NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.
-
Upload
carlie-brandon -
Category
Documents
-
view
216 -
download
1
Transcript of NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.
![Page 1: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/1.jpg)
NETWORK MANAGEMENTCOD 06103
With RICHARD RAJABU
MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY
![Page 2: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/2.jpg)
WELLCOME BACK
• Any idea of what we are going to learn?• What do you expect to gain from this course?• What do you expect from me?
![Page 3: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/3.jpg)
Our course outline
1. Overview of the issues of network management2. Use of passwords and access control
mechanisms3. Domain names and name services4. Issues for Internet service providers5. security issues and firewalls6. Quality of service issues: Performance,failure
recovery
![Page 4: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/4.jpg)
Our goals
• Explain the issues for network management arising from a range of security threats, including viruses, worms, Trojan horses, and denial-of-service attacks
• Developing a strategy for ensuring appropriate levels of security in a system designed for a particular purpose.
• Implementation of a network firewall
![Page 5: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/5.jpg)
MANAGEMENT
• Refers to the ability to ConfigureControlOperateDiagnose equipment
![Page 6: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/6.jpg)
Check it out
• Find out about the MIST networkIs it a LAN/WAN or MANWho designed it?How it’s accessing the InternetHow files and other resources are sharedHow is it securedWhat equipments it usesHow faults are identifiedHow is it repaired
![Page 7: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/7.jpg)
NETWORK MANAGEMENT
• The FCAPSFault managementConfiguration managementAccounting managementPerformance managementSecurity management
![Page 8: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/8.jpg)
configuration management
• A configuration can beA description of a distributed system based on
the physical and geographical location of resources including how these resources are actually interconnected and information about their logical relationship
![Page 9: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/9.jpg)
The process of configuration as an activity or as a manipulation of the structure of distributed systems, therefore,
setting and changing the parameters that control the normal operation of a system and establishing the system environment required for this normal operation.
![Page 10: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/10.jpg)
• The result of a configuration process, therefore, the generated system in the sense of a set of certain parameter values that are characteristic for the normal operation of a resource.
![Page 11: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/11.jpg)
Distributed system?
• A distributed system consists of a collection of autonomous computers, connected through a network and
distribution middleware, which enables computers to coordinate their activities and to share the resources of the system, so that users perceive the system as a single, integrated computing facility
![Page 12: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/12.jpg)
Generally
• Configuration is an adaptation of systems to operating environments and it includes
• installing new software • expanding old software • attaching devices• making changes to network topology or to traffic load
![Page 13: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/13.jpg)
• Although configuration also encompasses aspects of physical installation, it is usually carried out through a software-controlled generation and setting of parameters
• Function selection parameters; • authorization parameters;• protocol parameters (message lengths, windows, timers, priorities);• attachment parameters (type and class of device, procedure, bit rate, parity); • entries in routing tables, • name servers, • directories,• as well as filter parameters for bridges (addresses, types of protocols,
integration);• spanning tree parameters for a bridge (priority of bridge or port); • parameters for the connecting paths of routers (interfaces, speed, flow-
control procedures), maximum file size, computing times, and services allowed
![Page 14: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/14.jpg)
Evaluation criteria for configuration tools
• Location configuration: A configuration can take place on
• a component for the component itself, • on each component for any other component, • at a selected station for a specific component (element
management system), or • at a selected station (network management system) for
all components.
![Page 15: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/15.jpg)
• Storage of configuration: NVRAM or the Hard disk, EPROMs, boot server
• Validity of configuration: static configuration interruption to ops, dynamic configuration ops not interrupted – Thus, the events that signal the validity of new
operating parameters can be – the reloading of a component, – the restart of a component, or – the restart of one of the affected component ports
![Page 16: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/16.jpg)
• User interface of the configurator: The quality of a user interface depends on, on one hand, to what extent individual parameters can quickly be changed and, on the other hand, to what extent the network administrator can be relieved of dealing with the individual parameters of a large number of devices.
![Page 17: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/17.jpg)
Tools for config management
• Configuration management therefore encompasses – setting parameters, – defining threshold values, – setting filters, – allocating names to managed objects (loading
configuration data, if necessary), – providing documentation of configuration changes,
and – actively changing configurations.
![Page 18: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/18.jpg)
Thus the tools are• Auto-topology and auto-discovery, thus the ability to
extrapolate a description of a configuration from the concrete actual system environment
• Systems for documenting descriptions of configurations, master databases.
• Tools for generating network maps for the visualization of configuration data.
• Tools for activating backup systems to detach missing components and so forth.
• Tools for setting and invoking configuration parameters and system status.
• Tools for software distribution and licensing control.• Tools for supervising and controlling authorization.
![Page 19: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/19.jpg)
Fault management
• A fault can be defined as a deviation from the set operating goals, system functions, or services.
• Faults are target/performance deviations in the behavior of resources.
• Fault management comprises reactive and proactive measures.
• Fault management deals with the detection, isolation, and elimination of abnormal system behavior.
![Page 20: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/20.jpg)
• Fault management in computer networks and distributed systems is more difficult for a variety of reasons– the large number of components involved,– the wide physical distribution of the resources,– the heterogeneity of the hardware and software
components, and – the different domains components fall under (e.g.,
personnel of different organizational units).
