
behavior so that the network management can compare normal network performance to problem
network performance if the network goes down. Devices that are RMON-compliant should be able to
detect faults on their own. When a component of the device fails, the RMON-compliant device should
send a message to the network manager.

RMON denotes that it is more advanced than SNMP in terms of network management, as it has an
optional expansion package that includes fault diagnosis, performance tuning, and network planning
in addition to obtaining information from network devices. While SNMP examines network devices
on a regular basis, RMON examines network devices only once in a while, reducing network overhead
while also reducing network management system processing overhead.
Conclusion:
So, in this section, we looked at various network protocols as well as network standards that are
commonly used in network management. After that, a comparison of IPsec and SSL, both of which
are VPN Types, is made based on their use cases, working methodologies, and encryption methods.
After that, the last comparison in the section for SNMP and RMON is carried out in a similar manner,
taking into account the objective that both protocols share as well as the other features that these
network management protocols provide.

Part 3:
Use tools and methods to manage a network, including Network Security and Risk Management.
• Use tools and methods to manage a network and Implement network security on your
Network. Also, Conduct a Risk Assessment on your network.
• Justify the importance of Network Security in a network.
• Critically evaluate the importance of carrying out a Risk Assessment on a network.
Introduction:
This section is mainly concerned with network security and risk management, in which tools and
methods are used to manage the network, which starts with the implementation of network security in
the network by installing some security policies in the network devices. Furthermore, the risk
assessment is carried out by assessing the size of the business and its primary goal. After that, the value
of network security must be justified in terms of network management. Finally, the value of conducting
a network risk assessment is critically assessed by combining various concepts and my personal
opinions.
Tools and methods to manage network:

In part one, the tools and methodologies for network management were successfully implemented.
Nagios XI and PRTG were utilized as monitoring tools. As a result, these tools are registered in the
management tool below:
Diagnostic tools:
Diagnostic tools are active tools that are used to test connectivity and determine whether or not a
location or device is reachable. Ping, trace route, a mix of ping and trace route, and SNMP Polling are
commonly used for network diagnosis in this area. Ping tools are used to test connectivity to a host by
sending ICMP Packets and verifying that the device is up by receiving an ICMP Packet reply. The
trace route is also used to display the path to a certain host.
Monitoring tools:
The tools that collect events in the background, such as daemons or services. It can, however, use
diagnostic tools to start its probes and record the results on a regular basis. Monitoring tools include
log monitoring and SNMP Trap Receiver. Also, automated methods such as SmokePing, which use
ICMP packets to record and graph latency to a group of hosts, are available.
Configuring SNMP in PRTG:

Step 1:
To start, install Windows Server 2012 in Vmware and configure it to run in bridge mode. Then press
Win+R and type ncpa.cpl. You will see ethernet there, click on it, and you'll see details, including your
window server 2012's IP address. Then turn off both the window and desktop firewalls.
Step 2:
Install PRTG on your desktop. Now open the command prompt on the desktop and type ipconfig to
see the desktop's IP address.
Step 3:
Go to Manage in Window Server 2021 and install the SNMP server there. Then go to tools and scroll
down till you find services and in services you will see SNMP, click on it, and you'll see one table.
Now go to traps and type in the IP address of the desktop, as well as a community name, which I've
given ismt_snmp. Then go to security and add the IP address of the desktop to the read-only
permission.




Step 4:
Now, go to PRTG on desktop, and you'll see PRTG desktop. Type in prtgadmin as the login name and
password. Then click the Login button. The dashboard will open, and you will be able to click on the
devices. Various devices can be seen there. Now scroll through the devices to find vmware vcenter
services. Add a device by clicking the + symbol there. So, add snmp_server_monitor to the device
name, and the IP address of Window Server 2012 to the Ip address. Also, any tags should be given a
symbol. Then select the standard option for device identification and auto discovery. Then scroll down
and click on vmware credentials. Then, as ismt_snmp, add the community string and click OK.

Step 5:
Your device snmp server monitor is now visible in Vmware vcenters services. PRTG will now begin
scanning the server for health information. You may now see the graph after scanning the server.



Step 6:
Go to setup, system administration, and notification delivery to have the ticket system create alert
messages. Now, type in your email address and click Save. So, if the device has a problem and is
turned off, you will receive a message.

Step 7:
Lastly, check your inbox.



