Graduate School of Information Science Nara Institute of ... · Graduate School of Information...

Information Network1 -13- 1

Network Management

Suguru YAMAGUCHI

Graduate School of Information Science

Nara Institute of Science and Technology


Overview

Preserving action of the infrastructure

Needs factors other than technical factor

– Legal compliance

– Management

More and more frameworks are built

– practical use of frameworks in real enterprise environment is

needed

– SNMP, ISMS, ISO27001, SOX….

– composite of technology and management


Discussion about The Extensive “Network

Management”


Requirements for Network Management

Stable provision of service

– construction of systems that stay up as long as possible

– provide the necessary service, for the user who needs it,

whenever he needs it

– when trouble occurs, we must recover the system as soon

as possible

– ensure trouble hypotheses and business continuity

We can learn from trouble

– understand and record the status of a system

– periodical audit

– Sharing lessons learned and knowledge

– search for high reliability, effectiveness and rationality


Clarification of The Method and Target

What kind of things we have to protect?

– Information asset

– Information processing

– Information system

– Network system

How to protect?

– Multiplexing

– Robustness

– Application of blocking policy


Network Management Platform

OS core

Middlewares

Application

Netw

ork

Mgm

t Core

Local mgmt. Policy

My mgmt. Policyclassic structure….


Network Management is a Science

Business IT platform

Information

gathering

Draft

countermeasure

implementation

Analysis・Verification

Problem

extraction

•Improving system continuously, rationally

•Acknowledge, Hypothesize, Verify

•Understanding the change of a system caused by

countermeasures

•Designing changes caused by the existence of risks


3 Entities

Technology

Management

Compliance

Technology Compliance

Management

Solution development

(Management decision)


New Challenges on Network

Management

SNMP: configuration

and status observation

remotely via network

(1990’s -)

Semantics mgmt.

For complex and multi-

vendor infrastructure. Esp.

“netconf”

Policy mgmt.

Consistency and integrity

management. Human readable to

computable expression.


Logical Structure

Policy

Management

Semantic

expression

processing

Knowledge and

Environment

Computable

Expression

Security

Finance

Accounting

Asset management/allocation

System and network operation

XML Expression


Steps Toward Building New Systems

Secure Business GRID

P2P friendly network

Connection management for networks featuring

quarantine functionality

Tunneling auto-configuration

Physical/Cyber convergence

Tangible Networking

….

Appearance of new technologies

– Technology convergence


Technical Side of Network Management


Fundamental Components Configuration management

– Is construction at the time of the design implemented?

– Network management of entities and routing, service management of applications

Performance management

– Is the performance set at the time of design provided?

– Performance measurement, monitoring, countermeasure development

Troubleshooting

– Trouble prevention, response and relapse prevention

Accounting– User management and accounting

Security management

– Security measures

– Risk management


Configuration Management

Routing

– Most important element in network management

• Configuration and operation are difficult in the case different

routes were set for each application (Application oriented

routing, TOS (type of service) routing)

– dynamic routing management is being generalized but

reaching plug-and-play level is difficult

• IPv4/IPv6, unicast/multicast, ….

Terminal connection/disconnection and configuration

– Most important element: mobile nodes, typically laptops

• DHCP, access control, quarantine, ….

– Quite difficult in wireless network environment


Performance Management

Performance objectives set at network design time– user-centric settings

• maximum number of concurrent users, average time of data acquisition etc.

How to measure? How to improve?– engineering problems

• sometimes, we need to change the network composition

• needs continuous and stable management

– needs analysis

• characteristics are not given by just acquiring the value

• in many cases, the analysis method is not fixed

– judgment of investment time

• when do we improve the system?

• to which scale order do we implement?


What can you see?

What can you say

from these data?


Actually, The Extensive “Security

Management”

The 3 remaining management areas are known as

“security management” in a broad sense

– Trouble management

– Accounting management

– Security management

General action is need in a wider area

– Risk management

– Crisis management

– Information asset management

– User management

– Reliability management


Internet and Reliability

source : alaxala network

The internet runs in best effort

Best effort

– make efforts in order to obtain maximum results

– in the network, even when requests sent from users to a system

surpasses the network capacity, the network does not deal

expressly with the issue

– in the case the provider line adopts a best-effort quality, it often

means that network capacity exceeding traffic is thrown away

• there is no quality of service for each individual channel



The internet needs high reliability

– Quality

– Robustness

– Fault tolerance

– Confidentiality

• Sniffer-proof

– MTTR (Mean Time To Repair )



Outline of security and reliability standards in the ICT

(Information Communication Technology) network

– goals of countermeasures on ICT network: stability,

connectivity, security

– reinforces the ICT network resilience to internal

vulnerabilities

– stable maintenance of the ICT network

– standards of security and reliability

• adjustment and consideration about countermeasures

• requirements for hardware and software

• system maintenance and operation

source : Telecommunications Bureau of the Ministry of Internal

Affairs and Communications, Telecommunication Systems

Division


How to measure?

