Enterprise Management Overview

ca.com
 Enterprise Management

 the process of managing the critical

resources of an enterprise
 Resources include
– Network components (routers, switches, hubs)
– Servers
– Desktops
– Databases
– Applications
– Security elements like firewalls, IDS
 Broadly classified into
– Service Management
– Systems Management

Slide I - 2 ca.com
Why Enterprise Management?
 Management of IT service levels tied to
business objectives
 Mandatory requirement for high availability
and performance
 Increase staff productivity despite reduced
headcount
 Consolidate IT vendors and number of
fragmented solutions to reduce costs
 Use technology investments more efficiently

Slide I - 3 ca.com
 Enterprise Management Challenges

 Identify, measure and report integrated service levels

across multiple networks and systems
 Automate management across a diverse and
massively complex network and systems
infrastructure
 Rapidly identify and resolve problems while
minimizing reliance on experts and specialists
 Integrate the many different tools to a single-point of
management
 Manages and allocates resources based on business
priorities and performance

Slide I - 4 ca.com
What is Systems Management?

Applications
Management

Network Desktop
Management Management

Security Operations
Management Management

Systems
Management

Slide I - 5 ca.com
Tools??
Service Management Systems Management
– Remedy ~SSS – CA Unicenter
– Peregrine ~SC – Tivoli
– Marval – BMC Patrol
– Axios ~Assyst – HP OpenView
– Touchpaper ~HDS – Compaq
– CA Unicenter ~SD – Compuware
– Datawatch ~QSM – NetIQ
– HP OpenView ~SD – Novadigm
– Frontrange ~Heat – Intel
– Magic Solutions ~MSD – Microsoft
– mansystems ~ExpertDesk – Peregrine
– Viadyne ~ViaTIL – Solarwinds
– CiscoWorks

Slide I - 6 ca.com
Network Management

ca.com
What is Network Management?
 Network management is the process of
monitoring, controlling and maintaining a data
network to maximize its efficiency and
productivity
 Involves
– Distributed database
– Auto-polling
– Generating graphical views of network traffic and
changes

Slide I - 8 ca.com
Why Network Management?
 Rapid expansion of networks
 Large, heterogeneous networks
 Proactive management rather than Reactive
 Handling day-to-day network operations
 Strategic network growth planning
 Automated management across diverse
environments
 Reduce costs and increase efficiency

Slide I - 9 ca.com
 What can a typical NMS do?
Monitor and manage devices on the network
Provides up-to-date information on the health of the
network
Alert on Status changes in the network devices
Alert on threshold violations
Log events on the network
Provide configuration information of the network devices
Notify and Automate certain actions on critical events
Store all collected information in a database for reporting,
analysis and trending

Slide I - 10 ca.com
 Network Management
 The International Organization for Standardization
(ISO) Network Management Forum divided network
management into five functional areas:

– Fault Management
– Configuration Management
– Security Management
– Performance Management
– Accounting Management

Slide I - 11 ca.com
Fault Management

 The process of locating,

diagnosing and correcting
network problems

 Increases network reliability

and effectiveness

 More than just fire-fighting

 Increases the productivity of

network users

Slide I - 12 ca.com
Configuration Management
 The process of obtaining data from
the network and using that data to
manage and setup network
devices

 Allows rapid access to

configuration information

 Facilitates remote configuration

and provisioning

 Provides up-to-date inventory of

network components

Slide I - 13 ca.com
Accounting Management
 Measuring the usage of network
resources by users in order to
establish metrics, check quotas,
determine costs and bill users

 Administers the cost of the network

 Internal verification of third-party

billing for usage

Slide I - 14 ca.com
Performance Management
 Ensure that the data network
remains accessible and
uncongested at all times

 Provide consistent level of service

to network user

 Determine utilization trends to

proactively isolate and solve
performance problems

Slide I - 15 ca.com
Security Management
 Protecting sensitive information on
devices attached to a data network
by controlling access points to that
information

 Secure sensitive information from

both external and internal users

 Protect network functionality from

malicious attacks

Slide I - 16 ca.com
Typical architecture

Slide I - 17 ca.com
Defining SNMP

Slide I - 18 ca.com
Simple Network Management Protocol
 SNMP is a framework that provides facilities for managing and
monitoring network resources on the Network.
 Components of SNMP:
– SNMP agents
– SNMP managers
– Management Information Bases (MIBs)
– SNMP protocol itself

SNMP agent
SNMP
manager

SNMP agent
SNMP
protocol
messages
SNMP agent

Slide I - 19 ca.com
Simple Network Management Protocol

 SNMP agent is software that runs on a piece of network

equipment (host, router, printer, or others) and that
maintains information about its configuration and current
state in a database
 Information in the database is described by Management
Information Bases (MIBs)
 An SNMP manager is an application program that contacts
an SNMP agent to query or modify the database at the
agent.
 SNMP protocol is the application layer protocol used by
SNMP agents and managers to send and receive data.