Configuring SNMP in Nagios XI:

Step 1:
To begin, install Nagios and Windows 7 in VMware and configure them to work together in bridge
mode. Then open Window 7 and press Win+R to enter ncpa.cpl. You will find Ethernet there, click on
it, and you'll see details, including your window 7's IP address. Then turn off both the window and
desktop firewalls.

Step 2:
Now open the command prompt on the desktop and type ipconfig to see the desktop's IP address.
Step 3:
In Window 7, press Win+R to open the Run dialog box and type services.msc. Then go to tools and
scroll down till you find SNMP, click on it, and you'll see one table. Now go to traps and enter the
desktop's IP address as well as a community name; I've used public as a community name. Then go to
security and add the IP address of the desktop to the read-only permission. Then click ok, apply and
finish.



Step 4:
You may find the Nagios IP address in Nagios, then paste it into your browser and click it. Nagios XI
is now available. Now you must create a login id and password. The login id is nagiosadmin, and the
password should be whatever you want. The Nagios XI dashboard will now show. Go to the top and
expand configure, then click on configuration wizard and slide down to find Window SNMP. Click on
Window SNMP and enter the IP address of your Windows 7 computer, then pick Window 7 as the
operating system and enter public as the community name, then click next. Finally, select what you
want to monitor and click next. Now, under the monitoring options, enter the time you want to monitor
and click next. Now, go to notification settings and select send notification immediately when an issue
is detected, then select send alert notification and select your Nagios XI user account, then click finish.
The configuration has now been applied successfully.





Step 5:

Now, on the left side of the dashboard, click on the services status and then on the IP address of window
7. You may enable and disable the notification, as well as ping the host, from there. It contains all of
the information about the Window. Now go to the graph session to see a variety of graphs.


Step 6:
On the dashboard, select admin from the drop-down menu. The administrative page will then appear.
Configure mail settings can be found there. Click on it, then on mail testing. Remove the original mail
address and replace it with yours, then click update. Check your inbox once more by clicking on mail
testing.


Implementing network security:
This is vital information! To reduce the risk of your network being breached by hackers, worms,
viruses, and other intrusions, you must understand how to secure it. When connected to the Internet,
a router that is not configured properly, such as with default settings, can be compromised in
minutes.
• Changing router default password: Don't use the router's default password because it's well
known and available on the internet. After initial router setup and before connecting to the
Internet, you can update the password.
• Enabling firewall on router: If the router has a firewall feature, take advantage of it!! This
feature is useful for filtering out unknown traffic from the Internet and limiting traffic going
out to the Internet. Tap your firewall, and don't forget to test it to avoid blocking legitimate
traffic.
• Disable remote router administration: Don’t allow remote router administration through the
Internet. Through brute force password cracking or security vulnerabilities, other Internet
users may locate and hack your router. It's normal to find security holes on home routers; if
you have any questions, you may look into this home router's security findings
• Router firmware update: Typically, router vendors will release new router firmware on a
regular basis to address software vulnerabilities and security flaws. When the router firmware
is changed, you can do so. The firmware is available on the vendor's website. When linked to

the Internet, a router that has not been fixed in a timely manner is at a very high risk of being
hacked.
Network threats:
• Computer virus: Computer viruses are one of the most common risks to safety for daily
Internet users. According to statistics, nearly 33% of home computers are infected with
malware, with viruses accounting for more than half of the infections. Viruses are computer
programs that are programmed to spread from one computer to another. They're often sent as
email attachments or downloaded from specific websites with the aim of infecting your
computer and other computers on your contact list via your network's systems. Viruses are
notorious for sending spam, disabling security settings, corrupting and stealing data from
your device, personal information including passwords, and even deleting everything on your
hard drive.
• Rogue security software: Scammers have developed a new way to commit Internet fraud by
manipulating people's fear of computer viruses. Rogue protection software is malicious
software that deceives users into believing their device has a virus or that their security
measures are out of date. After that, they offer to install or upgrade the security settings of the
users. They'll either ask you to download their software or pay for a tool to delete the
suspected viruses. Both of these scenarios result in the installation of malware on your
computer.
• Adware and spyware: We define "adware" as any program that collects information about
your browsing habits in order to serve you advertisements and pop-ups based on that
information. Adware gathers data with your permission, and it's also a legal source of
revenue for businesses who let users try their apps for free in exchange for ads that appear
while they're using it. The adware policy is often hidden in related User Agreement
documents, but it can be found by reading anything you accept when installing software
carefully. Adware on your machine is only visible in such pop-ups, and it can often slow
down your computer's processor and internet link speed. Adware is considered malicious
when it is downloaded without permission. Spyware is similar to adware in that it installs
itself on your device without your permission. It can contain keyloggers, which record
personal data such as email addresses, passwords, and even credit card numbers, making it
dangerous due to the high risk of identity theft.

