home | support | download | forum


Network Management Fundamentals

This document presents some of the fundamentals on Network-management to help readers become familiar with the basic functionality of a network management system.

What Is Network Management?

Network Management in general is a set of activities where a variety of tools, applications, and devices are utilized by IT personnel to monitor and maintain information technology networks. Network management means different things to different people. For the CxO of an organization it would mean being able to ensure that the enterprise IT infrastructure (consisting of departments, locations and services) is performing optimally. To the Network Manager it would mean managing the details that constitute this high-level view. In the simplest terms, network management translates into managing fault and performance across applications, servers and networks.

Network Management Architectures

The majority of network management architectures have the same fundamental structure and set of relationships. End-user devices or stations, such as desk-top computers and other network devices, either run software that enables them to send alerts when problems are recognized (e.g. when one or more user-defined thresholds are exceeded), or are periodically polled/queried to determine their health. The management system receiving these alerts presents the data for review and consumption by IT personnel, and reacts by executing one or more actions, including notifying operators/engineers, logging events, determining the root causes of problems and initiating relevant automatic repair actions.

Polling of end devices by the management system can be automatic or user-initiated. Agents or data gathering engines are software modules that collect detailed information about managed devices, store this information in a central or distributed database, and provide it (proactively or reactively) to the core network management system (NMS) using a variety of network management protocols. Simple Network Management Protocol (SNMP) and Common Management Information Protocol (CMIP) are well known protocols.

Common Performance Metrics

Network management tools provide a variety of information to network operators and engineers through monitoring and measuring a variety of performance metrics. The most common metrics in the networking arena are availability, throughput, bandwidth utilization, and latency (or delay). Availability for example is a measure of what percentage of the time a network resource is available for use. In addition to these core metrics, administrators are also often interested in error rates and the performance of systems including CPU and memory utilization and delay (or latency).

Types of Monitoring/Management Tools

Network management systems vary from simple one device applications to complex hierarchical and distributed system. A variety of monitoring techniques are utilized by these systems. Some systems utilize passive monitoring to gather information about the network whereas others actively poll network devices to collect network performance data. An integrated SNMP network management system leverages SNMP to provide a complete view of a network. Passive network performance tools, also called packet capture tools or packet sniffers, do not generate any traffic themselves but focus on merely listening to the data on the network. The breadth of analysis enabled by passive tools is limited because they can only see traffic that is local to the device running the sniffer.

Application and service monitoring tools support monitoring of individual network applications, and focus less on the network equipment and infrastructure and more on the actual servers and applications that provide user services. Flow monitoring analyzes network traffic as flows, and aggregates network traffic based on individual connections, users, protocols, or applications. Flow monitoring tools are able to provide a bigger picture view of a network including specific information on application and connection performance as well as insight into routing and even network security.

ISO Network Management Model

The ISO network management model consists of five conceptual areas. The goal of performance management is to measure the various aspects of network performance so that network operation can be maintained at an acceptable level. The goal of configuration management is to monitor network and system configuration information so that the effects on network operation of various versions of hardware and software elements can be tracked and managed. The goal of accounting management is to measure network utilization parameters so that individual or group users on the network can be regulated appropriately. The goal of fault management is to detect, log, notify users of, and (to the extent possible) automatically fix network problems to keep the network running effectively. The goal of security management is to control access to network resources according to local guidelines so that the network cannot be sabotaged (intentionally or unintentionally) and sensitive information cannot be accessed by those without appropriate authorization.

Network Management System Purchase Considerations

Choosing a network management system typically involves understanding the following issues:

  1. Does my system need to have fault management only do I need true performance monitoring from my network management system?
  2. Is deployment and training time important for my network management system (products with higher out-of-the-box functionality can translate into significant savings on implementation and high usage success)?
  3. Is flexibility and ease of extension (open API) to support custom requirements important?
  4. Do we need an XML compatible product?
  5. Is it worth paying for real-time performance?
  6. Do we need to correlate data across network, servers, applications and determine the relation to services or is a spreadsheet good enough?
  7. Do we need a generic reporting model (customizable) or are canned reports better?
  8. Do we need to see trend reports or are snapshot reports good enough?
  9. Do we need a network management system with a distributed architecture?
  10. Do we need a single user system or a multi-user system?
  11. Do we need to organize reports by users, departments, locations, services or everything?
  12. What kind of network management system do we need if we are using it to offer managed services?
  13. Is the system easy enough for use by a CxO?
  14. How do we set up network management thresholds?
  15. What type of alarms/messages need to be configured?
  16. How does the system distinguish between minor and major alarms, and then how does it suppress false/transient alarms?
  17. What will be the topology of the system and does that affect our options in choosing a system?
  18. How do firewalls affect a specific system?
  19. What kind of interface will the system have with our trouble ticketing and billing systems?
  20. Do we need a system that can run on multiple environments (Solaris, NT or other)?
  21. How important is it to have fault and performance management in a single interface?
  22. Do you have a requirement to manage non-standard custom devices?
  23. Can the network management system adequately support the growth of the the number of devices (scalability)?

more