Introduction
Network system administrators distinctively identify and use the SNMP technology to construct effective management systems for network /communication centric services based on key SNMP technology whose principles and design decisions reflect system scalability, cost-effectiveness, and secure operations at all levels of network-centric communication services. Typically, SNMP technology’s administrative tasks on network components are achieved from a central management console which allows communication between individual network components and the management console through an agent. It is important to note that each network component is architecturally defined by a management information base (MIB) which is uniquely characterized by managed objects accessible through the SNMP technology for reading and writing operations.
ISO identifies five functional areas of network management as discussed in this paper. The paper proceeds to discuss and crystallize the differences between network and service management functionalities, administrative benefits to systems administrators of integrating and using network management tools from the perspective of cost and system efficiency, gives definitions of various terms such as managing entity, differences in machine architectures in terms of ASN.1, issues related to fault identification, and culminates with a detailed view of critical security enhancements in SNMPv3. Two views of the document are included in parts one and two. The latter is part one while part two provides a critical survey of network management software that is proprietary of open source and specifically concerning Nexus Alpha Limited (NAL)4.
Areas of Network Management Defined By the ISO
One of the roles of a system administrator is to design, construct, and implement an effective, efficient, reliable, scalable, and secure management system that provides network centric communication services that are supported on heterogeneous hardware and software platforms (SNMP Research International, 2011). Typically, technological options for constructing and implementing network management services include Common Management Information Services Element/Common Management Information Protocol (CMISE/CMIP) and Simple Network Management Protocol (SNMP) technologies with the latter option being specific to the current project report due to its associated benefits. To fulfill that objective, critical and detailed evaluations and discussions of the five areas of network management that are defined by ISO standards reinforce the rationale of using SNMP technology in the construction and implementation of the network management system as discussed below.
Performance Management
For a system administrator, performance is a critical component that reflects optimal use of system hardware and software that is measured on network throughput, identification of various user response times, and line utilization ((Case, Mundy, Ericsson & Stewart, 2002). Performance critically influences decision-makers to adopt a specific technology to meet business objectives. This is fulfilled by gathering performance data through the implementation of an SNMP management system, and analyzing with reference data to determine normal levels while evaluating the data collected if it is above the threshold value against appropriate performance thresholds (McCloghrie, Perkins & Schoenwaelder, 1999). “The goal for performance management is to prepare a suitable network for the future as well as to comparatively evaluate the efficiency of the current network” (Case, Mundy, Ericsson & Stewart, 2002). The next area under ISO management is configuration management.
Configuration Management
Configuration management enables the system administrator to fulfill administrative duties by monitoring, gathering system configuration information of networked computers and respective hardware and software information. It allows for the monitoring of any changes that take place in any network device. The information gathered is written into a database and can be read when needed for backups and analytical purposes, and that forms a critical element in decision making. However, to optimize network resource utilization, the SNMP technology integrates the concept of accounting management as discussed below (Case, Mundy, Ericsson & Stewart, 2002).
Accounting Management
Accounting management is a tool that enables optimal resource utilization and enhances network performance under the ISO standard. This is critical since it reinforces the benefit of hardware and software resource utilization and the rationale of a cost effective and reliable managements system (McCloghrie, Perkins & Schoenwaelder, 1999). To achieve that, network utilization parameters, usage statistics, and usage quotas in all departments are written into a database to inform critical decisions during the construction process (Case, Mundy, Ericsson & Stewart, 2002). However, to enforce system integrity, a fault management element is integrated as discussed below.
Fault Management
In the construction process Case, Mundy, Ericsson and Stewart (2002) identify fault management as being critical in effective, efficient, and error free network communication. Fault management enforces system throughput by detecting, isolating, fixing and logging faults in a network. Statistical test data written into a database enables the isolation of system problems and provision for future solutions in the event of network functionality errors (McCloghrie, Perkins & Schoenwaelder, 1999). The administrative task of a network administrator includes fixing such errors using software tools such as HP OpenView or Sun Solstice. However, to ensure system integrity and enforce security at all levels, security management is critical to ensure privileged access to sensitive data and information (Case, Mundy, Ericsson & Stewart, 2002).
