Network Management

ITE 3304
What is network management?

System & Service monitoring
 Reachability, availability

Resource measurement/monitoring
 Capacity planning, availability

Performance monitoring (RTT,
throughput)

Statistics & Accounting/Metering
What is network management?


Fault Management (Intrusion Detection)
 Fault detection, troubleshooting, and tracking
 Ticketing systems, help desk

Change management and configuration
monitoring
Overview
- Monitoring Notifications
- Data collection
- Accounting

Ticket
- Change control &
monitoring
Ticket - Capacity planning
- NOC Tools - Availability (SLAs)
- Ticket system - Trends
- Detect problems
Ticket
Ticket
- Improvements
- Upgrades
Ticket - User complaints
- Requests

- Fix problems
Why network management?

• To Make sure that the network is up and running

• Need Network Monitoring
• E.g.
• Systems with SNMP Enabled can be monitored with
software tools
• State Reports/Alerts can be generated
• To Know when to upgrade the Systems
/Network
• To Keep an audit trace of changes
Network management
protocols

• SNMP – Simple Network Management

Protocol
 Industry standard, hundreds of tools exist to
exploit it
 Present on any decent network equipment
 Can be used to monitor Network throughput, errors,
CPU load, temperature, ...
 UNIX and Windows implement this as well
 Can be used to monitor CPU. Disk Space
Network management
protocols

• SSH and telnet

• It is also possible to use scripting to automate
monitoring of hosts and services
SNMP Tools

• SNMP tools are used to manage SNMP

enabled devices
• They communicate with SNMP enabled
devices using SNMP commands
• Can use to read, write data from/to
devices according to the privilege level
• Net SNMP tool set
• http://net-snmp.sourceforge.net/
Configuration management
and monitoring Tools

• Record changes to equipment

configuration using revision control (also
for configuration files)
• Inventory management (equipment, IPs,
interfaces)
• E.g.
• RANCID - (Automatic Cisco configuration retrieval
and archiving, also for other equipment types)
Network Intrusion Detection
Systems (NIDS)

• Systems that observe all of network traffic and

report when it sees specific kinds of problems,
such as:
• hosts that are infected or are acting as
spamming sources
• Tools
• SNORT - a commonly used open source tool:
http://www.snort.org/
• Nessus - scan for vulnerabilities:
http://www.nessus.org/download/