NETWORK MANAGEMENT TUTORIAL APAN RAHMAT BUDIARTO COMPUTER SCIENCE SCHOOL, USM

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "NETWORK MANAGEMENT TUTORIAL APAN RAHMAT BUDIARTO COMPUTER SCIENCE SCHOOL, USM"

Transcription

1 NETWORK MANAGEMENT TUTORIAL APAN-2001 RAHMAT BUDIARTO COMPUTER SCIENCE SCHOOL, USM 1

2 Goals: Network Management introduction to network management motivation major components Internet network management framework MIB: management information base SMI: data definition language SNMP: protocol for network management security and administration presentation services: ASN.1 Integrating network management and security into network design 2

3 What is network management? autonomous systems (aka network ): 100s or 1000s of interacting hw/sw components other complex systems requiring monitoring, control: jet airplane nuclear power plant others? "Network management includes the deployment, integration and coordination of the hardware, software, and human elements to monitor, test, poll, configure, analyze, evaluate, and control the network and element resources to meet the real-time, operational performance, and Quality of Service requirements at a reasonable cost." 3

4 definitions: Infrastructure for network management managing entity managing entity data network management protocol agent data managed device agent data managed device managed devices contain managed objects whose data is gathered into a Management Information Base (MIB) agent data managed device agent data managed device 4

5 Network Management standards OSI CMIP Common Management Information Protocol designed 1980 s: the unifying net management standard too slowly standardized SNMP: Simple Network Management Protocol Internet roots (SGMP) started simple deployed, adopted rapidly growth: size, complexity currently: SNMP V3 de facto network management standard 5

6 SNMP overview: 4 key parts Management information base (MIB): distributed information store of network management data Structure of Management Information (SMI): data definition language for MIB objects SNMP protocol convey manager<->managed object info, commands security, administration capabilities major addition in SNMPv3 6

7 SMI: data definition language Purpose: syntax, semantics of management data welldefined, unambiguous base data types: straightforward, boring OBJECT-TYPE data type, status, semantics of managed object MODULE-IDENTITY groups related objects into MIB module Basic Data Types INTEGER Integer32 Unsigned32 OCTET STRING OBJECT IDENTIFIED IPaddress Counter32 Counter64 Guage32 Tie Ticks Opaque 7

8 SNMP MIB MIB module specified via SMI MODULE-IDENTITY (100 standardized MIBs, more vendor-specific) MODULE OBJECT TYPE: OBJECT TYPE: OBJECT TYPE: objects specified via SMI OBJECT-TYPE construct 8

9 SMI: Object, module examples OBJECT-TYPE: ipindelivers MODULE-IDENTITY: ipmib ipindelivers OBJECT TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION The total number of input datagrams successfully delivered to IP userprotocols (including ICMP) ::= { ip 9} ipmib MODULE-IDENTITY LAST-UPDATED Z ORGANZATION IETF SNPv2 Working Group CONTACT-INFO Keith McCloghrie DESCRIPTION The MIB module for managing IP and ICMP implementations, but excluding their management of IP routes. REVISION Z ::= {mib-2 48} 9

10 MIB example: UDP module Object ID Name Type Comments UDPInDatagrams Counter32 total # datagrams delivered at this node UDPNoPorts Counter32 # underliverable datagrams no app at portl UDInErrors Counter32 # undeliverable datagrams all other reasons UDPOutDatagrams Counter32 # datagrams sent udptable SEQUENCE one entry for each port in use by app, gives port # and IP address 10

11 SNMP Naming question: how to name every possible standard object (protocol, data, more..) in every possible network standard?? answer: ISO Object Identifier tree: hierarchical naming of all objects each branchpoint has name, number ISO ISO-ident. Org. US DoD Internet udpindatagrams UDP MIB2 management 11

12 OSI Object Identifier Tree Check out 12

13 SNMP protocol Two ways to convey MIB info, commands: request managing entity response managing entity trap msg agent data agent data Managed device request/response mode Managed device trap mode 13

14 SNMP protocol: message types Message type GetRequest GetNextRequest GetBulkRequest InformRequest SetRequest Response Trap Function Mgr-to-agent: get me data (instance,next in list, block) Mgr-to-Mgr: here s MIB value Mgr-to-agent: set MIB value Agent-to-mgr: value, response to Request Agent-to-mgr: inform manager of exceptional event 14

15 SNMP protocol: message formats 15

16 SNMP security and administration encryption: DES-encrypt SNMP message authentication: compute, send MIC(m,k): compute hash (MIC) over message (m), secret shared key (k) protection against playback: use nonce view-based access control SNMP entity maintains database of access rights, policies for various users database itself accessible as managed object! 16

17 The presentation problem Q: does perfect memory-to-memory copy solve the communication problem? A: not always! struct { char code; int x; } test; test.x = 256; test.code= a test.code test.x a host 1 format test.code test.x a host 2 format problem: different data format, storage conventions 17

18 Solving the presentation problem 1. Translate local-host format to host-independent format 2. Transmit data in host-independent format 3. Translate host-independent format to remote-host format 18

19 ASN.1: Abstract Syntax Notation 1 ISO standard X.680 used extensively in Internet like eating vegetables, knowing this good for you! defined data types, object constructors like SMI BER: Basic Encoding Rules specify how ASN.1-defined data objects to be transmitted each transmitted object has Type, Length, Value (TLV) encoding 19

20 TLV Encoding Idea: transmitted data is self-identifying T: data type, one of ASN.1-defined types L: length of data in bytes V: value of data, encoded according to ASN.1 standard Tag Value Type Boolean Integer Bitstring Octet string Null Object Identifier Real 20

21 TLV encoding: example Value, 259 Length, 2 bytes Type=2, integer Value, 5 octets (chars) Length, 5 bytes Type=4, octet string 21

