This page intentionally left blank 477 EXAM OBJECTIVES IN THIS CHAPTER NETWORK MANAGEMENT 477 CONFIGURATION MANAGEMENT 478 NETWORK MONITORING 493 INTRODUCTION Why do networked information systems need to be managed? Well, without skillful and insightful management your network can quickly become out of control. What does management have to do with networking? Well, a lot. The act, manner, or practice of managing, handling, supervising, or controlling is simply managing. Take this definition and merge it with your information systems network. What do you have? Network management refers to the activities, techniques, measures, and gear that pertain to how you operate, administer, maintain, and condition the networked information systems to ensure the highest availability possible within your budget. The bottom line goal here is to identify and manage network errors as soon as possible before the users begin to notice, or, maybe even worse, your boss! NETWORK MANAGEMENT Keeping track of network resources and how they are assigned; maintaining, upgrading and repairing network equipment, configuring resources for opti- mal resource usage and network performance (Voice over Internet Protocol [VoIP]) via monitoring techniques; configuration management documenta- tion (wiring schematics for your WAN links and local points of presence [POP], network diagrams, baselines, policies and regulations) are all inclu- sive to network management. How can you plan and execute replacement of critical networked equipment, patch a router internetworking operating system image, add CHAPTER 10 Network Management CHAPTER 10: Network Management 478 a fiber switch to a network, and configure resources for your new office’s voice services? These can be achieved by keeping the Mean Time To Repair (MTTR) as short as possible. What’s MTTR have to do with it? Well, MTTR is part of a larger network management framework. A common way of characterizing network management functions is Fault, Configuration, Accounting, Performance, and Security (FCAPS). What are functions? Functions are sets of tasks performed in one or more of the following: Controlling Planning Allocating Deploying Coordinating Monitoring resources Network planning Frequency allocation Predetermined traffic routing Load balancing Cryptographic distribution Configuration management Fault management Security management Performance management Bandwidth management Route analytics Accounting management CONFIGURATION MANAGEMENT Unless you’re dealing with a small network of only a few computers, once a computer or other piece of equipment has been configured, management of the device is necessary. Configuration management (CM) is a practice that Configuration Management 479 involves documentation of a device’s configuration, as well as keeping that documentation up to date so that any future changes can be controlled and tracked. While this seems at face value like a straightforward, easy to follow practice, it is the one that often falls by the wayside. CM is useful for a num- ber of reasons. The documentation created on the network can be quickly referenced, allowing you to identify how a device was configured, its location on the network, and other detailed information about the device. By having this information, you can replace devices and make changes to the network quickly. By compiling information on the components of your network, you cre- ate an inventory that can be used to track items that need to be replaced or upgraded. Most organizations have a life cycle for computer equipment and replace older machines every three or four years. Network devices like routers and switches may last longer, but they will eventually need to be replaced with newer and faster equipment. Keeping a database allows you to schedule upgrades and replacements more easily, because you can monitor details such as when the item was installed on the network and whether it is approaching the end of its life cycle. Managing software and hardware in this manner also provides a record of computer assets that are owned by the company. This informa- tion can be useful in budgeting replacements and determining insurance needs. If a disaster occurs, the documented information can also be used to allow you to identify what was destroyed or damaged. In this chapter, we will see how disasters are an issue which needs to be addressed in order to mitigate the risk they present to businesses as a whole. If a disaster occurs, the configuration information can be used to replace damaged devices, so that the replaced devices are configured the same as their predecessors. For example, if a server was destroyed, you could replace that server with another, give it the same name and Internet Protocol (IP) address, and have it provide the same services. Except for the time taken to replace the server, users of the network might be unaware that a problem even existed. CM Documentation Types Writing schematics, developing physical and logical network diagrams, establishing baselines, creating policy, procedures, configurations, and using regulations are all a part of configuration management documentation. What should I document? Well, many network managers and engineers have varying opinions on this subject due to the dissimilar network infra- structures, budget, and network services they provide. But the fundamental CHAPTER 10: Network Management 480 aspects to concern yourself with when collecting information to document should include the following: Physical access methods – How does your network physically connect from one office to another? Are you sharing a Token Ring (802.5) fiber network, WiMAX (802.16) across the boulevard? Maybe your network uses a mixture of transmission methods, but at what speed do they operate? These are the type of questions you will ask yourself to collect information on physical access methods so you can understand your network configuration in case you need to troubleshoot physical network access errors. Service Protocols – What protocols do you use on your servers, work- stations, data centers, routers, switches, and even on your