8 Network Management In the modern world, and still more, so far as can be guessed, in the world of the near future, important achievement is and will be almost impossible to an individual if he cannot dominate some vast organisation Bertrand Russell The information held within computer systems is the life blood of a modern organisation. Without fast, reliable access to this information most organisations would not be able to function for very long. Some companies, such as those providing telephonebanking orcredit vetting and the utilitiessuch as gas and electricity, are so dependent on this information that they would stop functioning almost immediately if they lost their communication system or even access to their database. Continual and reliable access to distributed information is now needed. Organisations seek to do business when and where customers require it. They are also looking to maximise the return on costly capital equipment. These drivers are extending the times that the network must be available, so that 9-to-5 operation is no longer universally applicable, especially when networks that cross the globe have no real concept of what 9-to-5 is! Within individual buildings local area networks (LANs) have been increasingly deployed to provide common access to data to be shared across work groups. These networks are already indispensable to the people they support. As part of a distributed information network, they will become even more central to the operation of many businesses. As companies rationalise their previously diverse operations, there is a need to control the linking of separate computer systems. This means that useful networks require management support that enables them to provide and maintain common services from a disparate set of components. This capability will become ever more important to the company’s core activities, and hence its overall business objectives. Total Area Networking: ATM, IP, Frame Relay and SMDS Explained. Second Edition John Atkins and Mark Norris Copyright © 1995, 1999 John Wiley & Sons Ltd Print ISBN 0-471-98464-7 Online ISBN 0-470-84153-2 . This chapter starts by reviewing the essential problem: that of managing a network of diverse elements to perform to such stringent requirements as those stated above. We build a picture of the general aims that have to be addressed before this can be achieved. We then build on this in considering the practical issues that have to be addressed in managing a real network (whether you do it yourself, or whether a third party does it for you). Finally we outline the fast-maturing network management systems so essential for coping with the volumes of data and speed of reaction required by users. 8.1 TYPICAL NETWORKS The range of information technology is so wide that no single supplier can deliver a cost-effective solution to every user requirements. Inevitably, real networks are a composite of different piece parts, each from a different vendor. In general, these piece parts work reasonably well with each other to provide the desired range of facilities: mail, telephony, file transfer, etc. For instance, in the networks of large companies, the average number of suppliers is typically between 16 and 20. The end user is often (mercifully) shielded from underlying complexity. A real network (see Figure 8.1) will involve components from a variety of sources which might well include (NCC 1892): • private exchanges, local area networks, bridges and routers, multiplexers from network equipment vendors • telephones, leased circuits and managed data networks from public network operators • computers, communications software, communications controllers and terminals from computer suppliers. The challenge facing the network owner is the integration of these separate components into a coherent network in a cost-effective manner (Spooner 1993). The set of components used must not only interwork; it must also be readily operated and maintained as a single resource. The users of a network, however, are not interested in the individual elements of the network; they are concerned solely with the services provided across it. For them, the network must be managed for effectiveness and reliability so that they get the services they need without being aware of the technical detail of the network. Diverse networks require systems that enable the network to be managed in terms of the services it supports. It may be possible to manage a piecemeal set of components to perform as required but as the level of connectivity increases, this will become more and more demanding. There will come a point (and this is not far off) when the diversity and complexity of the network preclude anything other than an integrated management approach. The next section looks at the network as a resource that has to be managed. 176 NETWORK MANAGEMENT . Figure 8.1 Today’s typical network Before going on to this, it is worth dwelling for a short while on what we mean by ‘managed’. In many people’s eyes, network management is little more than fault detection. A lot more has to be done, though, to satisfy the escalating expectations of users and needs of business. Modern network management needs to cover all activities concerned with operating and maintaining the network to meet the required quality of service and ensure the most efficient use of resources. This covers many different aspects, some of the more important ones are described below. Service provision The services that users require should be available on demand. It should be possible to provide and change services with minimal manual intervention. Automated processes should be provided to manipulate network data so that this can be achieved. Repair Most of the faults that occur in the network should be identified before they affect service. Network elements should be monitored for faults or degradation of performance. Network performance should be automatically reconfigurable to restore service. Faults should be diagnosed, correlated, prioritised and dispatched for attention as soon as they are found. 1778.1 TYPICAL NETWORKS . Test and performance monitoring Any network element, anywhere in the network, should be testable from any fault handling point. The quality of service being offered to a user should be monitored in real time. A network being managed by a third party should have a service level agreement (SLA) against which acceptable levels of performance can be measured. Inventory management All network elements should be identifiable and their status (e.g. connected, out of service, etc.) and configuration should be known. The network inventory should be accurate and detailed enough to ensure that it is clear exactly what constitutes the network being managed Order handling It should be possible to order/reserve resources (e.g. extra bandwidth, new services, etc.) automatically. Checks on available capacity, credit, stocks, etc. should also be available as part of a network management system. Accounting Charging, tariffing and credit information should be maintained as part of the management system. This would be partly for information and partly for verification purposes. There are many items that could be added to the above list, some basic and general requirements such as the security of access, others more specific, such as automated service creation.A picture of the range of what can be done with network management systems is given in Figure 8.2. It should be noted that not all customers/users will want all of the functions shown in the diagram to be available. The suppliers of network management systems will need to customise their offerings to provide a range of offerings, otherwise cost and complexity may increase needlessly for a user with more straightforward needs. The sheer range of network management is a clear theme of this chapter and can readily be seen to be a driver of the network management tools now on the market. 