• DOS and DDOS attack: Have you ever found yourself impatiently awaiting the online release
of a product you're dying to get your hands on? You keep refreshing the tab, waiting for the
product to become accessible. The page then displays an error: “Service Unavailable” as you
press F5 for the final time. It's probable that the server is overburdened! There are occasions
when a website's server becomes overburdened with traffic and crashes, such as when a
breaking news report happens. However, this is more generally what happens to a website
during a DOS attack, or denial-of-service attack, which is a malicious traffic overload that
occurs when attackers flood a website with traffic. When a website receives an excessive
amount of traffic, it becomes unable to deliver its content to visitors. A distributed denial-of-
service (DDOS) attack is similar to a DOS attack, but it is more powerful. It's more difficult
to recover from a DDOS attack. It is launched from several computers, with the number of
computers ranging from a few to thousands or even millions. Since not all of those computers
are likely to belong to the attacker, they are all infected and added to the attacker's network.
• Phishing: Phishing attacks are a form of social engineering that uses emails. This type of
attack is common among digital thugs because they discovered that trapping someone is as
simple as clicking on malicious links and connections but messages that can perform a
variety of functions such as extracting login credentials or record data from unfortunate
victims.
Risk assessment:
The process of identifying the level of risk that may occur in the near future is known as risk
assessment. Not only the identification of risk is considered as risk assessment but also identification
of the sensible measure to control the risk is risk assessment. According to Margaret Rouse - “Risk
assessment is the identification of hazards that could negatively impact an organization's ability to
conduct business.” Risk assessment helps to reduce the uncertainty. Mainly, three types of risk may
occur while developing a software and they are Technical risk, Organizational risk and
Environmental risk. Here technical risk creates uncertainty. Organizational risk leads towards poor
communication as well as poor organizational architecture. Environmental risk means changing the
environment and poor relationship with customers, developers.
Implementing risk assessment process:
Risk assessment contains three steps:
• Identifying risk.
• Analyzing risk.

• Prioritization of risk.
• Risk identification: Risk identification is the important aspect of risk assessment. While
working on the development part each and every part should be observed clearly and should
think about the upcoming risk. In this phase all the threats should be searched and should be
fixed as soon as possible before it becomes a potential problem. Risk identification is done by
some of the techniques like using risk templates, interviewing stakeholders, failure mode and
effect analysis (FMEA), failure mode effect and criticality analysis (FMECA).
• Risk analysis: Risk analysis is the second and most important phase of risk assessment. The
most important task that should be done before analyzing risk is that the main goal of the
project should be known. Once the goal of the project is set in our mind then work can be
done under it and risk analysis can be carried out easily. In this phase risk is analyzed on the
basis of the data collected from the above aspects that is identification of risk. When risk is
analyzed it becomes easy to make decisions for solving any sorts of risk. Actually, risk is first
analyzed and then it is categorized according to its effects in the near future. Once the risk is
categorized then it is prioritized on the basis of potential effects in software development.
Mostly the risk is analyzed by the developers and tester as they are the one who know each
and every little thing about the software which will be the plus point for the risk analysis
process.
• Risk prioritization: Risk prioritization is the final step of risk assessment where all the
assessment will be reviewed. When the cluster of the risk is being analyzed it’s time to
prioritize risk according to its rank and should be focused on it. According to the maximum
and minimum potential effects in the project risk is prioritized. Here two types of data are
collected. One is the list for the risk that is likely to occur and another is the list that is least
likely to occur.
Importance of network security in network:
Essentially, network protection is important because it provides a method for monitoring and
securing a network, which may include PCs, data, and various substructure devices. This is the most
important element that functions as a middleman in the networking fields. In recent years, secrecy
has become a critical component in every single place, whether it is a bank or a company. Because of
the various programming that has appeared, digital fear-based rulers have been discovered in an
abnormal state of strength. As a result, in order to avoid such an emergency and damage, the security
arrangement should be well-documented and followed by each client with regard to both outside and

