Central issues in network management
|
|
|
- Amice Nicholson
- 10 years ago
- Views:
Transcription
1 Central issues in network management Sarah Lowman April 2010 Introduction Network management is a set of activities, procedures and tools that concern the operation, administration, maintenance and provisioning of a computer network (Javvin Technologies, 2010). Operations is concerned with keeping the network and its services running efficiently, usually by monitoring the network and solving any problems before they affect users. Administration is about keeping the network under control, involving tasks such as monitoring the network resources and their assignment. Maintenance deals with repairs, upgrades and measures to improve the network such as configuration tweaks. Finally, provisioning deals with changing the network to handle new requirements or services. There are many important subcategories in network management, including configuration management, accounting management, fault management, performance management, security management, bandwidth management, cryptographic key distribution and route analytics. FCAPS is a memorable acronym for the most important management areas - Fault, Configuration, Accounting/Administration, Performance and Security. FCAPS was first introduced in the OSI Systems Management Overview ISO in the 1980s. The intention was to create 5 separate protocols, one for each FCAPS management area. However, due to the similarity between the protocols, instead of five separate protocols, one overarching protocol was created named the Common Management Information Protocol (ISO/IEC 10040, 1998). FCAPS was also used in the ITU-T Telecommunications Management Network (TMN) protocol in the 1990s, and has become a standard way of thinking about network management. There are many 3 rd party network management solutions, such as WebNMS 1 and Zabbix 2, which exist for enterprises and other organisations with large networks. These utilise pre-existing network management protocols and can collect data using numerous methods including logging, packet sniffing, and installing intelligent agents (Bieszczad, Pagurek, & White, 1998) on the infrastructure to provide complete FCAPS management. The emergence of cloud computing and on-demand virtual resources has resulted in an ever-increasing reliance on networks. Businesses therefore have to constantly re-evaluate and upgrade their network management solutions (Goyal, Mikkilineni, & Ganti, 2009)
2 This essay will describe each of the management areas of FCAPS in more detail, describing some of the problems that arise in network management and their solutions. Fault Management Fault management is the detection and correction of malfunctions on the network. Network faults can be divided into hardware and software faults. Hardware faults can be caused by wear and tear, accidental or malicious damage or incorrect installation. Software faults can be caused by bugs, incorrect design, the use of unsuitable software, or incorrect information for example incorrect routing tables can result in a slow or faulty service (Gürer, Khan, Ogier, & Keffer, 1996). The detection of faults is through real-time alarms or analysis of error log files. When a fault occurs, the device may send a notification (an alarm) to the network administrator via the Simple Network Management Protocol (SNMP). An alarm is a persistent indication of a fault, which will only clear when the fault has been fixed (Cisco, 2002). Alarms can be caused by either physical problems (e.g. a link being down) or logical problems (e.g. statistical measurements going over a threshold, such as link congestion). These alarms are often kept on an Active Alarm List (as defined in RFC ). Alarm filters may be in place to correlate alarms and eliminate multiple occurrences of the same alarm. Filters also assign the alarms to different severity levels. RFC (syslog) uses the severities: debug, informational, notice, warning, error, critical, alert and emergency, whilst ITU X.733 (Alarm Reporting Function) uses severities of cleared, indeterminate, critical, major, minor and warning. This type of fault management is called passive the fault management system only knows of a fault when it receives an SNMP alarm. A problem with this is that the device not only has to be intelligent enough to send the message, but also must be in a suitable state to do so. The fault may render the device unable to send the alarm, thereby allowing the fault to go undetected. Active fault management involves the system sending out periodic requests (such as Ping or Traceroute) to devices to check they are active (Nadi, 2009). If no response is received, an alarm is raised. Faults can be identified by requesting diagnostic tests and status updates from resources that raise alarms. Before the problem can be fixed, network administrators may want to reroute traffic away from that resource to ensure there is minimal loss of service. Once the fault has been identified and analysed, remedial actions can take place. These may involve the administrator replacing damaged hardware or debugging software. Some fault correction can be automated, with the fault management software autonomously launching scripts when particular problems occur