Quality

Trends

Reliability/Availability

Information gathering

platform

Analysis and verification

Knowledge accumulation

Digitalization of experience

….

Information

gathering

Draft

Countermeasure

implementation

Analysis・Verification

Issues

extraction


SNMP: Simple Network Management Protocol


Management Structure Model

Data plane

Management plane

Agentperforms management

operations and status

monitoring of managed

machines based on

indications from the NMS

NMS (Network Management Station)operates management operation by instructions from NMS

Network Management Protocol

（individual access）

User traffic


Implementation Example（１）

config. information

statistical information

Routing engine

gathering from

packet

processing HW

UI prg. for console

Net. Management agent NMSSNMP

SNMP (Simple Network Management Protocol)

– the agent is implemented in many network equipments


Implementation Example（２）

Where does SNMP communicate?

– In-band

• uses networks where usual traffic flows

• data plane and management plane are the same

– Out-band

• prepares a dedicated management network

• completely separates data plane and management plane

• we can construct a more reliable environment

• cost is high

– Recently, networks are mostly constructed out-band

• we want to make human cost lower than network cost

• remote management is common knowledge


Implementation Example（３）

MIB (Management Information Base)

– database that expresses statistics and configuration

information

– system configuration is expressed using values

• e.g power： 1=ON, 0=OFF

– System status changes by value-altering operations

• e.g power： 1→0, power off

– MIB links to a state

• system status can be known by viewing status values

• system status can be changed by configuring status values


Implementation Example（４）

NMS AGENT

NMS software

SNMP agent

GET mib

statistical information and configuration information values

SET mib=val

setting configuration information

TRAP type


Management Operation using SNMP

Configuration management of each equipment from

NMS

– utilization of application provided by each equipment vendor

– construction of single interface that absorbed difference of

systems

• System management environment that uses the “netconf”

standard has entered our field of vision

Acquisition of operation status and performance

information about equipments

– Actually, SNMP has been mainly used recently

– Flow information at L3 switch etc.

– Packet analyzer that used Rmon (Remote monitoring) MIB

Transition from SNMP to netconf

Transition has started from the primitive SNMP to

netconf that allows for more abstraction and a unified

management description

– Some compliant products appeared around 2008

– Each vendor is currently working on it

– Problem : How to (semi-)automate conversion from highly

abstract description to real procedure.

• This part is a domain that has required much of the human

reflection

• We need to proceed from the previous implicit knowledge to

formal knowledge.



Rational Emergency Response


PDCA Cycle： Ensure rationality

design of the information

management system,

based on the risk

homogeneity, consistency

reasonability, effectiveness

countermeasure verification

audit and investigation

problem discovery

countermeasure

implementation

system operation and

management

remove issues

maintenance operationextraction of new issues

Plan

Do

Check

Act

need a more flexible “Plan” based on information security

characteristics

→ can not predict the time when a new will occur


Requires Rational Judgement

goals and

objectives

awareness

of the

situation

choice of suitable action

（manager）

resource＋situation

mission

commitment



（manager）

Crisisnormal

condition

response recover

normal

condition

“Which action is appropriate

to each situation?”

plan

doact

check

plan

doact

check



At a critical moment:

We can only perform usual operations

We can’t satisfactorily perform usual operations

We definitely can’t perform unusual operations

（manager）


Usual execution

Risk assessment

Implementation of the

normal business

process

Strategic PlanEducation and training

Assessment

Strategy

Process

Training


Choice of The Countermeasure

loss

ou

tbre

ak fre

qu

en

cy avoidancereduction

acceptance transference

hig

hlo

w

largesmall


Conclusion

Network management does not have the correct

answer

– always challenging

– always report, communication and consultation

– this area needs originality and ingenuity

– technology, compliance and management

Network Management Technology

– spread of SNMP

– provides a lot of tools

– how far do we integrate effectively?

– transition from SNMP to netconf

Graduate School of Information Science Nara Institute of ... · Graduate School of Information...

Documents

Transcript of Graduate School of Information Science Nara Institute of ... · Graduate School of Information...