8.2 THE NETWORK AS A RESOURCE Organisations are constantly changing their shape, with locations closing, changing size and new ones being added. As organisations focus on their core activities, other activities are contracted out, divested or stopped all together. 178 NETWORK MANAGEMENT . Figure 8.2 The range of functions covered by network management systems If the network is to support the organisation in this type of environment, it must be flexible. Traditionally, organisations have used private networks to support their operations. These have the attraction of being reasonably priced while being under the control of the organisation; hence providing greater reliability, functionality and availability than public networks. Since they are fixed assets, private networks usually have spare capacity, paid for but unused most of the time. Public network operators have responded by offering network services such as managed data network services or virtual private networks that have addressed these concerns and provide high levels of flexibility. With these network services, parts of the large networks owned by the network operator are customised to the individual needs of a particular organisation. The customer thus appears to have a discrete private network. To be truly effective these network offerings must be capable of being integrated into an organisation’s network management structure. Although the network infrastructure may no longer be privately owned, the services it supports must be managed as effectively as though they were. As companies question the rising cost of operating a complete private network, options such as facilities management, where all or part of the network is contracted out to a third party, are becoming more commonplace. The options to move between private networks, facilities management and managed network services provide an organisation with a spectrum of solutions from which they can choose the most appropriate for each part of the network. For example, a private network may be appropriate for the UK operation, with a managed data service for the continental European part of the network. Networks require management systems that enable effective monitoring and control. The key role of the network as an operational resource means that it has to provide an acceptable level of service We now go on to consider the aims and practicalities of real network management. 1798.2 THE NETWORK AS A RESOURCE . 8.3 AIM 1—EARLY DETECTION Network management has until recently been reactive. Network managers would wait until the users of the network reported a fault, or a piece of equipment failed and generated an alarm. Upon receipt of the report the managers would investigate the fault and initiate some repair process. This reactive management style results in users suffering loss of service, which is increasingly unacceptable given the key role of the network in supporting the effective operation of the organisation. Network managers need to monitor continuously the health of the network, identifying trends within the network so that they can take action before services are affected. This proactive management style needs automated tools that can process the large amounts of performance data available from a network. This is especially true in the case of VPNs where a third party is held responsible (and hence penalised) for loss of service. The only problem with this is that most networks have a significant amount of equipment managed by systems that are proprietary. It may not be cost-justifiable to change these systems or implement standard management interfaces on them immediately. So, gradual migration to an integrated environment (which, in practice, has to be based on standard interfaces) is necessary. The introduction of network management standards is not uniform across all technologies, though. Newer network technologies such as local area networks or ISDN have quite well developed standards, and others such as PABXs have few. 8.4 AIM 2—CLEARLY DEFINED NETWORK MANAGEMENT CONCEPTS International standards committees (most notably the OSI) have defined models that describe how to manage real networks. These models use a method known as object orientation, which is designed to cope with the complexity found in today’s information systems. The object-oriented approach decomposes a complex problem into understandable pieces known as objects. The approach looks at a network piece by piece, modelling each separately, so that it is easier to comprehend. The pieces of the network that are modelled do not have to be physical elements, such as modems or multiplexers; they can also be software elements, for example a file manager on a LAN. From the management point of view a network resource is called a managed object. Each managed object is described by attributes such as telephone number, address, identity number, etc. Not all the characteristics of a resource may be of interest in management terms. An important issue when modelling a resource is to decide which characteristics are relevant for 180 NETWORK MANAGEMENT . Figure 8.3 Objects and inheritance for network components network management purposes and which therefore should be defined as attributes. All OSI management standards are based on the concept of manipulating information about managed objects and their attributes. An individual element of the network is represented by an instance of the managed object. In general there will be a number of instances of an object type which will have common properties. This collection is known as a managed object class. To illustrate how this works, we can use the example of modems (see Figure 8.3). There is a set of attributes (a, b, c, d) that each instance must have to be classed as a modem. There are other attributes (e, f, g for manufacturer A) which are particular to a given manufacturer’s modem which may or may not exist in another manufacturer’s product. It is an obvious goal for network operators that the common attributes for an object class are maximised and the manufacturer’s unique features are minimised. Of course, for manufacturers, the opposite is usually the case. The extent to which manufacturers will differentiate through features or quality remains to be seen. The former is beginning to give way to the latter. To produce short, clear and