![Page 21: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/21.jpg)
• Messages about faults are usually conveyed by the components themselves or by the users of the system
• Some of the sources of faults are– Data transmission paths (e.g., transceiver cable, twisted-
pair cable, optical fiber, leased lines, virtual channels), – network components (e.g., transceivers, repeaters,
bridges, star couplers, server computers, data terminals), – end systems, – software for components,– inadequate interface descriptions (indirectly), – or even incorrect operation
![Page 22: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/22.jpg)
Fault management tasks
• The function of fault management is to detect and correct faults quickly to ensure that a high level of availability of a distributed system and the services it provides is maintained.
![Page 23: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/23.jpg)
• The tasks include• Monitoring network and system state.• Responding and reacting to alarms.• Diagnosing fault causes (i.e. fault isolation and
root-cause analysis).• Establishing error propagation.• Introducing and checking error recovery
measures (i.e. testing and verification).• Operating trouble ticket systems.• Providing assistance to users (user help desk).
![Page 24: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/24.jpg)
Aids for fault analysis• Self-identification of system components.• Separate testability of components.• Trace facility (i.e. keeping records of switched message
traffic or labeling messages for the purpose of traceability or special compatibility reports).
• Error logs.• Message echoes at all protocol layers (i.e. at transmission
links and on an end-to-end basis), such as “heartbeat” or “keep alive” messages that detect failure.
• Retrieval possibilities for memory dumps.• Measures for purposely generating errors in defined
system environments.
![Page 25: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/25.jpg)
• Start possibilities (which can also be initiated and monitored centrally) for self test routines and the transmission of test texts to specific ports (loop test, remote test, problem file) as well as reachability tests such as ICMP packets for ping and trace route analysis of network reachability.
• Setting options for threshold values.• Triggering of planned resets and restarts (directed to
specific ports, port groups, and components).
![Page 26: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/26.jpg)
• Availability of special test systems (e.g. oscilloscopes, time-domain reflectometers, interface checkers, protocol analyzers, hardware monitors for line supervision).
• Support of filter mechanisms for fault messages or alarms and event correlation for reducing the number of relevant events and for root-cause analysis.
• Interfaces of fault management tools to trouble ticket systems and help desks (e.g. for automated propagation of fault notifications and corrections).
![Page 27: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/27.jpg)
Performance management
• Its objectives want the system to perform well• The first problem that has to be resolved by
performance management is the definition of quality of service (QoS)
• The starting point for performance management is the guarantee of quality of service
![Page 28: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/28.jpg)
QoS
• Is the ability to provide different priority to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow.
• Its importance increases as more customer–provider relationships are involved in the implementation of corporate networks or distributed systems.
![Page 29: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/29.jpg)
• Performance management therefore encompasses all the measures required for ensuring that the quality of service conforms to the service level agreement.
![Page 30: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/30.jpg)
• Establishing QoS parameters and metrics.• Monitoring all resources for performance
bottlenecks and threshold crossings.• Carrying out measurements and trend
analysis to predict failure before it occurs.• Evaluating history logs (i.e., records on
system activity, error files).
![Page 31: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/31.jpg)
• Processing measurement data and compiling performance reports.
• Carrying out performance and capacity planning. This entails
• providing analytical or simulative prediction models that are used to check the results of new applications
• tuning measures• configuration changes
![Page 32: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/32.jpg)
• Monitors • protocol analyzers • statistics packets • report generators • and modeling tools are some of the typical
tool functionalities in this area.
![Page 33: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/33.jpg)
Accounting management
• User administration• name and address administration
• including the related directory services, • authorization granting the right to use resources • the accounting services
![Page 34: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/34.jpg)
• Accounting management includes • compiling usage data (resource usage or
service usage accounting based on monitoring and metering)
• defining accountable units• keeping settlement accounts and accounting
logs • allocating costs to these accounts
![Page 35: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/35.jpg)
• assigning and monitoring quotas• maintaining statistics on usage• and lastly, defining accounting policies and
tariffs, which leads to billing and charging.
![Page 36: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/36.jpg)
Security management
• Management of security in a distributed system
• It requires threat analysis• Which resources are worth protecting?• Typical threats are created by
![Page 37: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/37.jpg)
• Passive attacks: eavesdropping on information; producing a user profile or an undesirable traffic flow analysis or theft of information (passwords, etc.).
![Page 38: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/38.jpg)
• Active attacks: • masquerades (i.e., users pretending to be someone else, or
spoofing); • manipulating message sequences by changing the sequence, • inadmissible repeating, • giving priority to or delaying messages;• modifying messages;• manipulating resources through overloading,• reconfiguration, • Reprogramming
• unauthorized access, viruses, Trojan horses, denial-of-service attacks.
![Page 39: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/39.jpg)
• Malfunctioning of resources.• Faulty or inappropriate behavior and incorrect
response operation
![Page 40: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/40.jpg)
Tasks
• Conducting threat analyses.• Defining and enforcing security policies.• Checking identity (authentication based on
signatures, notarization, or certification)• Carrying out and enforcing access controls.
![Page 41: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/41.jpg)
• Guaranteeing confidentiality (encryption).• Ensuring data integrity (message
authentication).• Monitoring systems to prevent threats to
security.• Reporting on security status and violations or
attempted violations
![Page 42: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/42.jpg)
IP NETWORK MANAGEMENT
![Page 43: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/43.jpg)
CONTENTS
What is an IP networkBenefits of network managementTechniques for the collection of operational
statistics and the motivation to do soCompare benefits of proprietary configuration
methods with standardized approachesIntroduction to some of the standardized
management models
![Page 44: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/44.jpg)
IP network?
