Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
ca.com
Enterprise Management
Slide I - 2 ca.com
Why Enterprise Management?
Management of IT service levels tied to
business objectives
Mandatory requirement for high availability
and performance
Increase staff productivity despite reduced
headcount
Consolidate IT vendors and number of
fragmented solutions to reduce costs
Use technology investments more efficiently
Slide I - 3 ca.com
Enterprise Management Challenges
Slide I - 4 ca.com
What is Systems Management?
Applications
Management
Network Desktop
Management Management
Security Operations
Management Management
Systems
Management
Slide I - 5 ca.com
Tools??
Service Management Systems Management
– Remedy ~SSS – CA Unicenter
– Peregrine ~SC – Tivoli
– Marval – BMC Patrol
– Axios ~Assyst – HP OpenView
– Touchpaper ~HDS – Compaq
– CA Unicenter ~SD – Compuware
– Datawatch ~QSM – NetIQ
– HP OpenView ~SD – Novadigm
– Frontrange ~Heat – Intel
– Magic Solutions ~MSD – Microsoft
– mansystems ~ExpertDesk – Peregrine
– Viadyne ~ViaTIL – Solarwinds
– CiscoWorks
Slide I - 6 ca.com
Network Management
ca.com
What is Network Management?
Network management is the process of
monitoring, controlling and maintaining a data
network to maximize its efficiency and
productivity
Involves
– Distributed database
– Auto-polling
– Generating graphical views of network traffic and
changes
Slide I - 8 ca.com
Why Network Management?
Rapid expansion of networks
Large, heterogeneous networks
Proactive management rather than Reactive
Handling day-to-day network operations
Strategic network growth planning
Automated management across diverse
environments
Reduce costs and increase efficiency
Slide I - 9 ca.com
What can a typical NMS do?
Monitor and manage devices on the network
Provides up-to-date information on the health of the
network
Alert on Status changes in the network devices
Alert on threshold violations
Log events on the network
Provide configuration information of the network devices
Notify and Automate certain actions on critical events
Store all collected information in a database for reporting,
analysis and trending
Slide I - 10 ca.com
Network Management
The International Organization for Standardization
(ISO) Network Management Forum divided network
management into five functional areas:
– Fault Management
– Configuration Management
– Security Management
– Performance Management
– Accounting Management
Slide I - 11 ca.com
Fault Management
Slide I - 12 ca.com
Configuration Management
The process of obtaining data from
the network and using that data to
manage and setup network
devices
Slide I - 13 ca.com
Accounting Management
Measuring the usage of network
resources by users in order to
establish metrics, check quotas,
determine costs and bill users
Slide I - 14 ca.com
Performance Management
Ensure that the data network
remains accessible and
uncongested at all times
Slide I - 15 ca.com
Security Management
Protecting sensitive information on
devices attached to a data network
by controlling access points to that
information
Slide I - 16 ca.com
Typical architecture
Slide I - 17 ca.com
Defining SNMP
Slide I - 18 ca.com
Simple Network Management Protocol
SNMP is a framework that provides facilities for managing and
monitoring network resources on the Network.
Components of SNMP:
– SNMP agents
– SNMP managers
– Management Information Bases (MIBs)
– SNMP protocol itself
SNMP agent
SNMP
manager
SNMP agent
SNMP
protocol
messages
SNMP agent
Slide I - 19 ca.com
Simple Network Management Protocol
Slide I - 20 ca.com
Simple Network Management Protocol
(SNMP)
Slide I - 21 ca.com
Architecture of SNMP
Slide I - 22 ca.com
Overview of SNMP
Slide I - 23 ca.com
Defining SNMP Message Types
Get Request
Get Next Request
Get Bulk Request
Set Request
Get Response
Trap
Slide I - 24 ca.com
Defining SNMP Message Types
Get Request requests the current value of one or
several MIB attributes.
Get Next Request fetches the value of the next MIB
attribute in the MIB tree structure.
Get Bulk Request is available in SNMPv2 and
fetches a MIB subtree or a MIB table with a single
request.
Set Request sets the value of one or several MIB
attributes.
Get Response contains the result of a Get Request
or the acknowledgement for a Set Request.
Trap is sent by an SNMP agent to one or more
SNMP managers when exceptional events occur.
Slide I - 25 ca.com
SNMP Message Structure
Made up of SNMP requests
SNMP requests are
– Get - for gathering information
– Set - for configuration
Each request has an entry in MIB called
Object Identifier and a value
SNMP message also contains a community
string (password)
Slide I - 26 ca.com
SNMP Protocol Data Units
Slide I - 27 ca.com
SNMP
Slide I - 28 ca.com
SNMP Traps
Slide I - 29 ca.com
SNMP Traps
Resources are required on the network
device to generate a trap
When a lot of events occur,the network
bandwidth may be tied up with traps
– Thresholds can be used to help
Because the network device has a limited
view, it is possible the management system
has already received the information and the
trap is redundant
Slide I - 30 ca.com
Traps
Traps are messages that asynchronously sent by an
agent to a manager
Traps are triggered by an event
Defined traps include:
– linkDown: Even that an interface went down
– coldStart - unexpected restart (i.e., system crash)
– warmStart - soft reboot
– linkUp - the opposite of linkDown
– (SNMP) AuthenticationFailure
–…
Slide I - 31 ca.com
SNMP Traps
Slide I - 32 ca.com
SNMP Polling
The network management system periodically
queries the network device for information
The advantage is the network management system is
in control and knows the “big picture”
The disadvantage is the amount of delay from when
an event occurs to when it’s noticed
– Short interval, network bandwidth is wasted
– Long interval, response to events is too slow
Slide I - 33 ca.com
SNMP Traps/Polling
When an event occurs, the network device
generates a simple trap
The management system then polls the
network device to get the necessary
information
The management system also does low
frequency polling as a backup to the trap
Slide I - 34 ca.com
SNMP Versions
Three versions are in use today:
– SNMPv1 (1990)
– SNMPv2c (1996)
Adds “GetBulk” function and some new types
Adds RMON (remote monitoring) capability
– SNMPv3 (2002)
SNMPv3 started from SNMPv1 (and not SNMPv2c)
Addresses security
Slide I - 35 ca.com
SNMPv1
Slide I - 36 ca.com
SNMPv2c
Slide I - 37 ca.com
SNMP Community String
Slide I - 38 ca.com
SNMPv3
Slide I - 39 ca.com
SNMP Security
Security model of SNMPv3 has two
components:
1.Instead of granting access rights to a community,
SNMPv3 grants access to users.