Security Management
Potential sources of threats to data are rife in any computer network. Typically, when constructing the management system, access rights to sensitive data is a critical component typically defining the system. SNMP provides data access rights of SNMP (v1, v2, and v3) at the read and writes community levels involving validation and verification of passwords and other data encryption/decryption and transmission techniques. Firewalls are also important as they control access to the network. This improves the management of network authentication, intrusion detection, access authorization, and regular network auditing (Case, Mundy, Ericsson & Stewart, 2002).
It is critically important to view the provision of security services from the perspective of the Nexus Alpha Limited (NAL) 4 on operating systems such as Solaris, Linux, and Windows as demonstrated below.
Having identified typical areas of network management defined by the ISO standard to inform the construction process, it is critically important to crystallize the difference between network and service management and benefits network administrators realize from the use of specifically tailored software tools as detailed below.
Difference between Network and Service Management
Network and service management are network administrative tasks that span top level administrative duties and maintenance of a network. Typically, these roles incorporate security, control, monitoring, deployment, allocation, coordination, and planning at business levels, typically characteristic of Nexus Alpha Limited (NAL) 4 ((Case, Mundy, Ericsson & Stewart, 2002). Case, Mundy, Ericsson and Stewart, 2002) maintain that several protocols such as SNMP, WBEM, CMIP, Java Management Extensions, and Transaction Language 1 are available for use in network management. However, both approaches have been isolated and discussed separately below to capture the difference between them as detailed below.
Service management
Case, Mundy, Ericsson and Stewart (2002) argue that service management is for the provision of goods and services typical of ICT (Information and Communication Technology) industry using a suite of software tools for better service levels, efficient utilization of resources, ensuring business-related costs are managed, and mitigating for the potential occurrence of risks. Administratively, service outages, visibility into service support and managing transaction logs provides a modular approach to service management using typically tailored software tools to meet underlying business goals (SNMP Research International, 2011).
Typically, therefore, service management integrates order management, inventory management, activation, maintenance, performance diagnostics, and several other types of support systems to enforce error free operational efficiency. In a competitive IT environment, service management provides a competitive tool to reduce network restoration time to its optimum functionality, identify incident prioritization using a number of diagnostic processes and tools (SNMP Research International, 2011). On the other hand, network management entails network, service, application, performance, and data storage management roles. Service management is identifiably unique to software components that system administrators use to fulfill service management objectives as detailed below.
Components of Service Management
Case (2002) acknowledges that service management components include Service plan and service offerings, Market Research plan, Service Portfolio Management, Stock Management, Execution Process & Logistics, Service Contract & Claims Administration, Field Service Administration, Billing, and Customer Management to fulfill business objectives in the IT industry. Identifiably, service Management is used with other types of management systems including Total Quality Management (TQM), Six Sigma, CMMI (Capability Maturing Model and Integration), and Business Process Management. It can be used with small-scale companies or used with extremely large corporations (SNMP Research International. 2011). It is important to consider specific benefits derived from service management in IT as discussed below.
Service Management Advantages
Central to any business pursuits as is typical of the current business project are business benefits derived by implementing service management within its operational environment (Wijnen, Presuhn & McCloghrie, 1999). These include:
- Elevated service expenditure.
- Minimized stock levels.
- Customer service value enhancements.
- Enhanced forecasting of inventory levels, and
- Enhance the level of customer satisfaction.
To optimize the above benefits, service level management is achieved through user access at different levels in an interactive communication between agents in a hierarchical setting. In this setting, the manager and the agent recursively interact with the agent interfacing with the managed objects, which may be hardware devices, switches, and routers among others (Case, Mundy, Ericsson & Stewart, 2002). Typically, different interactive modes are operationally assumed. A request-response model uses SNMP messages between the managed device and the agent to request service from the MIB objects. On the other hand, a trap mode provides an exception report to allow managing entities to appropriately address the error. That could ensure network performance and integrity are maintained appropriately. To effectively enforce network performance reliability and integrity, software tools specific to each task are used by network administrators (Case, Mundy, Ericsson & Stewart, 2002). Network administrative tools include network security tools, tools used to log and monitor the performance of a network, among others. Benefits specific to the use of these tools include ensuring network availability, enhanced network performance, ability to detect configuration issues, real time recovery of a network in the event of failure, and cost reductions. However, a concise definition of technical terms of different system entities is critical in the construction process as detailed below.