![Page 45: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/45.jpg)
Benefits of network management
![Page 46: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/46.jpg)
Ability to provision new services
![Page 47: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/47.jpg)
Choosing a configuration method
There are many ways to configure devices, from automatic configuration protocols such as BOOTP and DHCP, through command line interface and configuration files, to graphical user interfaces.
![Page 48: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/48.jpg)
Command line interface
The easiest management tool for a manufacturer of network equipment to write
sometimes known as a craft interface (CI).
The commands have specific syntaxes and are very specific to the hardware being managed.
The CLI requires that the operator be present at a terminal directly attached to the device being managed.
telnet can ease things
![Page 49: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/49.jpg)
Command-based configuration files have the advantages that
They can be inspected and understood by an operator,
They can be edited so that new configuration is automatically picked up on reboot, and
They are more easily proofed against software version upgrades.
![Page 50: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/50.jpg)
And also
It is easily able to give a very fine level of control over a device and allows a user to examine every last detail of the device’s operation
Debug commands are rarely available in any other form.
![Page 51: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/51.jpg)
Graphical User Interfaces
Graphical user interfaces (GUIs) are a more user-friendly configuration tool
The biggest benefit to a GUI is the way in which data retrieved from devices can be displayed.
The GUI can provide graphical representations of information, tracking data against time or mapping resources in physical space.
Remote GUI access can be achieved in a variety of ways, including through the X/Open remote console protocols
![Page 52: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/52.jpg)
The GUI can be implemented “over the top of” the CLI so that all commands issued at the GUI are mapped to CLI commands that are sent to the managed device using telnet.
How d’ you store it?
![Page 53: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/53.jpg)
It is worth noting that despite the user-friendly aspects of a GUI,
• An experienced network operator or field engineer will often prefer to use the CLI. – The CLI gives access to a finer level of control and a
greater amount of information than the GUI, even if that information is not always formatted in the most readable way.
– Further, many engineers claim that they can operate with the CLI much faster than they can handle a GUI.
![Page 54: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/54.jpg)
Standardized Data Representations and Access
Network managers dream of having a single application that they can use to manage their entire network.
One approach to building the global network management tool is to incorporate modules designed to talk to each of the individual components and map these to a common display and control component.
The Writer has to pay the price
![Page 55: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/55.jpg)
One easier way to produce a global management tool is
to make the individual vendors responsible for the modules that manage all of their devices
and to make those modules distinct (usually running on separate computers) with a northbound interface to the global application.
![Page 56: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/56.jpg)
![Page 57: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/57.jpg)
Use of an OSS (operation support systems) allows the operator to utilize sophisticated provisioning and accounting services, and the OSS uses a scripting language such as TL1(Transaction language 1) to pass CLI-like commands on to the NMS.
The NMS is the global management application that communicates to many element management systems (EMSs), each of which is responsible for managing a collection of devices of the same type.
![Page 58: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/58.jpg)
Example of OSSs
TIRKS (Trunks Integrated Record Keeping System) by telcordia technologies
![Page 59: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/59.jpg)
EMSs are supplied by vendorsAs shown in the figure, the operator may have
access to the EMSs where he or she uses proprietary CLIs and GUIs to control the devices.
There must be a channel for comm between NMS or OSS and EMS
popularly referred to as a northbound interface to the EMS
![Page 60: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/60.jpg)
comm between NMS or OSS and EMS
There are two requirements for this communication
(1)the messages must be understood universally (there must be a common communications protocol)
(2) the data must be comprehensible (there must be a common data format).
The popular standard for NMS to EMS communications is the Common Object Request Broker Architecture
![Page 61: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/61.jpg)
How do you choose?
Protocols and technique may dictateWhich protocols and techniques are supported
by the device?
the benefits of a consolidated management system dictate the use of a standardized technique.
» There are many advantages of using a standardized management protocol
» But, more detail and flexibility will often be present through proprietary configuration interfaces than are available through standards.
![Page 62: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/62.jpg)
Management information base
One problem in the management of networks is deciding how the statistics and configuration data should be represented.
Each device (switch, router, host, etc.) will have different configuration requirements and internal data structures according to its implementation.
Each network management tool will have different commands and management screens displaying and requiring subtly different pieces of information.
![Page 63: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/63.jpg)
nevertheless
Any two devices that perform the same function in the network (e.g., two OSPF routers) require substantially the same configuration to enable them to operate their IP-based protocols.
![Page 64: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/64.jpg)
For each protocol that it develops, the IETF (Internet Engineering Task Force) produces a standard set of operational configuration and statistics information necessary for successful configuration and management of a device that runs the protocol.
The MIB is an ordered, structured view of all of the information in all networks, all at the same time.• A virtual database used for managing the entities in a
communication networkThe secret to meeting this aim lies in the way that data values
(or objects) are given unique object identifiers (OIDs) in a hierarchical and somewhat long-winded way.
![Page 65: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/65.jpg)
SNMP
Simple Network Management ProtocolProvide a mechanism for the management stations
to create, write, read and delete management data (MIB objects)
After management stations and managed devices have a common view of management data.