22 Integrating network management and security into network design 22

23 Network Characteristics: End-to-end characteristic: can be measured across multiple network elements and may be extended across the entire network or between hosts. E.g.: availability, capacity, delay, delay variation (jitter), throughput, error rate, network utilization, and burstiness of the traffic. Link and element characteristic: specific to the type of element being managed. E.g. for an IP router: IP forwarding rates (packet/sec.), the buffer utilization of the router. 23

24 Monitoring and Metering Monitoring is obtaining values for the end-toend, link, and element characteristics. It involves collecting data, processing some or all data, displaying the data, and archiving it. Use network management protocol (e.g.: SNMP). Metering is process of collecting data for the purpose of long-term analysis. The measure values are metrics. 24

25 Monitoring process WAN NM data storage NM data display NM data collection NM data processing 25

26 Monitoring for Event Notification An event is a problem or failure in a network element, or when a characteristic crosses a threshold value. Thresholds may be set on end-to-end or element characteristics for short-term or immediate notification of events. (real-time analysis) 26

27 The amount of network traffic generated by the periodic polling of multiple characteristics at many network elements can impact the overall network performance. Example: A network with 100 elements, each is monitored for 8 characteristics. Each characteristic generates an average of 64 bytes of data, and polling periodic is 5 seconds. The amount of traffic is: (800 polls responses)*(64 bytes)* 8 bits= 819Kb per 5 sec. This would be a problem if the polls/responses were crossing a T1 or slower speed network. Or if we grow from 100 to 1000, to 10,000 polled devices. 27

28 Instrumentation methods SNMPv2 provides access to MIB-II, other standard MIBs(e.g., DS1 MIB), enterprisespecific MIBs, and remote monitoring MIBs (RMON MIB, SMON MIB, AToM MIB) End-to-end monitoring tools include utilities such as ping, traceroute, and tcpdump. Direct-access methods include telnet, FTP, TFTP, and connections via a console port. 28

29 The following parameters can be collected on a per-interface basis: Paramater ifinoctets ifoutoctets ifinucastpkts ifoutucastpkts ifinnucastpkts ifoutnucastpkts ifinerrors ifouterrors ifoperstatus Description Number of bytes received Number of bytes sent Number of unicast packets received Number of unicast packets sent Number of multicast/broadcast packet received Number of multicast/broadcast packet sent Number of errored packet received Number of errored packets sent State of an interface (up, down, testing) 29

30 Some ways to improve the network management design are to ensure that the element instrumentation is accurate, dependable, and simple. Testing and taking alternate measurement to ensure accuracy in the instrumentation. Separate and replicate the management components to enhance dependability in the design. 30

31 Network Management Architecture In-Band/Out-of-Band Monitoring In-Band monitoring is having the network management data flow over the same network that the user network traffic uses. 31

32 Out-of-Band monitoring is providing different paths for network management data flows and user network traffic. May be provided by ISDN (i.e., D- channel), by a separate Frame Relay connection or ATM virtual circuit, or via a POTS connection. Network Monitoring System Out-of-band link Polling station 32

33 Centralized/Distributed Monitoring In a centralized monitoring plan, all monitoring data (i.e., pings, SNMP polls/response, and possibly traceroutes) radiate from one monitoring node using in-band or out-of-band paths. This monitoring node is typically a host running a set of network management tools. Network Monitoring System Polling paths (ICMP, SNMP) 33

34 In a distributed monitoring plan, monitoring data are collected at localized monitoring nodes and either passed on to display and storage nodes or processed by the monitoring node. When the data are passed on without processing, the monitoring nodes act to localize the data collection, reducing the amounts of management data that transit the network and possibly providing backup monitoring capabilities in the event of a loss of any monitoring node. Network Monitoring System Localized Polling Polling station 34

35 Capacity and Delay Requirement Rules of thumb for determining the number and locations of monitoring nodes: Rule 1: For a LAN environment, start with one monitoring node per subnet. For each subnet, determine # Of host and network elements to be polled for parameters # Of parameters to be collected Frequency of polling (polling interval) Will give us an estimate of average data rates for management traffic per subnet. IF the rate > 10% of the LAN capacity, then consider to reduce management traffic by reducing the variable(s) IF the rate < 1% of the LAN capacity, then consider to consolidate the monitoring nodes for some of the subnets For the standard LAN tech. (Ethernet, FDDI, Token Ring) the management traffic rate should be 2% to 5% of the LAN capacity. As capacities increase, the estimate rate should be reduced accordingly. -Example: For HiPPI LAN with a capacity of 800 Mbps should not have an expected mgmt traffic rate 16 to 40 Mbps. An order of magnitude less (0.2 to 0.5%, or 1.6 to 4.0 Mbps) is more reasonable. 35

36 Rule 2: For a WAN/MAN environment, start with one monitoring node per tail site, or at each WAN/MAN LAN interface. This allows us not only to monitor the network at those sites, but also to measure, verify, and possibly guarantee service and service characteristics from the WAN/MAN to each site. 36

37 Checks and Balance in Monitoring It is advisable to have more than one method for collecting management parameters, in order to validate their correctness. Vendor SNMP agent and MIB implementations are not guaranteed to provide correct information. Some verification methods include using data from RMON agents, the end host, or traffic analyzers to compare against SNMP-collected data from network elements. Check and balances should be repeated regularly, as the accuracy of management data may change with new releases of vendor software/hardware. 37

38 Flows of management data Network management data typically consists of SNMP parameter names and values. Since frequent polling can generate large amounts of data, storage of this data can become a problem. Rules of thumb for management data generation and storage: Rule 1: Determine which management data are necessary to keep stored locally and which data may be archived. Management data are usually kept local, stored where they can easily and quickly be retrieved, for event analysis, which is checking the time before and after an event to determine any indications of the event, and short-term trend analysis. Management data that are not being used for these purposes should be archived to tertiary storage, such as tape 38