Definition of Terms
Case, Mundy, Ericsson and Stewart (2002) view the following technical terms with specific definitions particularly for use in the technical setting by a network administrator below. A managing entity is a software process that receives information from the managed devices and, together with humans-in-the-loop, issues commands that control the managed devices. On the other hand, managed devices are the network pieces of equipment, both hardware and software, that make up the network. SNMP Research International (2011) identifies a management agent as a software process associated with a device that communicates with the network’s managing entity. “Agents inside the network provide information at the request of the manager”. (Ross & Kurose, 1999). They also perform various tasks on objects under their management when the manager explicitly requests for the operation. On the other hand, MIB is a virtual data and information storage for managed objects from which information on network operational functionality can be obtained, typically referred to as a managed information base (MIB).
MIB creates a collection of named objects, their types, and their relationships to each other in an entity to be managed. On the other hand, a network management protocol (SNMP) is a communication tool between the managing entity and each managed device. The network management protocol is only a part (albeit a very important part) of the larger network management framework. SNMP Research International (2011) shows that an agent can respond to requests sent on the SNMP platform from a managed device. Querying MIB objects in a specific device can be achieved through the functionality of SNMP. The agent in the managed device then replies to the SNMP request message with an SNMP response message. On the other hand, a trap mode is defined as a managed device that sends an SNMP trap message to the managing entity on its initiative, that is, without having first received a request message from the managing entity. A trap message typically informs the managing entity that an exceptional condition has occurred (for example, an interface has gone down). In this sense, a trap message is much like hardware or software interrupts in a computer.
In the construction of the network management system to optimize cost a system efficiency, different software tools play critically unique roles specific to the service they provide. The role of SMI is to provide a detailed view of specific information residing in a network entity that is managed. SNMP names objects define the type of data that can be stored in an object and shows how data can be encoded for transmission over the network where “SNMP engine” is a workhorse for the constructed application.
It is important to note that SMI defines the general rules for naming objects, defining object types (including range and length), and showing how to encode objects and values. SMI neither defines the number of objects an entity should manage nor names the objects to be managed nor defines the association between the objects and their values. Case, Mundy, Ericsson and Stewart (2002) view the purposes ASN.1 object identifier tree to be where all objects managed by SNMP are given an object identifier. The object identifier always starts with 1.3.6.1.2.1. Notably, ETSI Technical Bodies use a common Domain for ASN.1 with different definitions being used in more than one ETSI deliverable. On the other hand, Case, Mundy, Ericsson and Stewart (2002) note that reserved domains are currently the only one value under this domain allocated value 0 which is used for ETSI Identified Organizations. However, the deliverable domain is the most commonly used form of ASN.1 Object Identifier in ETSI (Case, Mundy, Ericsson & Stewart, 2002).
The object-identifier tree value for any ETSI deliverable is derived by deleting the first digit of its document number (and omitting leading zeroes) as illustrated below.
EXAMPLE 1: The allocated value for ETS 300 182 is “182,” or “0 4 0 182”. On the other hand, TLV encoding is incorporated into ANSI.1 where ANS.1 (Abstract Syntax Notation One) ASN.1 is an ISO standard for data representation (Sourceforge, 2011). The primary design goal for ASN.1 was to provide a standard notation for use in specifying protocols that were concise in its encoding (McCloghrie, Perkins & Schoenwaelder, 1999). Before the rise of the Internet, its use was mainly in the area of telecom standards, but increasingly we now see it in widespread use for describing (most noticeably) key encodings, secure protocols and algorithm parameters in network security context (Case, Mundy, Ericsson & Stewart, 2002). It is important to conduct a comparative analysis of SNMP v1 and v2 as detailed below.
SNMPv3 vs. versions v1 and v2
Security enhancement issues differentiate SNMPv3 and SNMPv2 where SNMPv3 provides general and specific security through message authentication, privacy, and manager authorization (Case, Mundy, Ericsson & Stewart, 2002). In constructing the network management system it is important to consider differences in the architecture as detailed below.