Application level protocol that can use any transport mechanism.
Most often used with UDP using port 161TCP is occasionally chosen when a management
application does not handle lost messages.
![Page 66: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/66.jpg)
How it operates
SNMP is a client-server protocol.Management agents connect to the managed
devices and issue requests. Managed devices return responses.Basic requests are GET and SET to read and
write to an individual MIB object identified by its OID
![Page 67: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/67.jpg)
![Page 68: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/68.jpg)
Manager: one or more administrative computersHave the task of monitoring or managing a group of
hosts or devices on a computer network.
Each managed system executes, at all times, a software component called an agent which reports information via SNMP to the manager.
![Page 69: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/69.jpg)
An SNMP-managed network consists of three key components:Managed deviceAgent — software which runs on managed devicesNetwork management system (NMS) — software
which runs on the manager
![Page 70: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/70.jpg)
An agent is a network-management software module that resides on a managed device.
An agent has local knowledge of management information and translates that information to or from an SNMP specific form.
A network management system (NMS) executes applications that monitor and control managed devices.
![Page 71: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/71.jpg)
SNMP allows multiple objects within a single MIB row to be read or written in a single request.
– a single GET or SET command can operate on multiple objects within a single row.
– GET-BULK command allows a management station to read multiple rows from a table
Row creation and deletion are also handledSNMP message called a TRAP (sometimes known as
a notification) maybe issued by the managed device to report a specific event (e.g., the crossing of a threshold).
![Page 72: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/72.jpg)
Versions and security
MIB data are encoded for transmission using the Basic Encoding Rules (BER) from the ASN.1 specification in the international standard ISO 8825.
BER is also used for encoding SNMP messages, with the added advantage that the messages can be specified using the ASN.1 text notation.
![Page 73: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/73.jpg)
SNMP messages are built from an SNMP header and an SNMP protocol data unit (PDU).
The header is quite short and contains a protocol version number.
The PDU contains the request and any data.
SNMPv1:too simple in many respects
SNMPv2:Started as an experimental protocolLike v1, has considerable security concernsi.e no control to who can perform SNMP operations
![Page 74: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/74.jpg)
SNMPv3:includes application-level cryptographic
authentication to enable individual users to be authenticated.
SNMPv3 differs from SNMPv2 in the message header only
![Page 75: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/75.jpg)
Choosing the version depends on the deviceMany older devices support SNMPv1 or
SNMPv2
![Page 76: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/76.jpg)
EXTENSIBLE MARKUP LANGUAGEXML
Subset of the Standard Generalized Markup Language (SGML) specified in ISO 8879.
XML documents look similar to HTML butXML document specifications include strict
definitions of the data type in each field of an object.
Hence suitable for databases
XML provides encoding rules for commands that are used to transfer and update data objects
![Page 77: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/77.jpg)
The collection of tags in an XML document is referred to as the markup data
give instructions on the interpretation of individual data elements
define how the elements are associateddescribe the purpose of the entire document
and its applicability.
![Page 78: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/78.jpg)
Didn’t tell you this
XML is neither a communications protocol, nor tied to use within the Internet, but its applicability and increasing popularity as a configuration and management tool for Internet devices makes it worthy of further examination.
![Page 79: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/79.jpg)
Extensibility and Domains of Applicability
XML elements can be defined as they are needed to fulfill the needs of specific document uses.
Network management is one of the domainssubdomains might be defined for the
management of a type of network element (e.g., a router)
![Page 80: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/80.jpg)
XML Remote Procedure Calls
XML is a data encoding technique that can be used to represent data and data requests that are transmitted between components on a single node or across a network.
![Page 81: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/81.jpg)
It does not define what data should be transferred.
nor does it define how the XML documents should be exchanged.
![Page 82: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/82.jpg)
XML documents may be transferred using any data or file transfer process
FTPHTTP
SOAP: lightweight protocol for exchange of XML documents over an underlying transport protocol.
![Page 83: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/83.jpg)
XML Applicability to Network Management
Easy development of Web-based management applications that can read and write network configuration information from and to remote devices.
Simple to use
![Page 84: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/84.jpg)
It’s encoding method introduce too much overhead
But this is overcome by compression algorithms
![Page 85: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/85.jpg)
CORBA (COMMON OBJECT REQUEST BROKER ARCHITECTURE)
Distributed management architectureTakes an object-oriented approach to
managementDeveloped by the Object Management Group
(OMG)
![Page 86: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/86.jpg)
Each managed object (e.g., a device, a line card, or a connection) is represented in CORBA by a CORBA object.
The object is defined by an object interfaceObject interface :
indicates the accessible fields within an object, the operations that can be performed on the
object, and the relationship between the object and
other objects.
![Page 87: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/87.jpg)
It’s a client server architectureClient = management agent that performs
operations on objects that are controlled by the server
Client and server are connected by ORB
![Page 88: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/88.jpg)
This architectureProtects the client from knowledge of the
location of the server for each objectAllows local and remote objects to be managed
in a uniform way.
![Page 89: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/89.jpg)
Choosing a config protocolNot a simple taskXML:Easy to extend, readable by human, easy for a
program to parse but has overhead.CORBA:Favorite of the larger service providers, popular
with object oriented programmersSNMP:Well established
![Page 90: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/90.jpg)
Choosing to collect stats
Stats provide a constant monitoring of the status of links and nodes.