3 Configuration Management Network Change and Configuration Management (NCCM) has become essential for IT organizations in enterprise, government and service provider environments (EMA, 2008). Configuration management focuses on the organisation, maintenance and updating of configurations for all the components on the computer network (both hardware and software). Usually configuration information is collected and kept in a database so that changes can be easily tracked. This allows identification and traceability of device configurations (BS ISO 10007, 2003). Configuration management is often named change control or change management. Configuration management tools allow any changes made to be documented and easily rolled-back if they were not successful. When a fault has occurred, having an audit trail of any configuration changes means the source of the problem can be easily identified. For example, when multiple system administrators are working on the same network and step on each others toes, this makes it is easier to see where things went wrong or to roll back to a known-working state. Configuration management is also useful in making large changes: manual updates to multiple devices would be time consuming, but by using intelligent configuration management the same changes can be rolled out automatically saving time and reducing errors (Hughes, 2009). Other requirements of any NCCM solution include providing multi-vendor support, easy deployment, easy use and scalability (EMA, 2008). A lot of networks have many different devices from different vendors, so having a common interface to configure them all is important. Accounting Management Accounting management, also known as billing management, involves gathering network usage statistics so that users can be billed for usage or so that usage quotas can be enforced. For non-billed networks, accounting is replaced by administration. Accounting/Administration management also involves the management of users and passwords, permissions and software backups and synchronisation. Organisations do not have common accounting requirements, so there is not a single accounting protocol that meets all needs. Consequently, the goals of accounting management are to provide tools that can be used to meet the requirements of many different accounting applications (Aboba, Arkko, & Harrington, 2000). RADIUS, TACACS and Diameter are some of the protocols commonly used. RADIUS (Remote Authentication Dial In User Service) is an Authentication, Authorization and Accounting (AAA) protocol, developed in RADIUS has broad support and is often used by Internet Service Providers and enterprises to manage access to the internet or internal networks (Posey, 2006). It is an application layer client/server protocol, which uses UDP as transport. RADIUS has three functions: to authenticate users/devices so they can access the network; to authorize those users/devices for any 3
4 network services; and finally to account for the usage of those services (CISCO, 2006). Diameter is a successor to RADIUS. The architecture of a network accounting system generally involves an accounting server, a billing server and the interactions between these and the devices on the network. The network devices collect accounting metric data, which is sent to the accounting server, normally using an accounting protocol. This data is processed by the accounting server and sent to the billing sever which handles the invoice generation. The billing server may also carry out auditing, cost allocation and trend analysis (Aboba, Arkko, & Harrington, 2000). Trend analysis involves forecasting future usage. This can be achieved through statistical sampling techniques. Billing can either be usage sensitive, or non-usage sensitive. If the billing is non-usage sensitive, the accounting metric data is not needed by the billing server, unless it is carrying out any secondary functions like trend analysis. Usage sensitive billing may be required to conform to financial reporting and legal requirements, since any packet loss between the network devices and the servers may turn into revenue loss for the organisation (Aboba, Arkko, & Harrington, 2000). Auditing is likely to be required for usage sensitive billing. Auditing tasks include verifying the correctness of the accounting and billing procedures and verifying the invoices created. Performance Management Network performance management is the measuring, planning and optimisation of networks to balance the performance needs of the organisation (in terms of capacity, reliability and speed) with the cost constraints. Different end-user applications require different performance needs: for example streaming video can be unreliable but needs to be fast to avoid lag (therefore UDP is often used instead of TCP). Some applications require a specific Quality of Service. Quality of Service is the ability to provide different applications a guaranteed level of performance, especially if the network capacity is insufficient to provide a good enough quality to all the services using it (Xiao, 2008). This is mostly used for real-time streaming services such as Voice-Over IP and online gaming which require a minimum bit-rate and are latency sensitive. Whilst Quality of Service guarantees for audio and video are important, it is also important these do not compromise connectivity, robustness, and performance for traditional best-effort traffic (Keshav & Sharma, 1998). Several factors affect the delivery of data across a network, including latency, packet loss, retransmission delays and throughput. A network performance manager aims to ensure a network has high bandwidth with little latency and packet loss. Latency is the time taken for a sent packet to be received at the destination, including the encoding and decoding times at either end. Latency can be improved by having fewer intermediary nodes for a packet to travel through, or reducing the amount of processing (such as filtering or accounting) that nodes 4