inside network apprehensions. For the most part, the framework administrator's agreements are
viewed as fields.
The most important reason for network security is to avoid causing misfortune due to the incorrect
analysis of the facts and documents. If the network protection doesn't function properly or isn't
updated correctly, there can be a huge disaster in the loss. Some of them are mentioned below:
• Fissures of confidentiality: Each bank or enterprise is prepared to be aware of sensitive

details that should be kept secret from opponents' eyes.
• Data destruction: The basic aspects, or knowledge, play a critical role in each segment. Every
one of the elements and activities relies on this. When the backup strategies are operational
today, it has put the realities of meaning with solid confirmation
• Data control: Since a portion of the destructor called a programmer has to stamp the striking
connection on it, the structure problem can be indistinguishable and resolved through
different uses of technology. Whatever the case may be, the fact is that knowledge
management reacts to a more obvious threat than the system one. Information can be updated,
and that time isn't really important, but when it comes to money, it summarizes all of the
data.
Importance of carrying out risk assessment on a network:
Risk assessment plays a vital role to manage a network. Risk assessment and network security should
go hand in hand which makes the flow of the network easy and also helps to adapt with the risks by
being more risk-free. Risk assessment will be benefited to the organization in following ways:
• Identifying security vulnerabilities:

Risk assessment helps in identification of security vulnerabilities in a network by evaluating
external and internal threats. It also helps in finding inefficiencies and noncompliance with the
standard of security policies. This part is most important as it provides a list of security
problems in the network.
• Determining new security requirements:

After finding the problem of the organization, now it's time to take a step ahead to strengthen
the system security. So, those steps can be determined using risk assessment.

• Justify spending:
Not only does risk assessment identify the security risk but also identify the financial risk due
to potential security exploitations. By calculating the security costs, it benefits the long-term
investment in security before it gets attacked.
• Make smart purchase:

As mentioned above, risk assessment helps to identify the financial risk. By calculating the
security costs, it can allocate the budget for security appropriately. Once the root weakness of
an organization is found, the appropriate allocated resources under allocated budget can be
purchased. Hence, it helps to prevent organizations from overspending on a problem that does
not require an expensive solution.
• Improve planning:
Once, the security risk of an organization is known, it helps to plan appropriate architecture for
an organization with full security. So, the risk assessment helps to identify strength and
weakness of the organization which indirectly helps to improve planning for an organization.
• Document due diligence:

Finally, a risk assessment and resulting remediation can also validate an organization’s efforts
to enforce proper security measures. They may act as evidence to government regulators,
insurance companies, business partners, and the like that you are employing the requisite
security to protect your data and network.
• Educated employees:
Risk assessment also provides awareness to the employees about the security measures and
risk. If the employees get to know about the security measures and risks, they will be aware of
their day to day activities and avoid risks like sharing passwords, opening duplicate web pages.
• Increased motivation:
When employees get enough idea about the security and risk of the network then automatically
their confidence and motivation boost up. Along with motivation, productivity increases which
is good for organization.

• Improved communication and decision making:

If employees got sufficient education about the security risk they can get into conversation
about security and risk with their fellow members in an organization. If more people talk about
the security risks, then with the help of brainstorming, the correct decision can be made, which
directly benefits an organization.
Conclusion:
The deployment of network management tools in according with the MEGHATECH Network's
scenario is successfully conducted. The importance of network management is to monitor, manage,
and regulate a network, as seen above. The network's overall design, as well as its implementation in
Cisco Packet Tracer and different network control tools including Nagios and PRTG. In the section
that checks the work, the comprehensive documentation of all the deployed tools is reported. Also, I
performed a risk assessment on my network, supporting the need of network security in a network,
and last, I critically evaluated the value of conducting a risk assessment on our network.