39 Rule 2: When a management parameter is being used for both event notification and trend analysis, consider copying every Nth iteration of that parameter to a separate database location, where N is large enough to keep the size of this data relatively small, yet is small enough so that the data are useful in trend analysis. If there are indications that more immediate analysis needs to be done, then either a short-term analysis can be done on the locally stored data (from rule 1), or the interval N can be temporarily shortened. Rule 3: When management data are collected for trend analysis, the data can be stored local to the monitoring nodes, then downloaded to the storage devices when management and/or user traffic is expected to be low, such as late at night. Rule 4: A management data-archival system should indicate what the archived data refer to and the time period that they were collected. This information (sometimes termed metada) may come from the processing at the monitoring nodes, or from the archival system itself. This metadata is necessary in case environmental parameters of the network elements (e.g., location, IP addresses) change with time 39

40 Configuration of network management In general it is useful to have more than one path for network element configuration, with one of the paths being out-of-band. For example, we could have in-band via SNMPv2 (using the set command), telnet, or FTP/TFTP, and out-of-band via dial-up (e.g., ISDN) connections or through FTP/TFTP via dial-on-demand, switched 56 Kbps connections. The most common primary configuration methods are to use either a direct console connection, telnet, or SNMPv2. Common backup configuration methods are to FTP/TFTP configuration files to the network element or access via a dial-up method. Configuration via SNMPv2 relies on an enterprise-specific MIB provided by the vendor of the network element. The trivial security provided by SNMP may not be sufficient for your network. Many network elements, especially switching/routing elements and hosts, allow direct configuration access via a console interface. Direct configuration is one of the more secure methods of configuration. BUT, there is no standard configuration interface. 40

41 Security Security in the network needs to protect network resources from being disabled, stolen, modified, or damaged. Includes: protecting hosts, servers,users, and system data, as well as less tangible resources such as an organization s image and privacy 41

42 Security policies Security policies are an important part of the security plan in that they help to define and document how the system can be used with minimal security risks. Two common security philosophies are Deny specifics/accept all else Accept specifics/deny all else 42

43 Security risk analysis Effect/ Likelihood Main frames Workstations (PC or Mac) Routers/ Bridges/ Switches Servers DNS Denial of service D/D B/B A/C D/D A/B A/B Theft of data D/D A/B D/C D/D C/C A/B Corruption of Data D/D A/B A/C D/D A/C A/B Unauthorized use D/D B/B C/C D/D C/C B/B Viruses D/D B/B B/C D/D A/B B/C Trojan horses D/D B/C B/C D/D B/C B/C Physical Destruction D/D A/C A/C D/D A/C A/C EFFECT LIKELIHOOD A DESTRUCTIVE A CERTAIN B DISABLING B LIKELY C DISRUPTIVE C UNLIKELY D NO IMPACT D IMPOSSIBLE 43

44 Security mechanisms Physical security Security awareness User authentication Packet filters Application security mechanisms Encryption Firewalls Security and system components 44

45 Security Example: Firewalls firewall isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others. Two firewall types: packet filter application gateways To prevent denial of service attacks: SYN flooding: attacker establishes many bogus TCP connections. Attacked host alloc s TCP buffers for bogus connections, none left for real connections. To prevent illegal modification of internal data. e.g., attacker replaces CIA s homepage with something else To prevent intruders from obtaining secret info. 45

46 Packet Filtering Internal network is connected to Internet through a router. Router manufacturer provides options for filtering packets, based on: source IP address destination IP address TCP/UDP source and destination port numbers ICMP message type TCP SYN and ACK bits Example 1: block incoming and outgoing datagrams with IP protocol field = 17 and with either source or dest port = 23. All incoming and outgoing UDP flows and telnet connections are blocked. Example 2: Block inbound TCP segments with ACK=0. Prevents external clients from making TCP connections with internal clients, but allows internal clients to connect to outside. 46

47 Filters packets on application data as well as on IP/TCP/UDP fields. Example: allow select internal users to telnet outside. Application gateways host-to-gateway telnet session application gateway gateway-to-remote host telnet session router and filter 1. Require all telnet users to telnet through gateway. 2. For authorized users, gateway sets up telnet connection to dest host. Gateway relays data between 2 connections 3. Router filter blocks all telnet connections not originating from gateway. 47

48 Limitations of firewalls and gateways IP spoofing: router can t know if data really comes from claimed source If multiple app s. need special treatment, each has own app. gateway. Client software must know how to contact gateway. e.g., must set IP address of proxy in Web browser Filters often use all or nothing policy for UDP. Tradeoff: degree of communication with outside world, level of security Many highly protected sites still suffer from attacks. 48

49 KUALA LUMPUR 30 hosts LAN To other ASs LAN LAN 30 hosts LAN Corporate NOC PENANG WAN SEREMBAN LAN LAN 45 hosts To other ASs LAN 60 hosts To other ASs 15 dial-up routers LAN LAN 10 hosts This site must maintain maximum performance This site must maintain maximum security 49

50 References: 1. J.F. Kurose, K.W. Ross, Computer Networking A Top- Down Approach Featuring the Internet, Prentice Hall, M.Subramanian, Network Management: Principles and Practice, Addison-Wesley, David Zeltserman, A Practical Guide to SNMPv3 and Network Management, Prentice Hall, J.D. McCabe, Practical Computer Network Analysis and Design, Morgan-Kaufmann, D. Perkins, E. McGinnis, Understanding SNMP MIBs: 1/e, Prentice Hall,

Chapter 9 Network Management

Chapter 9 Network Management Chapter 9 Network Management A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and

More information

Chapter 8 Network Management. Chapter 8 outline. What is network management? Chapter 8: Network Management

Chapter 8 Network Management. Chapter 8 outline. What is network management? Chapter 8: Network Management Chapter 8 Network Management A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in powerpoint form so you can add, modify, and

More information

Network Management. What is network management?