5 perform. Packet loss can occur for a number of reasons, which include overloading of intermediary networks, rejected packets due to corruption or errors, faulty networking hardware or drivers, signal degradation or intentional discarding of packets to enforce a particular level of service. Retransmission delays are caused by packet loss in a reliable network (such as TCP). The delay is twofold: there is the delay from retransmitting the data, and there is a delay whilst the receiver waits until packets can be recombined in the correct order before being promoted up the protocol stack. Throughput is the amount of traffic a network can carry, measured in bits per second. The throughput may be lowered due to many users sharing the same network resources. Throughput can also be lowered by the use of specific protocols on the network. For example, in the transport layer, TCP uses flow control and congestion avoidance, and in the datalink layer CSMA/CD and CSMA/CA use backoff waiting times and retransmissions after detecting collisions (Tanenbaum, 2003). To measure the performance of a network, several utilities can be used. Examples are Ping which measures Round Trip Time (RTT) and packet loss; Traceroute which measures RTT and path taken (Barford, 2008); and Multi Router Traffic Grapher (MRTG). MRTG can used to collect and collate information from SNMP-enabled devices. It can then produce graphs for things like network throughput over time. Security Management Network security management includes protecting the network and resources from unauthorised access, detecting and mitigating security breaches, managing security services, controlling and distributing cryptographic keys and managing user rights and privileges. Specialised risk assessment and risk analysis tools are often used to identify assets, threats and to rate network system vulnerabilities so that appropriate action can be taken to mitigate potential security problems. In a networked system, many devices, such as routers, firewalls, virtual private network gateways, and individual host operating systems, must cooperate to achieve security goals (Guttman & Herzog, 2004). Security management is difficult and error-prone as these devices may require different configurations depending on their location and purpose. The difficulty of security management is illustrated by the following truism: an attacker only needs to find one successful attack vector, whilst security management must be aware of and defend against all attack vectors. Encryption key management involves key generation, exchange, storage and usage of encryption keys, with many different cryptographic mechanisms to choose from. Inappropriate choices may result in an illusion of security, but little or no real security for protocols or applications (Barker, Barker, Burr, Polk, & Smid, 2007). Successful management of the keys is critical to the security of a cryptosystem. It can be difficult to coordinate this with user training, system policy and organisational interactions. 5
6 Conclusion Network management is a term encompassing all factors of a network. FCAPS is a framework that allows administrators to divide up network management into five different areas: Fault management, which deals with detecting and correcting malfunctions on the network; Configuration management, which tracks and documents network configuration changes; Accounting management, which deals with the billing or usage allowances of network users; Performance management, which aims to optimise the performance of the network; and Security management, which deals with the control and management of security policies and encryption keys. All of these areas need to be carefully managed to keep a network in good working order. Poor network management can result in costly problems for an organisation. For example, lax security standards can result in loss of private data, network congestion can result in poor employee productivity, ineffective billing can result in revenue loss and expensive network outages can occur due to poorly configured routers or faulty hardware. These problems can be avoided through use of effective network management tools and protocols. The growing business dependency on networked communication means that services and uses for networks are continuously being invented and evolved. Network management must evolve to keep pace, becoming more sophisticated and intelligent in the process (Grigonis, 2007). In the past, network management was only influenced by the skill of the staff. However, as networks have become more dynamic and complex, the use of good network management software has become just as important. This has given rise to software that uses artificial intelligence to solve some management problems (Gürer, Khan, Ogier, & Keffer, 1996), such as using mobile agents for fault management (Bieszczad, Pagurek, & White, 1998) and systems that can make security decisions automatically without the need for a network administrator (Guttman & Herzog, 2004). Even with the help of autonomous and intelligent agents and network management software, the job of a network administrator is important and complicated. They must balance the different network management areas to make sure their system is properly configured and maintained. 6