SNMP: Provides notifications on key eventsgives access to counters that provide basic statistical
information about the traffic flows through a specific interface or device,
![Page 91: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/91.jpg)
Collecting stats creates additional trafficShould be done in a very structured wayAnd SNMP is request-response based
![Page 92: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/92.jpg)
solution
Create multiple collection points and the central collection point.
![Page 93: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/93.jpg)
Solution
Stats are forBillingFault detectionLong term planningService maintenance
So they can be filtered
![Page 94: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/94.jpg)
Thermometer Provide a clear definition of network
managementWhat is the relationship between fault and
quality of serviceWhat is the main purpose of SNMP, CORBA and
XMLDiscuss the use of XML in network managementDiscuss the four main uses of statistics in
network management
![Page 95: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/95.jpg)
NETWORK SECURITY MANAGEMENT
Pau Peter Computer Eng. Mbeya University of Science & Technology
![Page 96: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/96.jpg)
RISK ANALYSIS
![Page 97: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/97.jpg)
Before spending time and money on network security, you should examine your network’s security risks.
Consider the effect that a loss or breach of data, programs, or access would have on your network
Network security risks differ from organization to organization
![Page 98: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/98.jpg)
Fundamental questions
What is at risk? What will I lose if it´s stolen, damaged or
eradicated(erased)?
![Page 99: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/99.jpg)
Security audit
Conducted to assess security risk Thorough examination of each aspect of the
network to determine how it might be compromised.
Performed at least annually Rate the severity of the potential effect Rate it´s likelihood
May hire a third party
![Page 100: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/100.jpg)
Security risks
Need to know how to recognize threats that your network could suffer.
A breach may result from a number of sources
More notably People Transmission and hardware Protocol and software Internet access
![Page 101: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/101.jpg)
Risks associated with people
By some estimates, human errors, ignorance, and omissions cause more than half of all security breaches sustained by networks
![Page 102: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/102.jpg)
Social engineering
An intruder asks a user for his/her password Might pose as a technical support analyst Phishing: a person attempts to collect access
or authentication information by posing as someone who needs that information
![Page 103: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/103.jpg)
Other risks Intruders or attackers using social engineering or
snooping to obtain user passwords An administrator incorrectly creating or configuring
user IDs, groups, and their associated rights on a file server, resulting in file and logon access vulnerabilities
Network administrators overlooking security flaws in topology or hardware configuration
Network administrators overlooking security flaws in the operating system or application configuration
![Page 104: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/104.jpg)
Lack of proper documentation and communication of security policies, leading to deliberate or inadvertent misuse of files or network access
Dishonest or disgruntled employees abusing their file and access rights
An unused computer or terminal being left logged on to the network, thereby providing an entry point for an intruder
![Page 105: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/105.jpg)
Users or administrators choosing easy-to-guess passwords
Authorized staff leaving computer room doors open or unlocked, allowing unauthorized individuals to enter
![Page 106: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/106.jpg)
Staff discarding disks or backup tapes in public waste containers
Administrators neglecting to remove access and file rights for employees who have left the organization
Users writing their passwords on paper, then placing the paper in an easily accessible place (for example, taping it to their monitor or keyboard)
![Page 107: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/107.jpg)
Risks associated with transmission hardware
Risks inherent in the Physical, Data Link, and Network layers of the OSI model.
At these levels, security breaches require more technical sophistication than those that take advantage of human errors. To eavesdrop on transmissions passing through a
switch, an intruder must use a device such as a protocol analyzer, connected to one of the switch’s ports.
![Page 108: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/108.jpg)
Transmissions can be intercepted Man-in-the-middle attack: a person redirects
or captures secure transmissions as they occur.
![Page 109: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/109.jpg)
A hacker gains control of an access point at a café that offers free Wi-Fi Internet access.
She could intercept transmissions between café visitors and the access point, and, for instance, learn users’ passwords or even supply users with a phony(fake) Web site that looks valid but presents click-able options capable of harming their systems.
![Page 110: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/110.jpg)
Risks Associated with Internet Access
Although the Internet has brought computer crime, such as hacking, to the public’s attention,network security is more often compromised “from the inside” than from external sources.
![Page 111: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/111.jpg)
Even the most popular Web browsers sometimes contain bugs that permit scripts to access their systems while they’re connected to the Internet, potentially for the purpose of causing damage
http://www.positioniseverything.net/explorer/ienondisappearcontentbugPIE/index.htm
![Page 112: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/112.jpg)
By keeping software current, staying abreast of emerging security threats, and designing your Internet access wisely, users can prevent most of these threats.
![Page 113: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/113.jpg)
Common Internet-related security issues include the following:
A firewall may not provide adequate protection if it is configured improperly.
it may allow outsiders to obtain internal IP addresses
IP spoofing When a user Telnets or FTPs to your site over
the Internet, her user ID and password are transmitted in plain text—that is, unencrypted.
![Page 114: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/114.jpg)
Hackers may obtain information about your user ID from newsgroups, mailing lists,or forms you have filled out on the Web.
![Page 115: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/115.jpg)
While users remain logged on to Internet chat sessions, they may be vulnerable to other Internet users who might send commands to their machines that cause the screen to fill with garbage characters and require them to terminate their chat sessions. This type of attack is called flashing.