Network Management. What is network management? Network Management Introduction to network management motivation major components Internet network management framework MIB: management information base SMI: data definition language SNMP: protocol for

More information

Chapter 9 Network Management

Chapter 9 Network Management Chapter 9 Network Management A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations;

More information

Chapter 9 Network Management. ISO network management. What is network management? Chapter 9: Network Management. Network Management standards

Chapter 9 Network Management. ISO network management. What is network management? Chapter 9: Network Management. Network Management standards Chapter 9 Network Management A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and

More information

This Lecture. NWEN 403 Advanced Network Engineering. Network Management. Outline. Network management. Qiang Fu

This Lecture. NWEN 403 Advanced Network Engineering. Network Management. Outline. Network management. Qiang Fu This Lecture Network management NWEN 403 Advanced Network Engineering Qiang Fu School of Engineering and Computer Science Victoria University of Wellington 22/04/2015 NWEN403: Advanced Network Engineering

More information

Network Management: - SNMP - Software Defined networking

Network Management: - SNMP - Software Defined networking Internet-Technologien (CS262) Network Management: - SNMP - Software Defined networking 23.4.2014 Christian Tschudin Departement Mathematik und Informatik, Universität Basel 9-1 Chapter 9 Network Management

More information

Simple Network Management Protocol - SNMP v1, ASN, MIB, BER. Network Management

Simple Network Management Protocol - SNMP v1, ASN, MIB, BER. Network Management Simple Network Management Protocol - SNMP v1, ASN, MIB, BER Network Management 1 Lectures Schedule Week Week 1 Topic Computer Networks - Network Management Architectures & Applications Week 2 Network Management

More information

Network Management Tasks. 17: Network Management and Monitoring. Snort. Snort IDS. Snort Rules

Network Management Tasks. 17: Network Management and Monitoring. Snort. Snort IDS. Snort Rules Network Management Tasks 17: Network Management and Monitoring Last Modified: 4/21/2003 2:46:25 PM Protecting the network (e.g. intrusion detection) Detecting failed components (interfaces, links, hosts,

More information

Firewalls and Intrusion Detection Systems. Advanced Computer Networks

Firewalls and Intrusion Detection Systems. Advanced Computer Networks Firewalls and Intrusion Detection Systems Advanced Computer Networks Firewalls & IDS Outline Firewalls Stateless packet filtering Stateful packet filtering Access Control Lists Application Gateways Intrusion

More information

Managing and Securing Computer Networks INFO-056

Managing and Securing Computer Networks INFO-056 Managing and Securing Computer Networks INFO-056 Prof. Guy Leduc Université de Liège Institut Montefiore, B28 B-4000 Liège 1 Phone: 04 3662698 ou 2696 (secrétariat) Fax: 04 3662989 Email: Guy.Leduc@ulg.ac.be

More information

Text Book: Computer Networking: A Top Down Approach Featuring the Internet 3rd edition, by Jim Kurose and Keith Ross, Addison-Wesley

Text Book: Computer Networking: A Top Down Approach Featuring the Internet 3rd edition, by Jim Kurose and Keith Ross, Addison-Wesley Network Management Text Book: Computer Networking: A Top Down Approach Featuring the Internet 3rd edition, by Jim Kurose and Keith Ross, Addison-Wesley these slides are based on USP Network Management

More information

Lecture 12: Network Management Architecture

Lecture 12: Network Management Architecture Lecture 12: Network Management Architecture Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4185 12-1 Defining Network Management Contains multiple layers: Business

More information

Network Management. Jaakko Kotimäki. Department of Computer Science Aalto University, School of Science. 21. maaliskuuta 2016

Network Management. Jaakko Kotimäki. Department of Computer Science Aalto University, School of Science. 21. maaliskuuta 2016 Jaakko Kotimäki Department of Computer Science Aalto University, School of Science Outline Introduction SNMP architecture Management Information Base SNMP protocol Network management in practice Niksula

More information

Chapter 8 Security Pt 2

Chapter 8 Security Pt 2 Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,

More information

SNMP Basics BUPT/QMUL 2015-05-12

SNMP Basics BUPT/QMUL 2015-05-12 SNMP Basics BUPT/QMUL 2015-05-12 Agenda Brief introduction to Network Management Brief introduction to SNMP SNMP Network Management Framework RMON New trends of network management Summary 2 Brief Introduction

More information

TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN MANAGEMENT. Aiko Pras pras@cs.utwente.nl

TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN MANAGEMENT. Aiko Pras pras@cs.utwente.nl TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN MANAGEMENT 9 July 1996 Aiko Pras pras@cs.utwente.nl http://wwwtios.cs.utwente.nl/~pras http://wwwtios.cs.utwente.nl/ http://wwwsnmp.cs.utwente.nl/ Copyright

More information

SNMP and Network Management

SNMP and Network Management SNMP and Network Management Nixu Oy Nixu Ltd PL 21 (Mäkelänkatu 91) 00601 Helsinki, Finland tel. +358 9 478 1011 fax. +358 9 478 1030 info@nixu.fi http://www.nixu.fi Contents Network Management MIB naming

More information

TELE 301 Network Management

TELE 301 Network Management TELE 301 Network Management Lecture 20: Management Tools and Protocols Haibo Zhang Computer Science, University of Otago TELE301 Lecture 20: Management tools and protocols 1 What is Network Management?