Slide I - 20 ca.com
Simple Network Management Protocol
(SNMP)

Slide I - 21 ca.com
Architecture of SNMP

Slide I - 22 ca.com
Overview of SNMP

Slide I - 23 ca.com
Defining SNMP Message Types

 Get Request
 Get Next Request
 Get Bulk Request
 Set Request
 Get Response
 Trap

Slide I - 24 ca.com
Defining SNMP Message Types
 Get Request requests the current value of one or
several MIB attributes.
 Get Next Request fetches the value of the next MIB
attribute in the MIB tree structure.
 Get Bulk Request is available in SNMPv2 and
fetches a MIB subtree or a MIB table with a single
request.
 Set Request sets the value of one or several MIB
attributes.
 Get Response contains the result of a Get Request
or the acknowledgement for a Set Request.
 Trap is sent by an SNMP agent to one or more
SNMP managers when exceptional events occur.

Slide I - 25 ca.com
SNMP Message Structure
 Made up of SNMP requests
 SNMP requests are
– Get - for gathering information
– Set - for configuration
 Each request has an entry in MIB called
Object Identifier and a value
 SNMP message also contains a community
string (password)

Slide I - 26 ca.com
SNMP Protocol Data Units

Slide I - 27 ca.com
SNMP

 There are two approaches for the

management system to obtain
information from SNMP
– Traps
– Polling

Slide I - 28 ca.com
SNMP Traps

 When an event happens on a network

device a trap is sent to the network
management system
 A trap will contain:
– Network device name
– Time the event happened
– Type of event

Slide I - 29 ca.com
SNMP Traps
 Resources are required on the network
device to generate a trap
 When a lot of events occur,the network
bandwidth may be tied up with traps
– Thresholds can be used to help
 Because the network device has a limited
view, it is possible the management system
has already received the information and the
trap is redundant

Slide I - 30 ca.com
Traps
 Traps are messages that asynchronously sent by an
agent to a manager
 Traps are triggered by an event
 Defined traps include:
– linkDown: Even that an interface went down
– coldStart - unexpected restart (i.e., system crash)
– warmStart - soft reboot
– linkUp - the opposite of linkDown
– (SNMP) AuthenticationFailure
–…

Slide I - 31 ca.com
SNMP Traps

Slide I - 32 ca.com
SNMP Polling
 The network management system periodically
queries the network device for information
 The advantage is the network management system is
in control and knows the “big picture”
 The disadvantage is the amount of delay from when
an event occurs to when it’s noticed
– Short interval, network bandwidth is wasted
– Long interval, response to events is too slow

Slide I - 33 ca.com
SNMP Traps/Polling
 When an event occurs, the network device
generates a simple trap
 The management system then polls the
network device to get the necessary
information
 The management system also does low
frequency polling as a backup to the trap

Slide I - 34 ca.com
SNMP Versions
 Three versions are in use today:
– SNMPv1 (1990)
– SNMPv2c (1996)
 Adds “GetBulk” function and some new types
 Adds RMON (remote monitoring) capability

– SNMPv3 (2002)
 SNMPv3 started from SNMPv1 (and not SNMPv2c)
 Addresses security

 All versions are still used today

 Many SNMP agents and managers support all three
versions of the protocol.

Slide I - 35 ca.com
SNMPv1

Slide I - 36 ca.com
SNMPv2c

Slide I - 37 ca.com
SNMP Community String

Slide I - 38 ca.com
SNMPv3

SNMPv3 has numerous security features:

– Ensure that a packet has not been tampered with

(integrity),
– Ensures that a message is from a valid source
(authentication)
– Ensures that a message cannot be read by
unauthorized (privacy).

Slide I - 39 ca.com
SNMP Security
 Security model of SNMPv3 has two
components:
1.Instead of granting access rights to a community,
SNMPv3 grants access to users.
2. Access can be restricted to sections of the MIB
(Version-based Access Control Module (VACM).
Access rights can be limited
 by specifying a range of valid IP addresses for a user or community,
 or by specifying the part of the MIB tree that can be accessed.