network print- ers? Some printers’ host configuration Web portals allow administrators to remotely control link status and paper jams. Knowing what kind of service protocols are on your network and documenting them will help you deter- mine what you need and what you can get rid of. Hardware devices – Have you ever scanned your network and found devices that you didn’t even know existed? Collecting information and docu- menting it can help you stay in tune with your network configuration and possibly lead you to solving errors quicker. How many routers, switches, hubs, rack mounted servers, workstations, laptops, PDAs, thumb drives, power supplies, printers, networked digital pictures frames, wireless flat screens, bluetooth-enabled devices, and any other wireless devices, are on your network right now? Now that you know how many of each device you have, do you know where they are physically located at any given point in time? Do you have the vendor service tags, serial numbers, and contact information mapped to each associated device so you can effectively respond to trouble tickets? This is a great CM piece to have documented, because you will always find that you need to locate some piece of equipment that needs repairing. Software applications – Legacy, third party, proprietary software applica- tions must all be managed effectively because many applications’ software development life cycles end very quickly when your network expands or con- tracts. If you aren’t in control of your software and the associated updates, you will be playing catch-up, and that’s no fun. What applications are installed on your hardware devices (workstations, servers, routers, switches, firewalls, and printers)? What applications communicate between your clients and servers? Do you store all of your software in one central reposi- tory? How do your applications run? Are they server-based or client-based? How often does the software vendor release patches, upgrades, and security alerts? Do you know the current version of your applications? Asking these Configuration Management 481 questions and documenting the responses can help you answer this type of question, “Are your routers IOS compatible with the upcoming network switch upgrade?” Documenting Configurations CM starts by performing an inventory of network components and docu- menting information about each device. How much data you compile is subjective, but you should include as many specifics as possible about the machine. Information included in a database or series of documents might include: The date the document was last modified, so you can determine whether you’re looking at the most recent information. The asset number, which is a unique number that your organiza- tion may assign to an asset so that it can be identified within the company. A sticker may be affixed to an item so it can easily be matched to information within a database. The name of the device, which is the name that a computer, printer, or other device is given so that it can be identified on a network. The IP address, which is a unique network number that identifies a computer or device on a Transmission Control Protocol/Internet Protocol (TCP/IP) network. The Media Access Control (MAC) address, which is a unique hard- ware number that identifies the computer on a network. The make and model, which identifies who made the device, as well as its model number. The serial number and product ID, which are numbers or alpha- numeric combinations that appear on devices. They can be used to identify a particular device when several are in one location, and may be required when calling manufacturers, help desks, or service representatives when a problem arises. The location, so you can determine the building, floor, and room in which a device is located. The person who has been issued the device. This is useful when computers, personal digital assistants (PDAs) or other devices are issued to a specific person. This provides a contact person, and can make it easier to locate the device. CHAPTER 10: Network Management 482 The purchase date that indicates when the company bought the device. The warranty information, including how long the device is under warranty, and whether it includes parts and labor, onsite service, and so on. The operating system, which should include the manufacturer, name, and version information (for example, Microsoft Windows 2000 Professional 5.0.2195 Service Pack 4 Build 2195). This will not only indicate the operating system installed, but also whether the latest service packs have been applied. Memory that refers to the amount of physical memory installed on a computer. This will allow you to determine whether software or upgrades to a newer operating system can be installed on a particu- lar machine. The processor type, which will often determine whether the computer needs to be upgraded, and also whether upgrades of software are possible. Hard disk information, including the sizes and number of hard disks, which is useful when replacing a redundant array of inde- pendent disks (RAID). Common and special software. This includes the names and ver- sions of major software packages that are used throughout your organization (such as Microsoft Office or Internet Explorer), as well as applications that are used only on a single computer or only on certain machines in your company. Components installed or associated with the device, such as modems, Peripheral Component Interconnect cards issued with a laptop, or other components that were added after the initial pur- chase of the machine. There are a number of methods and tools available to help you acquire most of the information to be included in your hardware database. Obvi- ously, the location of the device and to whom it was issued are things that a program can’t tell you, but other information can be acquired using con- figuration utilities that come with the device or those offered by a com- puter’s operating system. Some of these tools are discussed in greater detail in Chapter 11, and not only serve as troubleshooting tools, but can be used to acquire data about the