More information

SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)

SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP) 1 SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP) Mohammad S. Hasan Agenda 2 Looking at Today What is a management protocol and why is it needed Addressing a variable within SNMP Differing versions Ad-hoc Network

More information

Chapter 8 Network Security

Chapter 8 Network Security [Computer networking, 5 th ed., Kurose] Chapter 8 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 84Securing 8.4 e-mail 8.5 Securing TCP connections: SSL 8.6 Network

More information

Introduction to Simple Network Management Protocol (SNMP)

Introduction to Simple Network Management Protocol (SNMP) Introduction to Simple Network Management Protocol (SNMP) Simple Network Management Protocol (SNMP) is an application layer protocol for collecting information about devices on the network. It is part

More information

FIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others

FIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others FIREWALLS FIREWALLS Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others FIREWALLS: WHY Prevent denial of service attacks: SYN flooding: attacker

More information

ITEC310 Computer Networks II

ITEC310 Computer Networks II ITEC310 Computer Networks II Chapter 28 Network Management: Department of Information Technology Eastern Mediterranean University Objectives 2/60 After completing this chapter you should be able to do

More information

SNMP. Simple Network Management Protocol

SNMP. Simple Network Management Protocol SNMP Simple Network Management Protocol Introduction SNMP Simple Network Management Protocol A set of standards for network management Protocol Database structure specification Data objects A set of standardized

More information

Network Management. Copyright and acknowledgments

Network Management. Copyright and acknowledgments Network Management Andrea Bianco Telecommunication Network Group firstname.lastname@polito.it http://www.telematica.polito.it/ Network management and QoS provisioning - 1 Copyright and acknowledgments

More information

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet Basic Networking Concepts 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet 1 1. Introduction -A network can be defined as a group of computers and other devices connected

More information

Simple Network Management Protocol (SNMP)

Simple Network Management Protocol (SNMP) CHAPTER 52 Simple Network Management Protocol (SNMP) Background The Simple Network Management Protocol(SNMP)is an application-layer protocol that facilitates the exchange of management information between

More information

INTERNET MANAGEMENT PROTOCOLS TUTORIAL STOCKHOLM, SWEDEN 29 OCTOBER 1999 AIKO PRAS UNIVERSITY OF TWENTE THE NETHERLANDS

INTERNET MANAGEMENT PROTOCOLS TUTORIAL STOCKHOLM, SWEDEN 29 OCTOBER 1999 AIKO PRAS UNIVERSITY OF TWENTE THE NETHERLANDS INTERNET MANAGEMENT PROTOCOLS THE SIMPLE NETWORK MANAGEMENT PROTOCOL 1 TUTORIAL STOCKHOLM, SWEDEN 9 OCTOBER 1999 AIKO PRAS UNIVERSITY OF TWENTE THE NETHERLANDS pras@ctit.utwente.nl http://wwwhome.ctit.utwente.nl/~pras

More information

(Refer Slide Time: 1:17-1:40 min)

(Refer Slide Time: 1:17-1:40 min) Computer Networks Prof. S. Ghosh Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture # 37 Network management Good day, so today we will talk about network management.

More information

Network Management. Who's the boss? You or the network? net man - 1. Copyright 2000 Scott Bradner

Network Management. Who's the boss? You or the network? net man - 1. Copyright 2000 Scott Bradner Network Management Who's the boss? You or the network? net man - 1 Parts of Network Management network management is not just keeping bits moving OSI network management components fault management performance

More information

Network Management. Network Management. Copyright and acknowledgments. Acknowledgements. Pag. 1

Network Management. Network Management. Copyright and acknowledgments. Acknowledgements. Pag. 1 Network Management Andrea Bianco Telecommunication Network Group firstname.lastname@polito.it http://www.telematica.polito.it/ Network management and QoS provisioning - 1 Copyright and acknowledgments

More information

Firewall Tutorial. KAIST Dept. of EECS NC Lab.

Firewall Tutorial. KAIST Dept. of EECS NC Lab. Firewall Tutorial KAIST Dept. of EECS NC Lab. Contents What is Firewalls? Why Firewalls? Types of Firewalls Limitations of firewalls and gateways Firewalls in Linux What is Firewalls? firewall isolates

More information

Presented by Aurang Zeb 14CS-03. Network Management System

Presented by Aurang Zeb 14CS-03. Network Management System Presented by Aurang Zeb 14CS-03 Network Management System INTRODUCTION o We can define network management as monitoring, testing, configuring, and troubleshooting network components to meet a set of requirements.

More information

Network Management. Network management definition? Network Management. Network management definition? Copyright and acknowledgments

Network Management. Network management definition? Network Management. Network management definition? Copyright and acknowledgments Network management definition? Network Management Andrea Bianco Telecommunication Network Group firstname.lastname@polito.it http://www.telematica.polito.it/ Network management and QoS provisioning - 1

More information

VLAN und MPLS, Firewall und NAT,

VLAN und MPLS, Firewall und NAT, Internet-Technologien (CS262) VLAN und MPLS, Firewall und NAT, 15.4.2015 Christian Tschudin Departement Mathematik und Informatik, Universität Basel 6-1 Wiederholung Unterschied CSMA/CD und CSMA/CA? Was

More information

SNMP Network Management Concepts

SNMP Network Management Concepts SNMP Network Management Concepts Chu-Sing Yang Department of Electrical Engineering National Cheng Kung University Outline Background Basic Concepts Summary The Origins of TCP/IP Starts at 1969, and founded

More information

Outline of the SNMP Framework

Outline of the SNMP Framework 2 SNMP--A Management Protocol and Framework Rolf Stadler School of Electrical Engineering KTH Royal Institute of Technology stadler@ee.kth.se September 2008 Outline of the SNMP Framework Management Program

More information

TÓPICOS AVANÇADOS EM REDES ADVANCED TOPICS IN NETWORKS

TÓPICOS AVANÇADOS EM REDES ADVANCED TOPICS IN NETWORKS Mestrado em Engenharia de Redes de Comunicações TÓPICOS AVANÇADOS EM REDES ADVANCED TOPICS IN NETWORKS 2008-2009 Gestão de Redes e Serviços, Segurança - Networks and Services Management, Security 1 Outline

More information

SNMP....Simple Network Management Protocol...