![Page 116: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/116.jpg)
After gaining access to your system through the Internet, a hacker may launch denial-of-service attacks.
DoS attack: Is an attempt to make a computer or network
resource unavailable to its intended users.• A hacker could create a looping program that sends
thousands of e-mail messages to your system per minute
Smurf attack:occurs when a hacker issues a flood of broadcast ping messages.
![Page 117: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/117.jpg)
Security policy
Minimize the risk of break-ins by communicating with and managing the users in your organization via a thoroughly planned security policy
![Page 118: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/118.jpg)
A security policy: identifies your security goals, risks, levels of authority, designated security coordinator and team members, responsibilities for each team member, and responsibilities for each employee.
A security policy comes after identifying the goals of security to your organization
![Page 119: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/119.jpg)
Typical goals
Ensure that authorized users have appropriate access to the resources they need.
Prevent unauthorized users from gaining access to the network, systems, programs, or data.
Protect sensitive data from unauthorized access, both from within and from outside the organization.
![Page 120: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/120.jpg)
Prevent accidental damage to hardware or software.
Prevent intentional damage to hardware or software.
Create an environment in which the network and systems can withstand and, if necessary, quickly respond to and recover from any type of threat.
![Page 121: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/121.jpg)
Communicate each employee’s responsibilities with respect to maintaining data integrity and system security.
![Page 122: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/122.jpg)
After defining the goals of your security policy, you can devise a strategy to attain them.
![Page 123: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/123.jpg)
You might form a committee composed of managers and interested parties from a variety of departments, in addition to your network administrators.
Remember that you need to gather as much support as you can.
![Page 124: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/124.jpg)
This committee can assign a security coordinator, who will then drive the creation of a security policy.
Do not let it sound as your thing
![Page 125: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/125.jpg)
A security policy must address an organization’s specific risks.
From a proper audit
![Page 126: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/126.jpg)
Security Policy Content
Subheadings for the policy outline might include the following:
Password policy; Software installation policy; Confidential and sensitive data policy; Network access policy; E-mail use policy; Internet use policy; Modem use policy; Remote access policy; Policies for connecting to remote locations, the Internet, and
customers’ and vendors’ networks; Policies for use of laptops and loaner machines; and Computer room access policy.
![Page 127: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/127.jpg)
The security policy should explain to users what they can and cannot do and how these measures protect the network’s security.
![Page 128: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/128.jpg)
A security policy should also define what confidential means to the organization
![Page 129: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/129.jpg)
NEXTPhysical security and firewalls
![Page 130: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/130.jpg)
NETWORK SECURITY2
![Page 131: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/131.jpg)
Physical security
An important element in network security is restricting physical access to its components.
Think of all the points at which your systems or data could be compromised switches in a wiring closet, an unattended workstation at someone’s desk, an equipment room or entrance facility where
your leased line to the Internet terminates, a storage room for archived data and backup tapes.
![Page 132: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/132.jpg)
Locks may be either physical or electronic. Electronic access badges. Bio-recognition access, Closed-circuit TV systems
![Page 133: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/133.jpg)
Security in Network Design
Breaches may still occur due to poor LAN or WAN design.
The optimal way to prevent external security breaches from affecting your LAN is not to connect your LAN to the outside world at all!!!!
![Page 134: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/134.jpg)
Router Access Lists A router’s main function is to examine packets
and determine where to direct them based on their Network layer addressing information
An ACL instructs the router to permit or deny traffic according to one or more of the following variables:
![Page 135: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/135.jpg)
Network layer protocol (for example, IP or ICMP) Transport layer protocol (for example, TCP or
UDP) Source IP address Source netmask Destination IP address Destination netmask TCP or UDP port number
![Page 136: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/136.jpg)
If a packet’s characteristics match a variable that’s flagged as “deny” in the ACL, the router drops the packet. Otherwise, it forwards the packet.
If a router contains several interfaces, each interface can be assigned a separate ACL.
![Page 137: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/137.jpg)
Router interface
![Page 138: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/138.jpg)
Intrusion Detection and Prevention
A network administrator might use techniques to monitor and flag any unauthorized attempt to access an organization’s secured network resources using an IDS (intrusion detection system)
An IDS exists as software running on a dedicated IDS device or on another device, such as a server or switch, that also performs other functions.
![Page 139: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/139.jpg)
Major vendors of networking hardware, such as Cisco, HP, Juniper Networks, and Lucent sell IDS devices.
Examples of popular open-source IDS software, which can run on virtually any network connected machine, include TripWire and Snort.
![Page 140: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/140.jpg)
IDS monitors traffic IDS software can be configured to detect
many types of suspicious traffic patterns, including those typical of denial-of-service or smurf attacks,
Its sensors are installed at the edges of the network
![Page 141: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/141.jpg)
It has drawbacks
Logging of false positives e.g multiple logon attempts of a legitimate
user To continue to guard against new threats, IDS
software must be updated and rules of detection re evaluated regularly.
![Page 142: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/142.jpg)
Together with IDS
An IPS (intrusion-prevention system) can react when alerted to suspicious activity logged by IDS.
If a hacker’s attempt to flood the network with traffic is detected, the IPS can detect the threat and prevent that traffic, based on its originating IP address, from flowing to the network.
![Page 143: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/143.jpg)
Many vendors sell devices that integrate both IDS and IPS functions.