References
(n.d.). Retrieved from https://www.mja.com.au/journal/2000/173/11/media-and-young-minds
Brenkosh, J. P. (2021, 7). Retrieved from https://www.osti.gov/
cisco. (2020). Retrieved from https://www.thousandeyes.com
Cisco. (2021). Retrieved from https://www.cisco.com
Crider, L. (2018, 1ug). Retrieved from https://www.algolitsolutions.com
encyclopedia. (2021). Retrieved from https://www.freesoft.org
Jain, R. (2021). Retrieved from https://www.cse.wustl.edu
KENTON, W. (2020, nov). Retrieved from https://www.investopedia.com
Nagios. (2021). Retrieved from https://sites.google.com
Nagios XI. (2021). Retrieved from https://www.nagios.com
Nenad Jovanovic, S. M. (2021, 7). Retrieved from https://www.researchgate.net
PAESSLER. (2021, 7 21). Retrieved from https://www.paessler.com
PAESSLER. (2021). Retrieved from https://www.paessler.com
Rahim, R. A. (2021). Retrieved from https://www.internetsociety.org
Schwartz, K. D. (2021). Retrieved from https://www.networkworld.com
skfdjskdfjs. (n.d.). sdfsdf. Retrieved 2014
Tech Terms. (2021). Retrieved from https://techterms.com
xgxdfd. (n.d.). xxfdxd. Retrieved 2010
Марковић, С. (2021). Retrieved from https://www.researchgate.net


International School of Management & Technology: Assignment Cover Sheet

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

International School of Management & Technology: Assignment Cover Sheet

Uploaded by

Copyright:

Available Formats

Network Management 2021

Student ID Reg No.

Family Name Dhungana Given Name Ashish

Enrolment Year 2018 Section N2

Semester 4th sem Email ashish@ismt.edu.np

Unit Title Network Management Unit Code T/615/1639

Assessor Name Santosh Rauniyar Issued Date 07/22/2021

Assignment Title Megatech Networking management solution

Assignment No 1/1 Submission Date 11/20/2021

Qualification BTEC HND IN Campus ISMT college

Ashish Dhungana (4th I

STUDENT ASSESSMENT SUBMISSION AND

Student Name Ashish Dhungana Assessor Name Santosh Rauniyar

Issue Date 07/22/2021 Submission Date 11/20/2021

Programme Network Engineering

Unit Name T/615/1639 – Unit 35: Network Management

Assignment Title Megatech Networking management solution

Pearson Education 2018

Benju Kadariya (4th semester) Higher Education Qualifications II

Network Management: ........................................................................................................................... 1

Network management concepts and principles: ..................................................................................... 1

Network provisioning ........................................................................................................................ 1

Fault management: ......................................................................................................................... 2

Trouble management (issue ticket administration): ....................................................................... 2

Configuration management: ........................................................................................................... 2

Performance management: ............................................................................................................. 2

Security management: .................................................................................................................... 2

Network installation and maintenance ................................................................................................... 2

Components of network management: .................................................................................................. 3

Importance of network management:..................................................................................................... 4

Comprehensive design of a network ...................................................................................................... 6

Using appropriate analytical tools to analyze findings and data: ........................................................... 8

User and user group management: ....................................................................................................... 10

Usage graph: ........................................................................................................................................ 10

Network device port bandwidth and status: ......................................................................................... 10

Alert and notification for quick response:............................................................................................ 10

Implementing Nagios XI:..................................................................................................................... 10

Implementing PRTG ............................................................................................................................ 12

Comprehensive network configuration with screenshots: ................................................................... 12

Ashish Dhungana (4th Sem) III

Server Configuration ........................................................................................................................ 16

DHCP Server Configuration for VLAN 10 ..................................................................................... 16

DNS Server on Vlan 10 ................................................................................................................... 17

WEB Server Configuration on Vlan 10 ........................................................................................... 18

Goals of SNMP architecture and RMON ............................................................................................ 45

Tools and methods to manage network................................................................................................ 47

Configuring SNMP in PRTG ............................................................................................................... 47

Configuring SNMP in Nagios XI......................................................................................................... 59

Implementing network security............................................................................................................ 72

Network threats: ................................................................................................................................... 73

Risk assessment: .................................................................................................................................. 74

Implementing risk assessment process: ............................................................................................... 74

Importance of network security in network: ........................................................................................ 75

Importance of carrying out risk assessment on a network: .................................................................. 76

• Identifying security vulnerabilities: .......................................................................................... 76

• Determining new security requirements: .................................................................................. 76

• Make smart purchase ................................................................................................................ 77

Ashish Dhungana (4th Sem) IV

• Improve planning ...................................................................................................................... 77

• Document due diligence ........................................................................................................... 77

• Educated employees: ................................................................................................................ 77

• Increased motivation: ................................................................................................................ 77