CS243 Computer Networks Design and Administration PDF
Document Details
Uploaded by UnselfishYellow6514
Tags
Related
- Chapter Five: Network Management PDF
- Data Communication and Computer Networks (20ITT301) Syllabus PDF
- COMP412 Computer Security Final Exam Booklet PDF
- Tema 1_ Fundamentos de la tecnología web y de los sistemas de gestión de contenidos PDF
- Computer Networks Lecture 4.2 PDF
- Network Security: Key Management PDF
Summary
This document provides a summary of the key concepts and technical principles relating to a computer network management model. Topics such as configuration management, fault management and security management underpin the fundamental features of a computer network structure. The document examines these topics in detail using examples and case studies.
Full Transcript
CS243: Computer Networks Design and Administration Network Management Model Network management is a service that employs a variety of protocols, tools, applications, and devices...
CS243: Computer Networks Design and Administration Network Management Model Network management is a service that employs a variety of protocols, tools, applications, and devices to assist human network managers in monitoring and controlling of the Network Management proper network resources, both hardware and software, to address service needs and the network objectives. ○ This is to ensure that the network resources are available to the designated users. ISO has grouped the management functions into five areas, to ensure rapid and consistent progress on network management functions: ○ Configuration Network management management cont.. ○ Fault management ○ Accounting management ○ Security management ○ Performance management Configuration management is concerned with: ○ Initializing a network ○ Provisioning the network resources and services ○ Monitoring and controlling the network. This includes: Configuration ○ Setting Management ○ Maintaining ○ Adding ○ updating the relationship among components and the status of the components during network operation Configuration management consists of: ○ Device configuration Can be performed either locally or Configuration remotely. Management cont.. ○ Network configuration Automated network configuration, such DHCP and DNS, plays a key role in network management Fault management involves detection, isolation, and correction of abnormal operations that may cause the failure of the OSI network. ○ The major goal is to Fault Management ensure that the network is always available and when a fault occurs, it can be fixed as rapidly as possible. Faults should be distinct from errors: ○ An error is generally a single event, whereas a fault is an abnormal condition that requires management attention Fault Management to fix. cont.. ○ For example, the physical communication line cut is a fault, while a single bit error on a communication line is an error. Security management protects the networks and systems from unauthorized access and security attacks. The mechanisms for security management Security Management include: ○ Authentication ○ Encryption ○ Authorization Security management is also concerned with: ○ Generation ○ Distribution ○ Storage; Of encryption keys as well as Security Management other security-related cont.. information Security management may include security systems such as firewalls and intrusion detection systems that provide real- time event monitoring and event logs. Accounting management enables charge for the use of managed objects to be measured and the cost for such use to be determined ○ The measure may include the resources consumed, Accounting the facilities used to Management collect accounting data, and set billing parameters for the services used by customers, the maintenance of the databases used for billing purposes, and the preparation of resource usage and billing reports Performance management is concerned with evaluating and reporting the behavior and the effectiveness of the managed network objects. Performance A network monitoring system can measure and management display the status of the network, such as: ○ Gathering the statistical information on traffic volume ○ Network availability ○ Response times ○ Throughput The tremendous growth in scale and diversity of computer networks has made network management a complex and challenging Network management task for network administrators. Tools To manage computer networks tangibly and efficiently, specific management tools must be used to monitor the network activities and to preemptively determine the network behavior. Network management tools are usually based upon particular network management protocols. Most systems use open Network Management protocols: Tools cont.. ○ Some network management tools are based upon vendor specific proprietary protocols The network management capabilities provided with the tools are usually based upon the One of the fundamental responsibilities of a network administrator is network monitoring. Network monitors should have the ability to collect and analyze network traffic. Network Monitors A good system will allow an administrator to generate log files and performance charts that detail system’s capabilities and responses. ○ With this data, an administrator can optimize network configuration and be better prepared for faults. Some network monitors are designed with SNMP management capability to offer full view of the Network Monitors fundamental network issues. cont.. To minimize the network down-time, effective networking monitoring will alert network anomaly immediately. Network scanner is one of the key element for network security. It checks network system, operating system and applications running on the Network Scanners network to identify vulnerabilities and possible security flaws that could expose a network to security compromise. To protect online assets and eliminate the risk to business, some network scanners can also automate vulnerability assessment. Packet filters control access of data packets to a network by scanning the contents of the packet headers. A packet filter determines Packet Filters whether a packet should be allowed to go through a given point based on certain access control policies. ○ Used as a first line of defense against attacks from machines outside your network. Packet filters has become a common and inexpensive method of security protection mechanism. ○ Packet filtering does Packet Filters cont.. guarantee the security of network and internal data Dynamic packet filtering, also referred to as stateful inspection, is a firewall architecture that works at the network layer. Stateful inspection tracks each connection traversing all interfaces of the firewall and makes sure they are valid. ○ It may examine the Packet Filters cont.. contents of the packet up through the application layer in order to determine more about the packet than just information about its source and destination A stateful inspection firewall also monitors the state of the connection and compiles the information in a state table. Packet Filters cont.. ○ Because of this, filtering decisions are based not only on administrator-defined rules but also on context that has been established by prior packets that have passed through the firewall Remote monitoring techniques in computer networks can be complex. Foundational remote monitoring techniques include pings, SNMPs and Remote Monitoring Syslogs. ○ Each of these three techniques collect data from a customer’s network. ○ That data is then available for MSPs to use for troubleshooting, identifying potential issues and even configuring devices The simplest remote network traffic monitoring technique. A ping is a network admin tool that tests if a host (PC) is alive on the Pings network, as well as how well that host can communicate. ○ By typing ping and the IP address of the host into a command prompt, the device will send a message to the host device and wait for a reply A ping is an invaluable tool to help diagnose network connectivity issues. Once it is established via ping that a device can Pings talk to the network, additional ping commands are available to test a myriad of things. ○ Some include how quickly and how reliably the device responds Simple Network Management Protocol (SNMP) is the most common method of gathering information from business network SNMP devices such as computers and servers, as well as peripherals such as printers. It even allows remote monitoring of some services such as DHCP or Wins Once an SNMP agent is installed, this protocol can be used to gather information on devices such as IP address, available disk space and SNMP cont.. open files. It can also determine if a service is running or stopped. In some cases, devices such as printers can be configured remotely via the SNMP protocol This is messaging system that allows devices to send a notification that events have occurred via the network to a designated logging SySlogs server. These messages are then stored and use for network analysis to find device use information and security audits. SysLogs work across a wide-range of devices from routers to firewalls and printers.