Slide I - 40 ca.com
SNMPv3 SERVICES

Slide I - 41 ca.com
Management Information Base

Slide I - 42 ca.com
Defining the MIB Structure

Slide I - 43 ca.com
Management Information Base
The OID for any attribute in the Win2k System Agent
MIB starts with 1.3.6.1.4.1.791.2.10.2.43.

Slide I - 44 ca.com
SNMP MIBS
 Management Information Base (MIB) is a
collection of related managed objects
 Used to define what information you can get
back from the network device
 There are standard and enterprise specific
MIBS

Slide I - 45 ca.com
SNMP MIBS
 Types of MIB Modules
– Standard: These are the standard MIBS currently
designed to capture the core aspects of the
particular technology
– Experimental: Temporary and if achieves
standardization then it is placed in the standard
module
– Enterprise-specific: Vendor specific MIBS that
provide additional management capabilities for
those features that require it

Slide I - 46 ca.com
Thank you

ca.com
 Network Management Platform
 A network management platform is a software
package that provides the basic functionality
of network management for different network
components
 The goal for the platform is to provide generic
functionality for managing a variety of network
devices

Slide I - 48 ca.com
 Network Management Platform
 Basic features for any platform to include are:
– Graphical User Interface (GUI)
– Network Map
– Database Management System (DBMS)
– Standard Method to Query Devices
– Customizable Menu System
– Event Log

Slide I - 49 ca.com
 Network Management Platform
 Additional features for a platform include:
– Graphing Tools
– Application Programming Interface (API)
– System Security

Slide I - 50 ca.com
 Network Management Platform
 Management Platforms that exist today
– CA’s Unicenter TNG
– Sun’s SunNet Manager
– HP’s OpenView
– IBM’s Tivoli
– Cabletron’s Spectrum

Slide I - 51 ca.com
 Network Management Architectures
 The Network Management Platform can use
various architectures to provide functionality
 The 3 most common are:
– Centralized
– Hierarchical
– Distributed

Slide I - 52 ca.com
 Centralized Architecture
 The Network Management Platform resides
on a single computer system
 For full redundancy, the computer system is
backed up by another system
 Can allow access and forward events to other
consoles on network

Slide I - 53 ca.com
 Centralized Architecture

 Used for:
– All network alerts & events
– All network information
– Access all management applications

Slide I - 54 ca.com
 Centralized Architecture

 Pros:
– Single location to view events & alerts
– Single place to access network
management applications and information
– Security is easier to maintain

Slide I - 55 ca.com
 Centralized Architecture
 Cons:
– Single system is not redundant or fault tolerant
– As network elements are added, may be difficult
or expensive to scale system to handle load
– Having to query all devices from a single location

Slide I - 56 ca.com
Hierarchical Architecture
 Uses multiple computer systems
– One system acting as the central server
– Other systems working as clients
 Central server requires backups for
redundancy

Slide I - 57 ca.com
Hierarchical Architecture
 Key features:
– Not dependent on a single system
– Distribution of network management tasks
– Network monitoring distributed throughout network
– Centralized information storage

Slide I - 58 ca.com
Hierarchical Architecture
 Pros:
– Multiple systems to manage the network
 Cons:
– Information gathering is more difficult and time
consuming
– The list of managed devices managed by each
client needs to be predetermined and manually
configured

Slide I - 59 ca.com
Distributed Architecture
 Combines the centralized and hierarchical
architectures
 Uses multiple peer network management
systems
– Each peer can have a complete database
– Each peer can perform various tasks and report
back to a central system

Slide I - 60 ca.com
 Distributed Architecture
 Contains advantages from central &
hierarchical architectures
– Single location for all network information, alerts &
events
– Single location to access all management
applications
– Not dependent on a single system
– Distribution of network management tasks
– Distribution of network monitoring throughout the
network

Slide I - 61 ca.com
 Element Managers
 Goals
– Effectively manage a specific set of devices
– Avoid functionality overlap with the platform
– Integrate with a platform through the API and
menu system
– Reside on multiple platforms
 Applications do not share information

Slide I - 62 ca.com
Element Managers
 Applications that exist today
– BayNetworks’ Optivity
– Cisco’s CiscoWorks
– 3Com’s Transcend

Slide I - 63 ca.com
Choosing a Network Management System

 Built from two major components: the Platform and

Applications
 A practical approach follows these steps:
– Perform device inventory
– Prioritize the functional areas of network management
– Survey network management applications
– Choose the network management platform

Slide I - 64 ca.com