Network Administrator Essay, Research Paper
Imagine
yourself as a network administrator, responsible for a 2000 user network. This
network reaches from California to New York, and some branches over seas. In
this situation, anything can, and usually does go wrong, but it would be your
job as a system administrator to resolve the problem with it arises as quickly
as possible. The last thing you would want is for your boss to call you up,
asking why you haven?t done anything to fix the 2 major systems that have been
down for several hours. How do you explain to him that you didn?t even know
about it? Would you even want to tell him that? So now, picture yourself in the
same situation, only this time, you were using a network monitoring program.
Sitting in front of a large screen displaying a map of the world, leaning back
gently in your chair. A gentle warning tone sounds, and looking at your display,
you see that California is now glowing a soft red in color, in place of the
green glow just moments before. You select the state of California, and it zooms
in for a closer look. You see a network diagram overview of all the computers
your company has within California. Two systems are flashing, with an X on top
of them indicating that they are experiencing problems. Tagging the two systems,
you press enter, and with a flash, the screen displays all the statitics of the
two systems, including anything they might have in common causing the problem.
Seeing that both systems are linked to the same card of a network switch, you
pick up the phone and give that branch office a call, notifying them not only
that they have a problem, but how to fix it as well. Early in the days of
computers, a central computer (called a mainframe) was connected to a bunch of
dumb terminals using a standard copper wire. Not much thought was put into how
this was done because there was only one way to do it: they were either
connected, or they weren?t. Figure 1 shows a diagram of these early systems.
If something went wrong with this type of system, it was fairly easy to
troubleshoot, the blame almost always fell on the mainframe system. Shortly
after the introduction of Personal Computers (PC), came Local Area Networks
(LANS), forever changing the way in which we look at networked systems. LANS
originally consisted of just PC?s connected into groups of computers, but soon
after, there came a need to connect those individual LANS together forming what
is known as a Wide Area Network, or WAN, the result was a complex connection of
computers joined together using various types of interfaces and protocols.
Figure 2 shows a modern day WAN. Last year, a survey of Fortune 500 companies
showed that 15% of their total computer budget, 1.6 Million dollars, was spent
on network management (Rose, 115). Because of this, much attention has focused
on two families of network management protocols: The Simple Network Management
Protocol (SNMP), which comes from a de facto standards based background of
TCP/IP communication, and the Common Management Information Protocol (CMIP),
which derives from a de jure standards-based background associated with the Open
Systems Interconnection (OSI) (Fisher, 183). In this report I will cover
advantages and disadvantages of both Common Management Information Protocol (CMIP)
and Simple Network Management Protocol (SNMP)., as well as discuss a new
protocol for the future. I will also give some good reasons supporting why I
believe that SNMP is a protocol that all network administrators should use. SNMP
is a protocol that enables a management station to configure, monitor, and
receive trap (alarm) messages from network devices. (Feit, 12). It is formally
specified in a series of related Request for Comment (RFC) documents, listed
here. RFC 1089 – SNMP over Ethernet RFC 1140 – IAB Official Protocol Standards
RFC 1147 – Tools for Monitoring and Debugging TCP/IP Internets and
Interconnected Devices [superceded by RFC 1470] RFC 1155 – Structure and
Identification of Management Information for TCP/IP based internets. RFC 1156 -
Management Information Base Network Management of TCP/IP based internets RFC
1157 – A Simple Network Management Protocol RFC 1158 – Management Information
Base Network Management of TCP/IP based internets: MIB-II RFC 1161 – SNMP over
OSI RFC 1212 – Concise MIB Definitions RFC 1213 – Management Information Base
for Network Management of TCP/IP-based internets: MIB-II RFC 1215 – A Convention
for Defining Traps for use with the SNMP RFC 1298 – SNMP over IPX (SNMP, Part 1
of 2, I.1.) The first protocol developed was the Simple Network Management
Protocol (SNMP). It was commonly considered to be a quickly designed
?band-aid? solution to internetwork management difficulties while other,
larger and better protocols were being designed. (Miller, 46). However, no
better choice became available, and SNMP soon became the network management
protocol of choice. It works very simply (as the name suggests): it exchanges
network packets through messages (known as protocol data units (PDU)). The PDU
contains variables that have both titles and values. There are five types of
PDU?s which SNMP uses to monitor a network: two deal with reading terminal
data, two with setting terminal data, and one called the trap, used for
monitoring network events, such as terminal start-ups or shut-downs. By far the
largest advantage of SNMP over CMIP is that its design is simple, so it is as
easy to use on a small network as well as on a large one, with ease of setup,
and lack of stress on system resources. Also, the simple design makes it simple
for the user to program system variables that they would like to monitor.