7 Bibliography Aboba, B., Arkko, J., & Harrington, D. (2000). Introduction to Accounting Management. Network Working Group. Barford, P. (2008, September 11th). Network Performance Measurement and Analysis. Retrieved from University of Wisconsin-Madison: Barker, E., Barker, W., Burr, W., Polk, W., & Smid, M. (2007, March). Recommendation for Key Management - Part 1: General. Retrieved from National Institute of Standards and Technology: Bieszczad, A., Pagurek, B., & White, T. (1998). Mobile Agents for Network Management. IEEE Communications Surveys. BS ISO (2003). Quality management systems Guidelines for configuration management. Retrieved from Cisco. (2002). Cisco Active Network Abstraction Fault Management User s Guide, Retrieved from gement/user/guide/1fltmn.pdf CISCO. (2006). How Does RADIUS Work? Retrieved April 16th, 2010, from EMA. (2008). Network Change and Configuration Management: Optimize Reliability, Minimize Risk and Reduce Costs. Goyal, P., Mikkilineni, R., & Ganti, M. (2009). FCAPS in the Business Services Fabric Model. 18th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises, pp Gürer, D. W., Khan, I., Ogier, R., & Keffer, R. (1996). An Artificial Intelligence Approach to Network Fault Management. SRI International, pp Guttman, J. D., & Herzog, A. L. (2004). Rigorous automated network security management. International Journal of Information Security. Volume 4, Numbers 1-2, pp Hughes, J. (2009, February 20th). Network Configuration Management Introduction. Retrieved April 16th, 2010, from openxtra: 7
8 ISO/IEC (1998). Information technology - Open Systems Interconnection - Systems management overview. Javvin Technologies. (n.d.). Tele-Communication (Telecom) Terms Glossary and Dictionary. Retrieved April 5th, 2010, from Javvin Network Management & Security: Keshav, S., & Sharma, R. (1998). Achieving Quality of Service through Network Performance Management. Cornell Network Research Group. Nadi, F. (2009, November 17th). Network Management & Monitoring Overview. Retrieved from Posey, B. (2006). SolutionBase: RADIUS deployment scenarios. Retrieved April 16th, 2010, from Tech Republic: Tanenbaum, A. S. (2003). Computer Networks. Upper Saddle River, NJ: Prentice Hall. Xiao, X. (2008). Technical, Commercial and Regulatory Challenges of QoS: An Internet Service Model Perspective. Morgan Kaufmann. 8
Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.
Considerations In Developing Firewall Selection Criteria Adeptech Systems, Inc. Table of Contents Introduction... 1 Firewall s Function...1 Firewall Selection Considerations... 1 Firewall Types... 2 Packet
Top-Down Network Design
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer 29 Network Management Design A good design can help an organization achieve
159.334 Computer Networks. Voice over IP (VoIP) Professor Richard Harris School of Engineering and Advanced Technology (SEAT)
Voice over IP (VoIP) Professor Richard Harris School of Engineering and Advanced Technology (SEAT) Presentation Outline Basic IP phone set up The SIP protocol Computer Networks - 1/2 Learning Objectives
MANAGING NETWORK COMPONENTS USING SNMP
MANAGING NETWORK COMPONENTS USING SNMP Abubucker Samsudeen Shaffi 1 Mohanned Al-Obaidy 2 Gulf College 1, 2 Sultanate of Oman. Email: [email protected] [email protected] Abstract:
Introduction to Network Management
Introduction to Network Management Chu-Sing Yang Department of Electrical Engineering National Cheng Kung University Outline Introduction Network Management Requirement SNMP family OSI management function
OAM Operations Administration and Maintenance
OAM Operations Administration and Maintenance IERU Communications Ltd OAM Rev. A Page 1 of 9 Operations Administration and Maintenance 1. Overview This paper describes the Ethernet and Multi-Protocol Label
Company & Solution Profile
Company & Solution Profile About Us NMSWorks Software Limited is an information technology company specializing in developing Carrier grade Integrated Network Management Solutions for the emerging convergent
FAULT MANAGEMENT SERVICE IN ATM NETWORKS USING TINA NETWORK RESOURCE ARCHITECTURE
FAULT MANAGEMENT SERVICE IN ATM NETWORKS USING TINA NETWORK RESOURCE ARCHITECTURE Chetan P. Chiba, Setumo Mohapi, Hu Hanrahan Centre for Telecommunications Access and Services 1 Department of Electrical
Network Management and Monitoring Software
Page 1 of 7 Network Management and Monitoring Software Many products on the market today provide analytical information to those who are responsible for the management of networked systems or what the
Routing & Traffic Analysis for Converged Networks. Filling the Layer 3 Gap in VoIP Management
Routing & Traffic Analysis for Converged Networks Filling the Layer 3 Gap in VoIP Management Executive Summary Voice over Internet Protocol (VoIP) is transforming corporate and consumer communications
mbits Network Operations Centrec
mbits Network Operations Centrec The mbits Network Operations Centre (NOC) is co-located and fully operationally integrated with the mbits Service Desk. The NOC is staffed by fulltime mbits employees,
Basics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
Lecture 4: Introduction to Computer Network Design
Lecture 4: Introduction to Computer Design Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4185 4-1 Computer s Prof. Shervin Shirmohammadi CEG 4185 4-2 1 Background
First Line of Defense to Protect Critical Infrastructure
RFI SUBMISSION First Line of Defense to Protect Critical Infrastructure Developing a Framework to Improve Critical Infrastructure Cybersecurity Response to NIST Docket # 130208119-3119-01 Document # 2013-044B
NOS for Network Support (903)
NOS for Network Support (903) November 2014 V1.1 NOS Reference ESKITP903301 ESKITP903401 ESKITP903501 ESKITP903601 NOS Title Assist with Installation, Implementation and Handover of Network Infrastructure
WIRELESS BANDWIDTH MANAGEMENT AUTHENTICATION IMPROVING QUALITY OF SERVICE
WIRELESS BANDWIDTH MANAGEMENT AUTHENTICATION IMPROVING QUALITY OF SERVICE Amanda PEART & Alice GOOD ABSTRACT: With the popularity of distributed applications such as BitTorrent and Peer 2 Peer (P2P) networks,
CISCO IOS NETWORK SECURITY (IINS)
CISCO IOS NETWORK SECURITY (IINS) SEVENMENTOR TRAINING PVT.LTD [Type text] Exam Description The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification.