As with an IDS, an IPS must be carefully configured to avoid an abundance of false alarms
![Page 144: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/144.jpg)
FIREWALLS
![Page 145: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/145.jpg)
A firewall is a specialized device, or a computer installed with specialized software, that selectively filters or blocks traffic between networks
typically involves a combination of hardware and software
may reside between two interconnected private networks OR between private network and public network (the Internet )
![Page 146: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/146.jpg)
Exist in two categoriesNetwork based: protects an entire networkHost based: protects a single host in which they
are installed
![Page 147: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/147.jpg)
A firewall
![Page 148: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/148.jpg)
Different forms of firewalls
Packet-filtering firewall:A router that examines the header of every packet of data it receives aka screening firewalls.Nearly all routers can be configured to act as packet-filtering firewall Can block traffic attempting to exit a LAN.
To stop worms from spreading.
![Page 149: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/149.jpg)
Some common criteria a packet-filtering firewall might use to accept or deny traffic include the following
![Page 150: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/150.jpg)
Source and destination IP addressesSource and destination ports (for example, ports
that supply TCP/UDP connections, FTP, Telnet, ARP, ICMP, and so on)
Flags set in the IP header (for example, SYN or ACK)
Transmissions that use the UDP or ICMP protocols
![Page 151: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/151.jpg)
A packet’s status as the first packet in a new data stream or a subsequent packet
A packet’s status as inbound to or outbound from your private network
![Page 152: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/152.jpg)
Different forms of firewalls(contd)
Content-filtering firewalls:•Can block designated types of traffic based on application data contained within packets.
![Page 153: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/153.jpg)
Stateful firewall:Monitor a data stream from end to end
i.e view it
Performs slowly Stateless firewall:Simply examine each packet individuallyPerforms fasterNot sophisticated
![Page 154: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/154.jpg)
A firewall can help in setting up a VPNA firewall has to be tailored according to needs
![Page 155: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/155.jpg)
Weakness
They cannot distinguish between a user who is trying to breach the firewall and a user who is authorized to do so.
operate at the Network layer of the OSI model
![Page 156: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/156.jpg)
Proxy Servers
PFF + PROXY SERVICE= ENHACED SECURITYTransport and network layers A proxy service is a software application on a
network host that acts as an intermediary between the external and internal networks, screening all incoming and outgoing traffic
![Page 157: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/157.jpg)
The network host that runs the proxy service is known as a proxy server.
Application layer gateway, an application gateway, or simply, a proxy
![Page 158: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/158.jpg)
Where does a proxy reside in a network?
![Page 159: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/159.jpg)
Questions ?
![Page 160: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/160.jpg)
NETWORK SECURITY
ENCRYPTION
![Page 161: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/161.jpg)
ENCRYPTION
The use of an algorithm to scramble data into a format that can be read only by reversing the algorithm—that is, by decrypting the data.
The purpose of encryption is to keep information private.
Exists in many formsThe last line of defense
![Page 162: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/162.jpg)
ASSURANCES OF ENCRYPTION
Data was not modified after the sender transmitted it and before the receiver picked it up.
Data can only be viewed by its intended recipient (or at its intended destination).
All of the data received at the intended destination was truly issued by the stated sender and not forged by an intruder
![Page 163: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/163.jpg)
AREAS OF APPLICATION
Encryption can protect: Data stored on a medium, such as a hard disk, or Data In transit over a communications channel.
![Page 164: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/164.jpg)
TYPES OF ENCRYPTION
Key Encryption:DATA + KEY = CIPHERTEXTKEY: Random sequence of characters weaved
into the original data bitsHello! + 0FD3E97A= ?The more the bits of the key the harder it is to
crackSusceptible to brute force attack
![Page 165: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/165.jpg)
Categories of key encryption:Public key encryption:Data is encrypted using two keys
one key known only to the user(private)One key is public associated to the user
aka asymmetric encryption
![Page 166: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/166.jpg)
Private key encryption:Data is encrypted using a single key that only
the sender and the receiver know. aka symmetric encryption
![Page 167: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/167.jpg)
PGP(Pretty Good Privacy)Public key encryption systemVerify the authenticity of an e-mail sender and
encrypt e-mail data in transmissionCan also be used to encrypt data on storage
devices
![Page 168: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/168.jpg)
SSL (Secure Sockets Layer)Is a method of encrypting TCP/IP transmissionsThe most recent versions of Web browsers, such
as Firefox and Internet Explorer, include SSL client support in their software.
HTTPS (which stands for HTTP over Secure Sockets Layer or HTTP Secure)HTTPTCP/IP PORT 80, HTTPSTCP/IP PORT 443
![Page 169: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/169.jpg)
SSH (Secure Shell)Secure telnetProvides security for establishing
connection(authenticating) and transmitting data
Guards against IP spoofing and DNS spoofing
![Page 170: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/170.jpg)
DNS spoofing A security attack in which an outsider forges name server records to falsify his host’s identity.
IP spoofing A security attack in which an outsider obtains internal IP addresses, then uses those addresses to pretend that he has authority to access a private network from the Internet.