SNMP....Simple Network Management Protocol... SNMP...Simple Network Management Protocol... Outline of the SNMP Framework SNMP Transport Architecture UDP unreliable transport layer Manager process SNMP UDP IP Physical protocol Agent process SNMP UDP

More information

Simple Network Management Protocol

Simple Network Management Protocol A Seminar Report on Simple Network Management Protocol Submitted in partial fulfillment of the requirement for the award of degree Of Computer Science SUBMITTED TO: SUBMITTED BY: www.studymafia.org www.studymafia.org

More information

An Introduction to Simple Network Management Protocol

An Introduction to Simple Network Management Protocol www.jasonslater.co.uk An Introduction to Simple Network Management Protocol Introduction Simple Network Management Protocol What it is Definition Why it is needed How it works Alternatives The Future Slide:

More information

Tutorial on Network Management and Measurements. Tasos Alexandridis analexan@csd.uoc.gr

Tutorial on Network Management and Measurements. Tasos Alexandridis analexan@csd.uoc.gr Tutorial on Network Management and Measurements Tasos Alexandridis analexan@csd.uoc.gr Network management Simple Network Management Protocol (SNMP) AP s SYSLOG messages Network Measurements and Analysis

More information

PA160: Net-Centric Computing II. Network Management

PA160: Net-Centric Computing II. Network Management PA160: Net-Centric Computing II. Network Management Luděk Matyska Slides by: Tomáš Rebok Faculty of Informatics Masaryk University Spring 2015 Luděk Matyska (FI MU) 3. Network Management Spring 2015 1

More information

Network Management Functions RMON1, RMON2. Network Management

Network Management Functions RMON1, RMON2. Network Management Network Management Functions RMON1, RMON2 Network Management 30.5.2013 1 Lectures Schedule Week Week 1 Topic Computer Networks - Network Management Architectures & Applications Week 2 Network Management

More information

System and Network Management

System and Network Management - System and Network Management Network Management : ability to monitor, control and plan the resources and components of computer system and networks network management is a problem created by computer!

More information

SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol SNMP Simple Network Management Protocol Simple Network Management Protocol SNMP is a framework that provides facilities for managing and monitoring network resources on the Internet. Components of SNMP:

More information

52-20-15 RMON, the New SNMP Remote Monitoring Standard Nathan J. Muller

52-20-15 RMON, the New SNMP Remote Monitoring Standard Nathan J. Muller 52-20-15 RMON, the New SNMP Remote Monitoring Standard Nathan J. Muller Payoff The Remote Monitoring (RMON) Management Information Base (MIB) is a set of object definitions that extend the capabilities

More information

Simple Network Management Protocol

Simple Network Management Protocol 56 CHAPTER Chapter Goals Discuss the SNMP Management Information Base. Describe SNMP version 1. Describe SNMP version 2. Background The (SNMP) is an application layer protocol that facilitates the exchange

More information

Configuring SNMP. 2012 Cisco and/or its affiliates. All rights reserved. 1

Configuring SNMP. 2012 Cisco and/or its affiliates. All rights reserved. 1 Configuring SNMP 2012 Cisco and/or its affiliates. All rights reserved. 1 The Simple Network Management Protocol (SNMP) is part of TCP/IP as defined by the IETF. It is used by network management systems

More information

Ethernet. Ethernet. Network Devices

Ethernet. Ethernet. Network Devices Ethernet Babak Kia Adjunct Professor Boston University College of Engineering ENG SC757 - Advanced Microprocessor Design Ethernet Ethernet is a term used to refer to a diverse set of frame based networking

More information

21.4 Network Address Translation (NAT) 21.4.1 NAT concept

21.4 Network Address Translation (NAT) 21.4.1 NAT concept 21.4 Network Address Translation (NAT) This section explains Network Address Translation (NAT). NAT is also known as IP masquerading. It provides a mapping between internal IP addresses and officially

More information

Subnetting and Network Management Omer F. Rana. Networks and Data Communications 1

Subnetting and Network Management Omer F. Rana. Networks and Data Communications 1 Subnetting and Network Management Omer F. Rana Networks and Data Communications 1 Subnetting Subnetting is an important concept in establishing TCP/IP based networks important in integrating small Local

More information

NETWORK SECURITY. Ch. 8: Defense Mechanism - Firewall

NETWORK SECURITY. Ch. 8: Defense Mechanism - Firewall NETWORK SECURITY Ch. 8: Defense Mechanism - Firewall Firewall A firewall is a hardware, software, or a combination of both that monitors and filters traffic packets that attempt to either enter or leave

More information

Internet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering

Internet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering Internet Firewall CSIS 3230 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 8.8: Packet filtering, firewalls, intrusion detection Ch

More information

R07. IV B.Tech. II Semester Regular Examinations, April, 2011. NETWORK MANAGEMENT SYSTEMS (Information Technology)

R07. IV B.Tech. II Semester Regular Examinations, April, 2011. NETWORK MANAGEMENT SYSTEMS (Information Technology) Set No. 1 1. a) Discus about network management goals and functions in detail. b) Explain in detail about current status and future of network management. 2. a) Explain the SNMP network management architecture.