Creating Business-Class VoIP: Ensuring End-to-End Service Quality and Performance in a Multi-Vendor Environment. A Stratecast Whitepaper
: Ensuring End-to-End Service Quality and Performance in a Multi-Vendor Environment A Executive Summary Creating Business-Class VoIP Traditional voice services have always been reliable, available, and
PORTrockIT. Spectrum Protect : faster WAN replication and backups with PORTrockIT
1 PORTrockIT 2 Executive summary IBM Spectrum Protect, previously known as IBM Tivoli Storage Manager or TSM, is the cornerstone of many large companies data protection strategies, offering a wide range
IP Telephony Management
IP Telephony Management How Cisco IT Manages Global IP Telephony A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Design, implement, and maintain a highly available, reliable, and resilient
Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA
Firewalls Securing Networks Chapter 3 Part 1 of 4 CA M S Mehta, FCA 1 Firewalls Learning Objectives Task Statements 1.3 Recognise function of Telecommunications and Network security including firewalls,..
IP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life
Overview Dipl.-Ing. Peter Schrotter Institute of Communication Networks and Satellite Communications Graz University of Technology, Austria Fundamentals of Communicating over the Network Application Layer
WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK
WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK DATE OF RELEASE: 27 th July 2012 Table of Contents 1. Introduction... 2 2. Need for securing Telecom Networks... 3 3. Security Assessment Techniques...
The Next Generation Network:
JULY, 2012 The Next Generation Network: Why the Distributed Enterprise Should Consider Multi-circuit WAN VPN Solutions versus Traditional MPLS Tolt Solutions Network Services 125 Technology Drive Suite
10 METRICS TO MONITOR IN THE LTE NETWORK. [ WhitePaper ]
[ WhitePaper ] 10 10 METRICS TO MONITOR IN THE LTE NETWORK. Abstract: The deployment of LTE increases dependency on the underlying network, which must be closely monitored in order to avert service-impacting
Network Performance Monitoring at Minimal Capex
Network Performance Monitoring at Minimal Capex Some Cisco IOS technologies you can use to create a high performance network Don Thomas Jacob Technical Marketing Engineer About ManageEngine Network Servers
Fifty Critical Alerts for Monitoring Windows Servers Best practices
Fifty Critical Alerts for Monitoring Windows Servers Best practices The importance of consolidation, correlation, and detection Enterprise Security Series White Paper 6990 Columbia Gateway Drive, Suite
IBM. Vulnerability scanning and best practices
IBM Vulnerability scanning and best practices ii Vulnerability scanning and best practices Contents Vulnerability scanning strategy and best practices.............. 1 Scan types............... 2 Scan duration
The rise of the hybrid network model
The rise of the hybrid network model Hybrid networks offer the promise of greater flexibility and capacity, improved application performance and cheaper price points than traditional Wide Area Networks
Cisco Application Networking for Citrix Presentation Server
Cisco Application Networking for Citrix Presentation Server Faster Site Navigation, Less Bandwidth and Server Processing, and Greater Availability for Global Deployments What You Will Learn To address
Cloud Infrastructure Planning. Chapter Six
Cloud Infrastructure Planning Chapter Six Topics Key to successful cloud service adoption is an understanding of underlying infrastructure. Topics Understanding cloud networks Leveraging automation and
i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification
1.1 Multipoint Control Unit (MCU) A. The MCU shall be capable of supporting (20) continuous presence HD Video Ports at 720P/30Hz resolution and (40) continuous presence ports at 480P/30Hz resolution. B.
