Network Management 14 Flashcards
Effective network management leads to
Improved QoS, reduced operating costs and increased revenue. Goal is to make operations more efficient.
What is network management
The management of functions such as operation, administration, maintenance, and provisioning of systems on a network using various activities, methods, procedures, and tools.
Operation deals with procedures that allow for the smooth running of the network
Administration involves keeping track of the assignment and utilization of devices on the network
Maintenance involves repairing and upgrading network components and taking necessary measures to ensure that devices are running optimally
Provisioning assigns resources to support a service.
What is SNMP
Simple Network Management Protocol
An application layer protocol used to collect information from network devices for diagnostic and maintenance purposes.
Includes two components. Management systems and agent software.
Three versions. SNMPv1. Original
SNMPv2 added several protocol operations and initial security measures
SNMPv3 added security features and remote configuration capabilities. Authentication, privacy, and access control
What are network monitoring tools
Can capture traffic, analyze it, create logs, alert you to events you define, monitor different interfaces, such as routers, switches, and servers, indicate areas of traffic congestion, help you construct baselines, determine upgrade and forecast needs, and generate reports for management.
What are throughput testers
Are software tools that can be used to measure network throughput and capacity.
They send large data packets from one destination to another and measure the time taken to transfer the packets. Throughout is the. Calculated by dividing the packet size by the time taken.
Name some common connectivity utilities used to troubleshoot connectivity issues
Ping, pathping, tracert, netstat
Name the three functional categories of network monitoring tools
Status monitoring. Used to gather data related to the status of the network. Tools include ping and nslookup commands
Traffic monitoring. Used to gather data related to the traffic generated in a network. Ping and iptrace in Unix commands can be used as a traffic monitoring tool.
Route monitoring. Used to trace taken by packets and detect routing delays. Tools include tracert and arp commands.
Network traffic analysis includes
Identification of the inbound and outbound protocols
Checking whether the protocols acknowledge each other.
Identifying if ports are open and closed
Checking the traffic that pass through a firewall
Checking throughout, threshold limits and overall network performance
Tracing packets on a network
Studying network utilization
What is port filtering
A technique of selectively enabling or disabling TCP and UDP ports on computers or network devices.
It ensures that no traffic except the protocol that the admin has chosen to allow can pass through an open port. Works by examining the packets header, source address, destination address, and port number.
What is traffic filtering
A method that allows only legitimate traffic through to the network
It blocks unwanted traffic minimizing valuable resource consumption. Traffic is filtered based On Rules that accept or deny based on the source or destination IP address.
Firewalls and servers are most commonly use this method.
Activities performed by the network diagnostic tools are
Monitor end to end application respnse time
Analyze network traffic
Manage device performance
Monitor and alert availability, Bandwidth utilization, and health of devices
Provide network diagnostics for troubleshooting and resolving issues
Offer network discovery tools that facilitate IP address management, port mapping and ping sweeps.
What is port mapping
Translates address of packets to a new address. The translated packets are then routed based on the routing table.
What is ping sweep
Establishes a range of IP addresses to locate active hosts within a given range. Can be performed by using tools such as fping and map.
What is a system performance monitor
A software tool that monitors the state of services or daemons, processes and resources on a system.
They track one or more counters which are individual statistics about the operation of different objects on the systems. When a counter value reaches a given threshold it indicates that the object of the counter may be functioning outside acceptable limits.
What is the top utility
Most Linux Unix systems provide a cpu usage monitoring tool call too as part of their default installation. Can provide either a static snapshot or a real time display of the processes currently running on a given cpu.
What is a log file
A record of actions and events performed on an operating system. Three common log files. System, general, and history files
Describe system log files
Often predetermined by the os itself and are a record of events logged by the os
Describe general log files
A type of system logs that contain information about device changes, installation or I installation of device drivers and any other system changes
Describe history log files
Record information such as type of log, the time of event occurrence, the name of the user who was logged on at the time of the event, keywords any id numbers and what category the event belongs to
What is syslog
A term used to define the process of logging program messages or data logs. Includes the software or OS that generates, reads, and analyzes log files.
What is a protocol analyzer
Also called a network analyzer is a diagnostic software that can examine and display data packets that are being transmitted over a network.
Can examine packets from protocols that operate in the physical, data link, network and transport layers of the OSI model
Name the uses for protocol analyzer
Analyzing current network traffic patterns and potential problems
Detecting possible network intrusions
Monitoring network usage for performance analysis
Filtering undesirable network traffic
Launching an eavesdropping attack
What is the Unix netstat utility
Can provide a wide range of information including open ports and sockets, packets transmitted on those ports, routing tables, and multicast memberships.
What is network adapter promiscuous mode
Enables the station running the analyzer to recognize all packets being sent over the network irrespective of the destination or source.
What is network fault tolerance
The ability of a network or system to withstand a foreseeable component failure and continue to provide an acceptable level of service.
Network administration covers support functions requires to manage a network. These include
Functions that do not involve performing changes such as configuring and tuning or the running of the actual network. Includes activities such as designing the network, tracking its usage, assigning addresses, planning upgrades to the network, taking service orders from end users and customers, keeping track of network inventory, collecting accounting data, and billing customers.
Configuration management addresses
Setting up and changing the configuration of the network and its components.
Involves setting up of parameters for switches and routers.
Three configurations of the network.
The static configuration. The permanent configuration of the network
The current running configuration.
The planned configuration. When the configuration data changes as the network changes.
