Network management is the process of documenting, monitoring, troubleshooting, and configuring network devices. Network management gives visibility to the quality of the network’s operation and identifies any problems that are about to occur or that have already occurred.
The routers and switches in a network have the same components as a regular PC. There are a CPU (or two), memory, storage, and network interfaces. The primary difference from a PC is that network equipment is highly optimized to perform certain functions such as passing packets quickly.
The nature of today’s networks is that network equipment is distributed everywhere. Remote branches, data centers, locations around the world—all these places on the network have routers, switches, servers, and other networking gear.
A network administrator is responsible for the health and well-being of a company’s network. Her goal generally is to provide uninterrupted network services. If a network outage or fault occurs, she wants to know about it as soon as possible and isolate the problem quickly.
When a problem occurs in the network, it can bring business to a grinding halt. The network administrators must find, isolate, and fix the fault as quickly as possible to restore business operations. The longer the fault persists, depending on the number of people and processes affected, the greater the monetary losses the company might experience.
For example, a manufacturing line might stop operating. Or a stock-trading firm might stop trading. A hospital might lose the ability to track patients. A theme park might be unable to collect tickets.
The purpose of network management is to provide methods to configure, monitor, and troubleshoot a network. After the fault occurs, a network administrator struggles to gain visibility to the network and any changes that might have occurred to determine the source of the problem.
Aside from dealing with faults, network management facilitates the orderly upgrade or maintenance of network devices. Remember, a company might have network devices installed all over the world, so it is not practical for a network administrator to physically travel to all of the various locations to upgrade code.
The current thinking defines network management in terms of five categories represented by the abbreviation FCAPS:
Fault—. Finding and correcting network problems.
Configuration—. Monitoring and controlling network devices and configuration.
Accounting—. Ensuring devices are distributed appropriately and providing an ability to account (and bill) for usage.
Performance—. Measuring the throughput in the network and looking for potential bottlenecks. This area is especially important when determining capacity for applications and users.
Security—. Protecting the network from inadvertent mistakes and intentional sabotage.
The elements that make up an effective network-management strategy include documentation, network-management protocols, and troubleshooting tools.
A relatively simple yet often overlooked process of network management is documenting how all of the network devices connect to each other. Network documentation becomes indispensable during network problems.
Documentation takes all forms:
Logical network diagrams show how all of the devices are connected.
Cabling charts document where cable runs in a building. These charts are vital when you want to figure out where the other end of a cable terminates. (Is it an office or another floor?)
A database correlates IP addresses and other network information with individual users and locations.
Where more than a couple of people are responsible for a network, you need change-control documentation. Change control is the process of documenting any changes to the network before you make them so a group can review the changes and ensure that one set of changes doesn’t overwrite another.
You can reference logs from network devices when you want to determine the source of a problem. Cisco devices send console messages and Simple Network Management Protocol (SNMP) traps (to be discussed shortly) to a remote server for this purpose. By studying the log of messages, a network administrator might be able to determine the source of a problem.
Many tools and protocols help you effectively manage network devices. These tools and protocols assist with the configuration, backup, monitoring, and measurement of network devices. Network-management software makes efficient use of public domain protocols to discover and manage networks.
The first protocol is simply the Transmission Control Protocol/Internet Protocol (TCP/IP) ping tool. Network management-software, in its simplest form, uses ping as a heartbeat monitor. Ping sends a single request to a device, and the device is expected to send back a single response when it receives the request. Thus, if your system does not receive a response for a period of time (remember, packets might drop in the network occasionally, so ping needs to retry three or more times), you can assume the device is unreachable for some reason.
An unreachable device indicates that somewhere between the network-management workstation and the destination device, packets weren’t able to pass. Commercial network-management software indicates this fault by coloring a graphical representation of a device red on a map of the network. (Green indicates that everything is okay.)
Whereas ping provides a heartbeat, SNMP lets you get and set information between a network-management station and a managed device such as a router or switch.
SNMP is a simple protocol that is similar to a database-retrieval program. The managed device maintains a database of information such as the health of its components (CPU, network interface, buffers, etc.) and throughput (how many packets are passing through an interface).
Using SNMP, a network administrator can send a new configuration file to a device, upgrade its software, check the status of its health, and measure how many packets are flowing through the device. You can store virtually anything about the device in the database in such a way that a network-management workstation can learn or configure any aspect of the network device.
SNMP also provides traps. Rather than a command-and-response like other SNMP commands, traps are unsolicited responses. Managed devices, such as a router, send a trap when something needs attention. For example, if an interface goes down, a router sends a trap, notifying the network-management workstation. The workstation then indicates there is a fault on the device.
Depending on the vendor, you might use other protocols to manage a device.
The final component of network management is troubleshooting tools. These tools help the network administrator isolate and correct a network problem when it occurs.
These tools include cable testers, packet analyzers, and regular computers used to query information on location.
Cable testers and other physical-level devices let you determine whether a cable has a physical problem. For example, a cable might be too long and out of spec. Or something nearby might be causing interference and disrupting the flow of traffic.
Packet analyzers let a network administrator monitor traffic on a part of the network. The analyzer not only captures the traffic, but also decodes the contents of each packet into human-readable form. These tools are indispensable when you want to determine the source of a problem or the behavior of an application.
Because packet analyzers capture all traffic, a hacker can use the tool to not only observe data as it flows through the network, but also introduce lethal and disruptive traffic into the network.
The final tool is a regular laptop computer. A network administrator can install network-management, packet-analyzer, and database software and carry all the software tools he needs to troubleshoot and correct a problem on location.
At-A-Glance—Network Management
If you use a computer attached to a network at work, school, or elsewhere, chances are that the network manager knows about you and the types of programs you use. You are being watched!
Although user supervision is one management task (and the part most users tend to worry about), network management has more to it than that.
As networks get more complex and more intelligent, you must put tools in place to manage the network and ensure that it is operating efficiently and effectively.
</division><division> <title>What Are the Problems to Solve?</title>An ideal network-management system is everywhere all the time. With increased network intelligence and smart end devices, every point in the network can be part of an overall management-reporting system. Active network management can be difficult.
To manage a network, you usually perform tasks from one of five categories known as FCAPS (fault, configuration, accounting, performance, security).
Each category has its own methods, strategies, and protocols:
Fault detection and correction—. A good network-management scheme quickly finds and isolates problems.
Configuration—. As the network grows, manual configuration of devices becomes prohibitively difficult. Configuration also includes monitoring functions.
Accounting—. You track usage, distribution, and billing. In many cases, you use billing to justify departmental budgets.
Performance—. You measure performance to ensure the network is operating efficiently. If you find any bottlenecks, you can open alternate paths.
Security—. You take measures to protect the network. Although most people assume that hackers are the biggest threat, many attacks come from inside the network.