Differences in Machine Architectures
Case, Mundy, Ericsson and Stewart (2002) detail the architecture for SNMP to be modular specific to the three versions of SNMP. A single SNMP engine represents each SNMP entity (Blumenthal & Wijnen, 1999). This engine has several purposes. It “implements functions for sending and receiving messages, it controls access to managed objects and finally authenticates, encrypts, and decrypts messages” (Ross & Kurose, 1999), based on different algorithms (Wijnen, Harrington & Presuhn, 1999). However, the modular architecture allows modules implemented in a specific environment to determine the role of an SNMP entity, allowing for updates to be affected without changing the SNMP version to accommodate coexistence and transition strategies (SNMP Research International, 2011). Typically, “SNMPv3 message processing functionality is organized into two application-level layers, namely PDU processing layer and a message processing layer” (Ross & Kurose, 1999). Arguably and based on observation “The PDU processing layer is where management commands (such as Get, Set, Trap, Inform) are realized in a PDU Scope and includes an indication of the command type and a list of variables (management objects) to which the command refers” (Ross & Kurose, 1999). On the other hand, “the User-Based Security Model (USM) is based on the concept of an authoritative engine” (Ross & Kurose, 1999).
In any message transmission, “one of the two entities, transmitter or receiver, is designated as the authoritative SNMP engine, according to the following rules:
msgAuthoritativeEngineID: The snmpEngineID of the authoritative SNMP engine involved in the exchange of this message” (Ross & Kurose, 1999). Thus, “this value refers to the source for a Trap, Response, or Report, and the destination for a Get, GetNext, GetBulk, Set, or Inform” (Case, Mundy, Partain & Stewart, 1999). “MsgAuthoritativeEngineBoots: The snmpEngineBoots value of the authoritative SNMP engine involved in the exchange of this message” (Ross & Kurose, 1999). On the other hand, it is clear that “MsgAuthoritativeEngineTime: The snmpEngineTime value of the authoritative SNMP engine involved in the exchange of this message” (Ross & Kurose, 1999).
Having discussed in detail critical technical issues related to the design and construction of a network management system based on SNMP technology, it is important for a system administrator to critically evaluate available network management software tools to sanguinely inform the process.
Network Management Software Tools
An informed decision on the choice of network management software tools to use in the construction of the network management system relies on available information about network management software tools based on SNMP technology (Sourceforge, 2011). SNMP/MIB related tools available in the market include Paessler SNMP Tester for debugging purposes at the protocol level typically to evaluate network configurations. Simulation tests can be viewed at website. The tester accommodates v1, v2, and v3 SNMP versions using appropriate test data to provide test results (website) that can be downloaded and run with appropriate data. Other tools specific to Nexus Alpha Limited (NAL)4 business objectives include AWStats Enterprise Manager for logfile processing, Ribbon Cluster Monitoring System evaluating the functionality of computing nodes, and SysLog to PostgreSQL for sending system logs to post request databases among others. It is important to note that a variety of source software tools for network administrative tasks are currently available that optimize the SNMP technology (Sourceforge, 2011). However, it is recommended that further research be conducted on their relative costs, product integrity, usability, interoperability, and security issues compatible with SNMP technology to adapt for use in the construction of an effective management system.
References
Blumenthal, U. & Wijnen, B. 1999. User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3), RFC 2574.
Case, J., Mundy, R. Partain, D., & Stewart, B. 1999. Introduction to Version 3 of the Internet-standard Network Management Framework. RFC 2570,
Case, J. Mundy, R., Ericsson, P. D.& Stewart, B. 2002. Introduction and Applicability Statements for Internet Standard Management Framework. Web.
McCloghrie, K.,Perkins, D., Schoenwaelder, J. 1999. Structure of Management Information Version 2 (SMIv2), RFC 2578,
McCloghrie, K. Perkins, D. & Schoenwaelder, J. 1999. Textual Conventions for SMIv2, RFC 2579.
McCloghrie, K., Perkins, D. & Schoenwaelder,J. 1999. Conformance Statements for SMIv., RFC 2580,
Ross, K.W. Kurose, J. 1999. 8.3 The Internet Network Management Framework. Web.
SNMP Research International. 2011. Distributed SNMP Security Pack. Web.
SNMP Research International. 2011. Products for Developers: Manager Solutions. Web.
Sourceforge. 2011. Web.
Wijnen, B., Harrington,D. & Presuhn, R. 1999. An Architecture for Describing SNMP Management Frameworks, RFC 2571
Wijnen,B., Presuhn, R., & McCloghrie,K. 1999. View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP), RFC 2575.