The arp command facilitates in updating this database. It can discover any new network component having an IP address
Common documents that each network administrator should have
Network maps. Provide the location and routing information for network devices. Known as network diagrams
Device information. List the hardware, software, and configuration information for each device in the network.
Utilization statistics. Provide usage logs and reports to measure network utilization and performance.
Policies and procedures. Provide guidelines and the appropriate method for performing network management tasks.
What is a physical network diagrams
A diagrammatic representation that depicts all network devices and endpoints connections with one another. Typical depicts routers and switches, servers, workstations, printers, and fax machines, remote access equipment, firewalls, wireless access points, cable management information and CSU/DSU
What is a floor plan
Can be part of the physical network diagram. Should include the location of the demarc, wiring closets, and cable runs.
What are network wiring schematic or wiring diagrams
A combination of a floor plan and a physical network topology diagram. shows the nodes and network wiring superimposed on a floor plan of the facility with the actual equipment and cables on the schematic in their actual locations.
What is IT asset management
The set of management policies that include information about the financial and contractual specifications of all the hardware and software components present in an organizations inventory.
What is a logical network diagram
Documents the protocols and applications that control the flow of network traffic. They show how the data should move regardless of physical implementation. Depicts IP address of each network device
The FQDN of a device
Application type of each server
Trust relationships that exist between nodes
The routing topology.
Critical hardware and software inventories provide insurance documentation and help determine what you need to rebuild the network
Hardware inventories includes Standard workstation Specialty workstation Basic server Connectivity hardware Backup hardware
Software inventory includes Operating system Productivity and application Maintenance utilities Backup documentation Overall asset inventory
What are network policies
A formalized statement that defines network functions and establishes expectations for users, management and IT personnel. Describes the acceptable use policies of network equipment.
Name the components of a network policy
Policy statement outline the plan for individual components
Standards define how to measure the level of adherence to the policy
Guidelines are recommendations or best practices for how to meet the policy standard.
Procedures are step by step instructions that detail how to implement components.
Legal compliance requirements and regulations
All organizations must consider their legal obligations, rights, liabilities, and limitations when creating policies. Information security practices must comply with legal requirements
What is a network baseline
A record of a systems performance statistics under normal operating conditions.
Documents the networks current performance level and provides a quantitative basis for identifying abnormal or unacceptable performance.
The network baseline process consists of eight steps
Evaluate the network Design tests Schedule tests. When and how frequently tests run Run tests. Document results Analyze data Repeat tests Upgrade as needed
QoS is
Quality of service
A set of parameters that controls the quality provided to different types of network traffic.
Parameters include the maximum amount of delay, signal loss and noise that can be accommodated for a particular type of network traffic, bandwidth, priority and CPU usage for a specific steam of data.
Both the transmitter and receiver enter into an agreement called the Service Level Agreement SLA which describes remedial measures or penalties to be incurred by an ISP in the event that the ISP fails to provide the QoS promised
Why is there a need for QoS
Real time multimedia applications can compensate for some amount of packet loss but are very sensitive toward delays in data delivery
FTP and Telnet are very sensitive to packet loss but tolerant to delays in data delivery
An optimum usage of bandwidth becomes very critical while dealing with multimedia applications.
Low bandwidth may result in bad quality transmission of real time applications.
Parameters were developed to prioritize bandwidth allocation for real time applications on networks and guarantee a specific QoS
QoS parameters on a network
Bandwidth. The average number of bits of data that can be transmitted from a source to a destination over the network in one second
Latency. Lag or delay is the time difference between transmission of a signal and when it is received
Jitter. Is the variability over time in latency between sequentially transmitted data packets. Represents inconsistency in packet delivery
Packet loss. The number of packets that are lost or damaged during transmission.
Echo. A reflected sound, a distinct repetition of the original sound caused by splices and improper terminations in the network
What is traffic shaping
Also known as bandwidth shaping
A mechanism in QoS for introducing some amount of delay in traffic that exceeds an Administratively defined rate.
Smooths down traffic bursts that occur when the transmitter sends packets at a rate higher than the capacity of the receiver. Does not packets and is implemented only on the outbound interface of a device
What is traffic policing
The method of governing and regulating a flow of packets in conforming with the standards specified in the SLA. Packets not conforming are wither dropped or marked to a lower precedence value
What is load balancing
A network performance optimization tool that divides work among the devices on a network.
More resources are available and data is processed faster. The devices in the network perform at their optimum efficiency.
Cluster servers is another way to create load balancing. How?
A main server in the cluster determines which server will provide the data processing.
Load balancers is another way to create load balancing.
A stand alone network devices that perform load balancing as their primary function.
What is high availability
A rating that expresses how closely systems approach the goal of providing data availability 100% of the time while maintaining a high level of system performance.
Usually rated as a percentage that shows the proportion of uptime to total time.
Whats a caching engine
An application or service that Stores or indexes data in order to provide faster responses to requests for that data.
Useful for responding for frequently used data.
High bandwidth applications are software programs that requires large amounts of network bandwidth for data transmission. These include
VoIP
HDTV
real time video
Multimedia
Various factors that affect the QoS implementation on a network
Packet classification. Each packet coming to a router is classified based on its QoS requirements. Enables the router to process the packet based on its resource requirement
Policing. An application requests the required amount of network resources and must adhere to this request.
Resource allocation. It is the network devices responsibility to appropriately allocate resources to both data and voice packets
Call admission. In case of unavailability of network resources the network can deny the request.