More information

20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7

20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7 20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic

More information

SNMP -overview. Based on: W.Stallings Data and Computer Communications

SNMP -overview. Based on: W.Stallings Data and Computer Communications SNMP -overview Based on: W.Stallings Data and Computer Communications Network Management -SNMP Simple Network Management Protocol (not so simple ) Dominant standardized network management scheme in use

More information

Module 11: TCP/IP Transport and Application Layers

Module 11: TCP/IP Transport and Application Layers Module 11: TCP/IP Transport and Application Layers 11.1 TCP/IP Transport Layer 11.1.1 Introduction to the TCP/IP transport layer The primary duties of the transport layer are to transport and regulate

More information

SFWR 4C03: Computer Networks & Computer Security Jan 3-7, 2005. Lecturer: Kartik Krishnan Lecture 1-3

SFWR 4C03: Computer Networks & Computer Security Jan 3-7, 2005. Lecturer: Kartik Krishnan Lecture 1-3 SFWR 4C03: Computer Networks & Computer Security Jan 3-7, 2005 Lecturer: Kartik Krishnan Lecture 1-3 Communications and Computer Networks The fundamental purpose of a communication network is the exchange

More information

A Brief Introduction to Internet Network Management and SNMP. Geoff Huston NTW Track 4

A Brief Introduction to Internet Network Management and SNMP. Geoff Huston NTW Track 4 A Brief Introduction to Internet Network Management and SNMP Geoff Huston NTW Track 4 What are we talking about? Network Management Tasks fault management configuration management performance management

More information

UPPER LAYER SWITCHING

UPPER LAYER SWITCHING 52-20-40 DATA COMMUNICATIONS MANAGEMENT UPPER LAYER SWITCHING Gilbert Held INSIDE Upper Layer Operations; Address Translation; Layer 3 Switching; Layer 4 Switching OVERVIEW The first series of LAN switches

More information

COSC4377. Chapter 8 roadmap

COSC4377. Chapter 8 roadmap Lecture 28 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7

More information

Extra Topics: SNMP (Simple Network Management Protocol)

Extra Topics: SNMP (Simple Network Management Protocol) Extra Topics: SNMP (Simple Network Management Protocol) SNMP Overview Define mechanism for remote management of network devices (routers, bridges, etc.) Fundamental principle: all device management done

More information

Firewalls. Chapter 3

Firewalls. Chapter 3 Firewalls Chapter 3 1 Border Firewall Passed Packet (Ingress) Passed Packet (Egress) Attack Packet Hardened Client PC Internet (Not Trusted) Hardened Server Dropped Packet (Ingress) Log File Internet Border

More information

Simple Network Management Protocol

Simple Network Management Protocol CS 556 - Networks II Internet Teaching Lab (MCS B-24) Simple Network Mgmt Protocol (SNMP) Simple Network Management Protocol What you will learn in this lab: Details of the SNMP protocol. Contents of a

More information

The ABCs of SNMP. Info Sheet. The ABC of SNMP INTRODUCTION. SNMP Versions

The ABCs of SNMP. Info Sheet. The ABC of SNMP INTRODUCTION. SNMP Versions The ABCs of SNMP INTRODUCTION One of the numerous acronyms from the Internet world is SNMP which stands for Simple Network Management Protocol. Of course, anything termed simple is suspect. SNMP is an

More information

Lecture 5: Foundation of Network Management

Lecture 5: Foundation of Network Management Lecture 5: Foundation of Network Management Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4395 5-1 Network Management Standards OSI: Common Management Information

More information

A Guide to Understanding SNMP

A Guide to Understanding SNMP A Guide to Understanding SNMP Read about SNMP v1, v2c & v3 and Learn How to Configure SNMP on Cisco Routers 2013, SolarWinds Worldwide, LLC. All rights reserved. Share: In small networks with only a few

More information

Network Management (NETW-1001)

Network Management (NETW-1001) Network Management (NETW-1001) Dr. Mohamed Abdelwahab Saleh IET-Networks, GUC Spring 2016 TOC 1 Architecture of NMSs 2 OSI Network Management 3 Telecom Management Network 4 SNMP 5 SMI and MIB Remote Management

More information

Top-Down Network Design

Top-Down Network Design Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer 29 Network Management Design A good design can help an organization achieve

More information

Network Management. Introduction

Network Management. Introduction Network Management Introduction Notes taken from many sources, including IEEE Computer Society Online Cisco Course, Mani Subramanian, Chu Sing Yang, Raouf Boutaba, and many more 1 Outline Introduction

More information

Basic Network Configuration

Basic Network Configuration Basic Network Configuration 2 Table of Contents Basic Network Configuration... 25 LAN (local area network) vs WAN (wide area network)... 25 Local Area Network... 25 Wide Area Network... 26 Accessing the

More information

Simple Network Management Protocol

Simple Network Management Protocol Simple Network Management Protocol Chu-Sing Yang Department of Electrical Engineering National Cheng Kung University Outlines Basic Concepts Protocol Specification Transport-Level Support SNMP Group Practical

More information

Comparison of SNMP. Versions 1, 2 and 3

Comparison of SNMP. Versions 1, 2 and 3 Comparison of SNMP 1 Comparison of SNMP Versions 1, 2 and 3 Eddie Bibbs Brandon Matt ICTN 4600-001 Xin Tang April 17, 2006 Comparison of SNMP 2 During its development history, the communities of researchers,

More information

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann

More information

Indian Institute of Technology Kharagpur. TCP/IP Part I. Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology

Indian Institute of Technology Kharagpur. TCP/IP Part I. Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology Indian Institute of Technology Kharagpur TCP/IP Part I Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology Kharagpur Lecture 3: TCP/IP Part I On completion, the student

More information

Module 6. Internetworking. Version 2 CSE IIT, Kharagpur

Module 6. Internetworking. Version 2 CSE IIT, Kharagpur Module 6 Internetworking Lesson 2 Internet Protocol (IP) Specific Instructional Objectives At the end of this lesson, the students will be able to: Explain the relationship between TCP/IP and OSI model

More information

2. Compressing data to reduce the amount of transmitted data (e.g., to save money).

2. Compressing data to reduce the amount of transmitted data (e.g., to save money). Presentation Layer The presentation layer is concerned with preserving the meaning of information sent across a network. The presentation layer may represent (encode) the data in various ways (e.g., data

More information

Simple Network Management Protocol

Simple Network Management Protocol CHAPTER 32 Simple Network Management Protocol Background Simple Network Management Protocol (SNMP) is an application-layer protocol designed to facilitate the exchange of management information between