computer being used and various devices on your network. Configuration Management 483 These tools include: ipconfig ifconfig winipcfg ping system information Ipconfig is a command line tool that allows you to view information about a Microsoft Windows NT, XP, 2000, 2003, or 2008 computer’s TCP/ IP configuration. On UNIX and Linux machines, a similar tool called ifcon- fig is used to display this information. By typing ipconfig at the command line (or ifconfig on UNIX/Linux computers), you can see how each network card or modem on a computer is configured, including the IP address, subnet mask, and default gateway, as well as other important information about the network adapter. To view additional information including the physical address (MAC address), Dynamic Host Configuration Protocol (DHCP), and Domain Name System (DNS) you would type ipconfig/ALL. Change Control Documentation One of the benefits of compiling information about devices on your network is that it can allow you to see which devices will be affected by a network change. For example, let’s say you were planning on changing the IP address of a router that serves as the default gateway for workstations. Since these computers use the router to connect to other portions of a network, when this change is made, the default gateway setting of these workstations would no longer be valid. By searching your hardware database, you can determine which computers use the router as a default gateway and will therefore be affected by the change. This allows you to see which computers will have to have configuration settings changed so that their settings match the router’s new IP address. As you can see, one change can cause numerous other changes across the network. Because change is inevitable and pos- sibly far reaching, it’s important to maintain information about changes. Configuration information stored in a hardware database has to be kept up to date. In addition to this, you should also maintain documentation on changes that have been made. Change control documentation provides a record of changes that have been made into a system, which can be used in troubleshooting problems and upgrading systems. When creating a change control document, you CHAPTER 10: Network Management 484 should begin by describing the change that was made and explaining why this change occurred. Changes should not appear to be made for the sake of change, but must have good reasons, such as fixing security vulnerabilities, hardware no longer being supported by vendors, new functionality, or any number of other reasons. The documentation should then outline how these changes were made, detailing the steps you performed. By providing details in this manner, you also create a document that provides back-out steps on how to restore a system to its previous state. At times, you will need to undo the changes and restore the system to a previous state because of issues resulting from a change. In such cases, the change documentation can be used as a reference for backtracking the steps taken. The procedures you document are a valuable resource when you are recovering from a disaster and/or need to install another device or software identical to the one it’s replacing. Your documentation on the steps you performed to install a component can be used to duplicate the installa- tion during a recovery procedure. Because the same steps can be followed, a computer or other device can be set up and configured identically to the one it’s replacing. Wiring Schematics Wiring schematics are simple sketches that are created before and during installation of the physical media used for computers to talk to each other. These schematics are also developed while troubleshooting and deploying new Open Systems Interconnection layer 1 technology. Some wiring sche- matics can be very complex and can be refined as your network architecture expands. Microsoft Visio, SmartDraw, and even computer aided design soft- ware packages assist in creating your wringing schematics. The physical media such as coax cable, twisted-pair, and unshielded twisted-pair (UTP) used to connect your network are very common types to be included when creating wiring schematics. Figure 10.1 is a wiring schematic describing the pin number associated with each pair of colored wires. This figure is Electronic Industries Associate/Telecommunications Industry Alliance EIA/TIA 568A/B standard for UTP cable termination (Figure 10.1). When troubleshooting a network connection problem, remember your wiring schematics because sometimes it might be as easy as switching out some UTP cabling if the wiring in the RJ-45 connector was created incor- rectly, especially for custom length computer cables! Figure 10.2 is an example of an RJ-45 wiring schematic. Configuration Management 485 Physical Network Diagrams What if you had to troubleshoot a network issue in the network diagram shown in Figure 10.3? Confusing, right? This is why creating a physical network diagram is so important. Physical network diagrams contain each physical device and physical connection inside your network. Doing this before and during a net- work deployment is critical to future network updates and troubleshooting efforts. Clear and simple physical dia- grams go a long way (Figure 10.4). Depending on your network size and complexity you might need the FIGURE 10.1 EIA/TIA 568A/B Wiring Schematic. Image courtesy of howtocable.com FIGURE 10.2 An RJ-45 Connector Wiring Schematic. Image courtesy of Wikimedia Commons. Photo by Aaron Kasse . policy, procedures, configurations, and using regulations are all a part of configuration management documentation. What should I document? Well, many network managers and engineers have varying. (CM) is a practice that Configuration Management 479 involves documentation of a device’s configuration, as well as keeping that documentation up to date so that any future changes can be controlled. great CM piece to have documented, because you will always find that you need to locate some piece of equipment that needs repairing. Software applications – Legacy, third party, proprietary software