consistent definitions of managed object instances which are free from unnecessary duplication, the concept of Inheritance is used. One class of objects can be defined as an extension of another. All the properties of the original class apply and only new properties need be defined. To define an object fully, further definitions are required. These are • operations: the management operations that may be applied to the managed object instance; 1818.4 AIM 2—CLEARLY DEFINED NETWORK MANAGEMENT CONCEPTS . Figure 8.4 Communication in a management system • notifications: emitted by the managed object instance as a result of an internal event; • behaviour: the actions of the managed object instance exhibited in response to management operations. The set of managed objects in a management system is logically stored in a management information base (MIB). This is a conceptual store, which can be physically implemented in a number of ways. Having defined a set of objects, we now have to devise a means for describing how they interact with each other. This is where the concept of a managed communications model is useful. Management communications are required when a system wants to gain control or to access information about the behaviour of another, or when one system wants to report an event to another. Each management communication is said to take place between a managing system (containing a managing process), and a managed system (containing an ‘agent’ process which works on and drives a set of managed objects) as shown in Figure 8.4. Either system may initiate the communication. It should be noted that this classification into managing and managed systems applies to a single communication. A system may act as a managing system when communication with a ‘subordinate’ system, and at the same time act as a managed system when reporting events to a ‘superior’ system. This simple, two party model of communication can be used as a basis for building a variety of very complex multimanager configuration types, such as hierarchical or functionally organised systems. 8.5 AIM 3—NETWORK MANAGEMENT STANDARDS For interworking between various elements to be possible, network equipment needs to conform to accepted standards. One of the most cherished goals of 182 NETWORK MANAGEMENT . standards bodies has been to enable heterogeneous networks to be constructed. This noble aim has been slow to arrive, though as suppliers have constantly striven to add value by extending the capabilities of their products, they have added proprietary features including network management. This has led to a multitude of ways of managing individual parts of a network, but little in the way of managing a network as an integrated whole. A consistent set of international standards has yet to allow the management of multivendor networks. The prime source of standards that do exist for network management is the International Standards Organisation, ISO. This is an agency of the UN in the UNESCO family. Each member country is represented by a single national body, which in the UK is the British Standards Institution (BSI). ISO standards are being promulgated by the Network Management Forum, a group of major manufacturers collaborating on the development of network management protocols such as CMIS and CMIP. The forum’s basic charter is to develop protocols and interfaces that can be used on an industry- wide basis under their OMNIPoint banner. Network management is open to de facto as well as de jure standards. There has been significant progress in both areas, but the final shape of standards that apply in practice is far from settled. Industry-led consortia such as the Open Software Foundation and Distributed Computing Environment are likely to have a significant impact on what network managers use in the long term. For instance, the OSF DME standard (explained in Appendix 2) accommodates both SNMP and CMIP as interfaces on its Consolidated Management Application Programming Interface (CM- API). Several of the more advanced network management systems described later in this chapter plan to intercept DME. 1 The structure of the OSI network management standards is now described. Framework standards These specify the models upon which all other management standards are built. The OSI system management overview (ISO/IEC 10040) outlines the scope of OSI management using four models, as below. The organisational model This describes how OSI management may be distributed administratively. The information model This specifies the use of managed objects and provides guidelines for defining managed objects. The function model This describes network management functional areas. The functional model is a commonly accepted way of describing network management activities. These are 1 A cynic’s definition of DME is Distributed Management Eventually. 1838.5 AIM 3—NETWORK MANAGEMENT STANDARDS . • fault: identifying and recovering from faults; • performance: measuring and changing performance parameters; • configuration: keeping an up-to-date inventory of network resources and controlling changes; • security: ensuring that the network can be accessed and used only by authorised users; • accounting: managing the financial aspects of the network, such as charging and asset auditing. The Communications model This describes how systems will exchange information. The last three of the above models are backed up and elaborated with standards that allow practical implementation. The organisational model is, however, more fluid, very much driven by user needs. Aspects of this have been touched on already with the ‘own-managed or outsourced’ choice mentioned earlier in the chapter. The practicalities of network management explained towards the end of this chapter provide much of the remaining information required to decide on appropriate organisation. Function standards These specify how to use management communications to achieve a particular objective. The five areas described in the functional model overlap significantly in practice. For example, the boundary between configuration management and fault management is blurred: repairing a fault may require temporary reconfiguration of the network. In each of the functional areas the activities performed may be similar: for example tests might be performed on both the security and performance aspects of the network. To resolve these issues of overlapping functionality the OSI committees have defined numerous generic functions, such as alarm reporting, event management and test management, which can be applied to any of the functional areas. These are known as function standards and are typified by those listed in Figure 8.2. Communications standards These specify the protocols and services that communicate management information. The common management information service (CMIS) and common management information protocol (CMIP) are a linked pair of standards. CMIS provides a service definition using commands, or primitives, to perform network management functions. An example of this is the notification service used to report events within the network. 184 NETWORK MANAGEMENT .