![Page 171: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/171.jpg)
SCP (Secure CoPy) and SFTP (Secure File Transfer Protocol)
An extension to OpenSSHAllows you to copy files from one host to
another securely.SCP replaces insecure file copy protocols such as
FTP
![Page 172: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/172.jpg)
IPSec (Internet Protocol Security)Defines encryption, authentication, and key
management for TCP/IP transmissionsIt is an enhancement to IPv4 and is native to the
newer IPv6 standardEncrypts data by adding security information to
the header of all IP packets.Operates at the Network layer (Layer 3) of the
OSI model.
![Page 173: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/173.jpg)
In addition there are authentication protocols such as
RADIUS (Remote Authentication Dial-In User Service)
PAP (Password Authentication Protocol)CHAP (Challenge Handshake Authentication
Protocol)EAP (Extensible Authentication Protocol)802.1x (EAPoL)-EAP over LANKerberos
![Page 174: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/174.jpg)
A wireless network provide many other new challenges
Highly susceptible to eavesdropping
WEP (Wired Equivalent Privacy)Uses keys both to authenticate network clients
and to encrypt data in transit.
IEEE 802.11i and WPA (Wi-Fi Protected Access)WEP’s improvement
![Page 175: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/175.jpg)
HOME WORKAnalyze the differences and similarities between
viruses, worms and Trojan horses
![Page 176: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/176.jpg)
FAULT AND PERFORMANCE MANAGEMENT
![Page 177: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/177.jpg)
What is fault and performance managementIssues on fault managementIssues on performance management
![Page 178: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/178.jpg)
Performance management: monitoring how well links and devices are keeping up with the demands placed on them
Fault management: the detection and signaling of device, link, or component faults.
Can you figure out their connection?
![Page 179: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/179.jpg)
software
Tivoli NetView- from IBMCiscoWorksAll rely on a similar architecture
![Page 180: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/180.jpg)
At least one network management console (which may be a server or workstation, depending on the size of the network) collects data from multiple networked devices at regular intervals, in a process called polling.
![Page 181: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/181.jpg)
Each managed device runs a network management agent, a software routine that collects information about the device’s operation and provides it to the network management application running on the console.
![Page 182: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/182.jpg)
A managed device may contain several objects that can be managed, including components such as processor, memory, hard disk, NIC, or intangibles such as performance or utilization.For example, on a server, an agent can measure
how many users are connected to the server or what percentage of the processor’s resources are used at any time.
![Page 183: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/183.jpg)
Agents communicate information about managed devices via any one of several Application layer protocols.Most agents use SNMP
![Page 184: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/184.jpg)
After data is collected, the network management application can present an administrator with several ways to view and analyze the data.
In the form of a map
![Page 185: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/185.jpg)
Because of their flexibility, sophisticated network management applications are also challenging to configure and fine-tune
You have to be careful to collect only useful data and not an excessive amount of routine information.
Choose only significant moments to collect data
![Page 186: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/186.jpg)
MRTG (MultiRouter Traffic Grapher)A command-line utility that uses SNMP to poll
devices, collects data in a log file, then generates HTML-based views of the data.
Freely distributed softwareCan be used with UNIX, Linux, and Windows
operating systems and can collect and graph data from any type of device that uses SNMP.
![Page 187: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/187.jpg)
System and Event Logs
Virtually every condition recognized by an operating system can be recorded on your computer.
Records of such activity are kept in a log
In addition to predefined events, developers can customize logs by defining conditions under which new entries are created
![Page 188: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/188.jpg)
On Windows-based computers, including those running Windows Vista or Windows Server 2008, such a log is known as an event log and can be easily viewed with the GUI Event Viewer application.
![Page 189: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/189.jpg)
Similar information is routinely recorded by computers running Linux or UNIX in a system log.
Newer versions of Linux typically write their system logs to the file /var/log/messages, while older versions of UNIX often write to a system log in the file /var/logs/syslog
![Page 190: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/190.jpg)
To find out where various logs are kept on your UNIX or Linux system, view the /etc/syslog.conf file OR /etc/rsyslog.conf file.
![Page 191: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/191.jpg)
Much of the information collected in event logs and syslog files does not point to a problem, even if it is marked with a warningUsing these logs for fault management requires
thoughtful data filtering and sorting.
![Page 192: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/192.jpg)
Traffic shaping
A performance management techniqueInvolves:Manipulating certain characteristics of
packets, data streams, or connections to manage the type and amount of traffic traversing a network or interface at any moment.
![Page 193: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/193.jpg)
Delaying less important traffic, increasing the priority of more important traffic,
limiting the volume of traffic flowing in or out of an interface during a specified time period, or
limiting the momentary throughput rate for an interface.
![Page 194: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/194.jpg)
Its goals are to assure timely delivery of the most important traffic while offering the best possible performance for all users.
![Page 195: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/195.jpg)
Caching
The local storage of frequently needed files that would otherwise be obtained from an external source.
Web caching: Web pages are stored locally, either on a host or network, and then delivered to requesters.
![Page 196: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/196.jpg)
cache engine: a network device devoted to storage and delivery of frequently requested files.
![Page 197: NETWORK MANAGEMENT COD 06103 With RICHARD RAJABU MBEYA UNIVERSITY OF SCIENCE AND TECHNOLOGY.](https://reader036.fdocuments.in/reader036/viewer/2022062417/5518cad3550346991f8b5a11/html5/thumbnails/197.jpg)
Review questions
Discuss advantages of documenting all of network aspects
What are advantages of caching to an ISP