Another major advantage to SNMP is that is in wide use today around the world.
Because of it?s development during a time when no other protocol of this type
existed, it became very popular, and is a built in protocol supported by most
major vendors of networking hardware, such as hubs, bridges, and routers, as
well as majoring operating systems. It has even been put to use inside the
Coca-Cola machines at Stanford University, in Palo Alto, California (Borsook,
48). Because of SNMP?s smaller size, it has even been implemented in such
devices as toasters, compact disc players, and battery-operated barking dogs. In
the 1990 Interop show, John Romkey, vice president of engineering for Epilogue,
demonstrated that through an SNMP program running on a PC, you could control a
standard toaster through a network (Miller, 57). SNMP is by no means a perfect
network manager. But because of it?s simple design, these flaws can be fixed.
The first problem realized by most companies is that there are some rather large
security problems related with SNMP. Any decent hacker can easily access SNMP
information, giving them any information about the network, and also the ability
to potentially shut down systems on the network. The latest version of SNMP,
called SNMPv2, has added some security measures that were left out of SNMP, to
combat the 3 largest problems plaguing SNMP: Privacy of Data (to prevent
intruders from gaining access to information carried along the network),
authentication (to prevent intruders from sending false data across the
network), and access control (which restricts access of particular variables to
certain users, thus removing the possibility of a user accidentally crashing the
network). (Stallings, 213) The largest problem with SNMP, ironically enough, is
the same thing that made it great; it?s simple design. Because it is so
simple, the information it deals with is neither detailed, nor well organized
enough to deal with the growing networks of the 1990?s. This is mainly due to
the quick creation of SNMP, because it was never designed to be the network
management protocol of the 1990?s. Like the previous flaw, this one too has
been corrected with the new version, SNMPv2. This new version allows for more
in-detail specification of variables, including the use of the table data
structure for easier data retrieval. Also added are two new PDU?s that are
used to manipulate the tabled objects. In fact, so many new features have been
added that the formal specifications for SNMP have expanded from 36 pages (with
v1) to 416 pages with SNMPv2. (Stallings, 153) Some people might say that SNMPv2
has lost the simplicity, but the truth is that the changes were necessary, and
could not have been avoided. A management station relies on the agent at a
device to retrieve or update the information at the device. The information is
viewed as a logical database, called a Management Information Base, or MIB. MIB
modules describe MIB variables for a large variety of device types, computer
hardware, and software components. The original MIB for Managing a TCP/IP
internet (now called MIB-I) was defined in RFC 1066 in August of 1988. It was
updated in RFC 1156 in May of 1990. The MIB-II version published in RFC 1213 in
May of 1991, contained some improvements, and has proved that it can do a good
job of meeting basic TCP/IP management needs. MIB-II added many useful variables
missing from MIB-I (Feit, 85). MIB files are common variables used not only by
SNMP, but CMIP as well. In the late 1980?s a project began, funded by
governments, and large corporations. Common Management Information Protocol (CMIP)
was born. Many thought that because of it?s nearly infinite development
budget, that it would quickly become in widespread use, and overthrow SNMP from
it?s throne. Unfortunately, problems with its implementation have delayed its
use, and it is now only available in limited form from developers themselves. (SNMP,
Part 2 of 2, III.40.) CMIP was designed to be better than SNMP in every way by
repairing all flaws, and expanding on what was good about it, making it a bigger
and more detailed network manager. It?s design is similar to SNMP, where
PDU?s are used as variables to monitor the network. CMIP however contains 11
types of PDU?s (compared to SNMP?s 5). In CMIP, the variables are seen as
very complex and sophisticated data structures with three attributes. These
include: 1) Variable attributes: which represent the variables characteristics