2. Access can be restricted to sections of the MIB
(Version-based Access Control Module (VACM).
Access rights can be limited
by specifying a range of valid IP addresses for a user or community,
or by specifying the part of the MIB tree that can be accessed.
Slide I - 40 ca.com
SNMPv3 SERVICES
Slide I - 41 ca.com
Management Information Base
Slide I - 42 ca.com
Defining the MIB Structure
Slide I - 43 ca.com
Management Information Base
The OID for any attribute in the Win2k System Agent
MIB starts with 1.3.6.1.4.1.791.2.10.2.43.
Slide I - 44 ca.com
SNMP MIBS
Management Information Base (MIB) is a
collection of related managed objects
Used to define what information you can get
back from the network device
There are standard and enterprise specific
MIBS
Slide I - 45 ca.com
SNMP MIBS
Types of MIB Modules
– Standard: These are the standard MIBS currently
designed to capture the core aspects of the
particular technology
– Experimental: Temporary and if achieves
standardization then it is placed in the standard
module
– Enterprise-specific: Vendor specific MIBS that
provide additional management capabilities for
those features that require it
Slide I - 46 ca.com
Thank you
ca.com
Network Management Platform
A network management platform is a software
package that provides the basic functionality
of network management for different network
components
The goal for the platform is to provide generic
functionality for managing a variety of network
devices
Slide I - 48 ca.com
Network Management Platform
Basic features for any platform to include are:
– Graphical User Interface (GUI)
– Network Map
– Database Management System (DBMS)
– Standard Method to Query Devices
– Customizable Menu System
– Event Log
Slide I - 49 ca.com
Network Management Platform
Additional features for a platform include:
– Graphing Tools
– Application Programming Interface (API)
– System Security
Slide I - 50 ca.com
Network Management Platform
Management Platforms that exist today
– CA’s Unicenter TNG
– Sun’s SunNet Manager
– HP’s OpenView
– IBM’s Tivoli
– Cabletron’s Spectrum
Slide I - 51 ca.com
Network Management Architectures
The Network Management Platform can use
various architectures to provide functionality
The 3 most common are:
– Centralized
– Hierarchical
– Distributed
Slide I - 52 ca.com
Centralized Architecture
The Network Management Platform resides
on a single computer system
For full redundancy, the computer system is
backed up by another system
Can allow access and forward events to other
consoles on network
Slide I - 53 ca.com
Centralized Architecture
Used for:
– All network alerts & events
– All network information
– Access all management applications
Slide I - 54 ca.com
Centralized Architecture
Pros:
– Single location to view events & alerts
– Single place to access network
management applications and information
– Security is easier to maintain
Slide I - 55 ca.com
Centralized Architecture
Cons:
– Single system is not redundant or fault tolerant
– As network elements are added, may be difficult
or expensive to scale system to handle load
– Having to query all devices from a single location
Slide I - 56 ca.com
Hierarchical Architecture
Uses multiple computer systems
– One system acting as the central server
– Other systems working as clients
Central server requires backups for
redundancy
Slide I - 57 ca.com
Hierarchical Architecture
Key features:
– Not dependent on a single system
– Distribution of network management tasks
– Network monitoring distributed throughout network
– Centralized information storage
Slide I - 58 ca.com
Hierarchical Architecture
Pros:
– Multiple systems to manage the network
Cons:
– Information gathering is more difficult and time
consuming
– The list of managed devices managed by each
client needs to be predetermined and manually
configured
Slide I - 59 ca.com
Distributed Architecture
Combines the centralized and hierarchical
architectures
Uses multiple peer network management
systems
– Each peer can have a complete database
– Each peer can perform various tasks and report
back to a central system
Slide I - 60 ca.com
Distributed Architecture
Contains advantages from central &
hierarchical architectures
– Single location for all network information, alerts &
events
– Single location to access all management
applications
– Not dependent on a single system
– Distribution of network management tasks
– Distribution of network monitoring throughout the
network
Slide I - 61 ca.com
Element Managers
Goals
– Effectively manage a specific set of devices
– Avoid functionality overlap with the platform
– Integrate with a platform through the API and
menu system
– Reside on multiple platforms
Applications do not share information
Slide I - 62 ca.com
Element Managers
Applications that exist today
– BayNetworks’ Optivity
– Cisco’s CiscoWorks
– 3Com’s Transcend
Slide I - 63 ca.com
Choosing a Network Management System
Slide I - 64 ca.com