More information

CIT 480: Securing Computer Systems. TCP/IP Security

CIT 480: Securing Computer Systems. TCP/IP Security CIT 480: Securing Computer Systems TCP/IP Security Topics 1. Internet Protocol (IP) 2. IP Spoofing and Other Vulnerabilities 3. ICMP 4. Transmission Control Protocol (TCP) 5. TCP Session Hijacking 6. UDP

More information

SNMP Informant. SNMP Informant, the default Microsoft SNMP extension agents and WMI January 2009

SNMP Informant. SNMP Informant, the default Microsoft SNMP extension agents and WMI January 2009 Informant Systems, Inc. 11135-23A Avenue Edmonton, AB T6J4W5 Canada p: 780.908.6669 f: 780.434.8991 www.informant-systems.com SNMP Informant SNMP Informant, the default Microsoft SNMP extension agents

More information

Protocols and Architecture. Protocol Architecture.

Protocols and Architecture. Protocol Architecture. Protocols and Architecture Protocol Architecture. Layered structure of hardware and software to support exchange of data between systems/distributed applications Set of rules for transmission of data between

More information

CHAPTER MANAGED SWITCH SOFTWARE MONITORING. In This Chapter...

CHAPTER MANAGED SWITCH SOFTWARE MONITORING. In This Chapter... MANAGED SWITCH SOFTWARE MONITORING CHAPTER 23 In This Chapter... System Information.................................................3 2 Port and Power Status...............................................3

More information

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network. Course Name: TCP/IP Networking Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network. TCP/IP is the globally accepted group of protocols

More information

NMS300 Network Management System

NMS300 Network Management System NMS300 Network Management System User Manual June 2013 202-11289-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. After installing your device, locate

More information

Firewalls. Ahmad Almulhem March 10, 2012

Firewalls. Ahmad Almulhem March 10, 2012 Firewalls Ahmad Almulhem March 10, 2012 1 Outline Firewalls The Need for Firewalls Firewall Characteristics Types of Firewalls Firewall Basing Firewall Configurations Firewall Policies and Anomalies 2

More information

Network Management. New York Institute of Technology CSCI 690 Michael Hutt

Network Management. New York Institute of Technology CSCI 690 Michael Hutt Network Management New York Institute of Technology CSCI 690 Michael Hutt FCAPS Fault Configuration Accounting Performance Security Fault SNMP Polling SNMP Traps RMON syslog Emergency (level 0) Alert (level

More information

The OSI Model and the TCP/IP Protocol Suite. Pritee Parwekar ANITS 1

The OSI Model and the TCP/IP Protocol Suite. Pritee Parwekar ANITS 1 The OSI Model and the TCP/IP Protocol Suite Pritee Parwekar ANITS 1 To study To discuss the idea of multiple layering in data communication and networking and the interrelationship between layers. To discuss

More information

Abstract. An SNMP Agent for a DTV Data Server. Dinkar Bhat David Catapano James Kenealy Gomer Thomas

Abstract. An SNMP Agent for a DTV Data Server. Dinkar Bhat David Catapano James Kenealy Gomer Thomas An SNMP Agent for a DTV Data Server by Dinkar Bhat David Catapano James Kenealy Gomer Thomas Abstract This paper presents a framework for remote control and monitoring of a DTV data server using the Simple

More information

Network System Design Lesson Objectives

Network System Design Lesson Objectives Network System Design Lesson Unit 1: INTRODUCTION TO NETWORK DESIGN Assignment Customer Needs and Goals Identify the purpose and parts of a good customer needs report. Gather information to identify network

More information

Cisco Performance Management: Best Practices White Pap

Cisco Performance Management: Best Practices White Pap Cisco Performance Management: Best Practices White Pap Table of Contents Performance Management: Best Practices White Paper...1 Introduction...1 Background Information...1 Critical Success Factors...2

More information

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection. A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based

More information

Performance Management: Best Practices White Paper

Performance Management: Best Practices White Paper Performance Management: Best Practices White Paper Document ID: 15115 Contents Introduction Background Information Critical Success Factors Indicators for Performance Management Performance Management

More information

TCP/IP Concepts Review. A CEH Perspective

TCP/IP Concepts Review. A CEH Perspective TCP/IP Concepts Review A CEH Perspective 1 Objectives At the end of this unit, you will be able to: Describe the TCP/IP protocol stack For each level, explain roles and vulnerabilities Explain basic IP

More information

DC70 NETWORK MANAGEMENT JUN 2015

DC70 NETWORK MANAGEMENT JUN 2015 Q.2 a. Most of the popular host operating systems come with the TCP/IP Suite and are amenable to SNMP management. The current networks management systems, however, suffer from several limitations. Describe

More information

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols Guide to TCP/IP, Third Edition Chapter 3: Data Link and Network Layer TCP/IP Protocols Objectives Understand the role that data link protocols, such as SLIP and PPP, play for TCP/IP Distinguish among various

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 roadmap 1 What is network security? 2 Principles of cryptography 3 Message integrity, authentication

More information

Firewalls. Ingress Filtering. Ingress Filtering. Network Security. Firewalls. Access lists Ingress filtering. Egress filtering NAT

Firewalls. Ingress Filtering. Ingress Filtering. Network Security. Firewalls. Access lists Ingress filtering. Egress filtering NAT Network Security s Access lists Ingress filtering s Egress filtering NAT 2 Drivers of Performance RequirementsTraffic Volume and Complexity of Static IP Packet Filter Corporate Network The Complexity of

More information

Internetworking and IP Address

Internetworking and IP Address Lecture 8 Internetworking and IP Address Motivation of Internetworking Internet Architecture and Router Internet TCP/IP Reference Model and Protocols IP Addresses - Binary and Dotted Decimal IP Address

More information