(its data type, whether it is writable) 2) variable behaviors: what actions of
that variable can be triggered. 3) Notifications: the variable generates an
event report whenever a specified event occurs (eg. A terminal shutdown would
cause a variable notification event) (Comer, 82) As a comparison, SNMP only
employs variable properties from one and three above. The biggest feature of the
CMIP protocol is that its variables not only relay information to and from the
terminal (as in SNMP) , but they can also be used to perform tasks that would be
impossible under SNMP. For instance, if a terminal on a network cannot reach the
fileserver a pre-determined amount of times, then CMIP can notify appropriate
personnel of the event. With SNMP however, a user would have to specifically
tell it to keep track of unsuccessful attempts to reach the server, and then
what to do when that variable reaches a limit. CMIP therefore results in a more
efficient management system, and less work is required from the user to keep
updated on the status of the network. CMIP also contains the security measures
left out by SNMP. Because of the large development budget, when it becomes
available, CMIP will be widely used by the government, and the corporations that
funded it. After reading the above paragraph, you might wonder why, if CMIP is
this wonderful, is it not being used already? (after all, it had been in
development for nearly 10 years) The answer is that possibly CMIP?s only major
disadvantage, is enough in my opinion to render it useless. CMIP requires about
ten times the system resources that are needed for SNMP. In other words, very
few systems in the world would able to handle a full implementation on CMIP
without undergoing massive network modifications. This disadvantage has no
inexpensive fix to it. For that reason, many believe CMIP is doomed to fail. The
other flaw in CMIP is that it is very difficult to program. Its complex nature
requires so many different variables that only a few skilled programmers are
able to use it to it?s full potential. Considering the above information, one
can see that both management systems have their advantages and disadvantages.
However the deciding factor between the two, lies with their implementation, for
now, it is almost impossible to find a system with the necessary resources to
support the CMIP model, even though it is superior to SNMP (v1 and v2) in both
design and operation. Many people believe that the growing power of modern
systems will soon fit well with CMIP model, and might result in it?s
widespread use, but I believe by the time that day comes, SNMP could very well
have adapted itself to become what CMIP currently offers, and more. As we?ve
seen with other products, once a technology achieves critical mass, and a
substantial installed base, it?s quite difficult to convince users to rip it
out and start fresh with an new and unproven technology (Borsook, 48). It is
then recommend that SNMP be used in a situation where minimial security is
needed, and SNMPv2 be used where security is a high priority.
?SNMP tools evolving to meet critical LAN needs.? Infoworld June 1, 1992:
48-49. Comer, Douglas E. Internetworking with TCP/IP New York: Prentice-Hall,
Inc., 1991. Dryden, Partick. ?Another view for SNMP.? Computerworld December
11, 1995: 12. Feit, Dr. Sidnie. SNMP. New York: McGraw-Hill Inc., 1995. Fisher,
Sharon. ?Dueling Protocols.? Byte March 1991: 183-190. Horwitt, Elisabeth.
?SNMP holds steady as network standard.? Computerworld June 1, 1992: 53-54.
Leon, Mark. ?Advent creates Java tools for SNMP apps.? Infoworld March 25,
1996: 8. Marshall, Rose. The Simple Book. New Jersey: Prentice Hall, 1994.
Miller, Mark A., P.E. Managing Internetworks with SNMP New York: M&T Books,
1993. Moore, Steve. ?Committee takes another look at SNMP.? Computerworld
January 16, 1995: 58. Moore, Steve. ?Users weigh benefits of DMI, SNMP.?
Computerworld July, 31 1995: 60. The SNMP Workshop & Panther Digital
Corporation. SNMP FAQ Part 1 of 2. Danbury, CT: http://www.www.cis.ohio-state.edu/hypertext/faq/usenet/snmp-
faq/part1/faq.html, pantherdig@delphi.com. The SNMP Workshop & Panther
Digital Corporation. SNMP FAQ Part 2 of 2. Danbury, CT: http://www.www.cis.ohio-state.edu/hypertext/faq/usenet/snmp-
faq/part2/faq.html, pantherdig@delphi.com. Stallings, William. SNMP, SNMPv2, and
CMIP. Don Mills, Addison-Wesley, 1993. Vallillee, Tyler, web page author.
Http://www.undergrad.math. uwaterloo.ca/~tkvallil/snmp.html VanderSluis, Kurt.
?SNMP: Not so simple.? MacUser October 1992: 237-240