Network Management System (NMS) FAQ
Network Management System (NMS) FAQ Q: How does the NMS work? A: The Cooper NMS is a powerful, flexible and highly scalable wireless and fixed network management solution for thousands of network nodes
Ranch Networks for Hosted Data Centers
Ranch Networks for Hosted Data Centers Internet Zone RN20 Server Farm DNS Zone DNS Server Farm FTP Zone FTP Server Farm Customer 1 Customer 2 L2 Switch Customer 3 Customer 4 Customer 5 Customer 6 Ranch
ΕΠΛ 674: Εργαστήριο 5 Firewalls
ΕΠΛ 674: Εργαστήριο 5 Firewalls Παύλος Αντωνίου Εαρινό Εξάμηνο 2011 Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized
Who is Watching You? Video Conferencing Security
Who is Watching You? Video Conferencing Security Navid Jam Member of Technical Staff March 1, 2007 SAND# 2007-1115C Computer and Network Security Security Systems and Technology Video Conference and Collaborative
Deploying in a Distributed Environment
Deploying in a Distributed Environment Distributed enterprise networks have many remote locations, ranging from dozens to thousands of small offices. Typically, between 5 and 50 employees work at each
Global Network. Whitepaper. September 2014. Page 1 of 9
Global Network Whitepaper September 2014 Page 1 of 9 Contents 1. Overview...2 2. Global Connectivity, Quality of Service and Reliability...2 2.1 Exceptional Quality...3 2.2 Resilience and Reliability...3
Cisco Remote Management Services for Security
Cisco Remote Management Services for Security Innovation: Many Take Advantage of It, Some Strive for It, Cisco Delivers It. Cisco Remote Management Services (RMS) for Security provide around the clock
Building Secure Network Infrastructure For LANs
Building Secure Network Infrastructure For LANs Yeung, K., Hau; and Leung, T., Chuen Abstract This paper discusses the building of secure network infrastructure for local area networks. It first gives
State of Texas. TEX-AN Next Generation. NNI Plan
State of Texas TEX-AN Next Generation NNI Plan Table of Contents 1. INTRODUCTION... 1 1.1. Purpose... 1 2. NNI APPROACH... 2 2.1. Proposed Interconnection Capacity... 2 2.2. Collocation Equipment Requirements...
SCOPE OF SERVICE Hosted Cloud Storage Service: Scope of Service
Hosted Cloud Storage Service: Scope of Service 1. Definitions 1.1 For the purposes of this Schedule: Access Account is an End User account with Data Storage requiring authentication via a username and
SapphireIMS 4.0 BSM Feature Specification
SapphireIMS 4.0 BSM Feature Specification v1.4 All rights reserved. COPYRIGHT NOTICE AND DISCLAIMER No parts of this document may be reproduced in any form without the express written permission of Tecknodreams
Draft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications
Draft ITU-T Recommendation X.805 (Formerly X.css), architecture for systems providing end-to-end communications Summary This Recommendation defines the general security-related architectural elements that
The evolution of data connectivity
Leveraging the Benefits of IP and the Cloud in the Security Sector The CCTV and alarm industry has relied on analogue or Integrated Services Digital Network (ISDN) communications to provide data connectivity
Cisco Change Management: Best Practices White Paper
Table of Contents Change Management: Best Practices White Paper...1 Introduction...1 Critical Steps for Creating a Change Management Process...1 Planning for Change...1 Managing Change...1 High Level Process
Requirements of Voice in an IP Internetwork
Requirements of Voice in an IP Internetwork Real-Time Voice in a Best-Effort IP Internetwork This topic lists problems associated with implementation of real-time voice traffic in a best-effort IP internetwork.
Cisco Advanced Services Network Management Systems Architectural Leading Practice
Cisco Advanced Services Network Management Systems Architectural Leading Practice Contents Introduction Preface Intent Network Management Goals and Requirements Operational Goals Functional Requirements
Quality of Service Testing in the VoIP Environment
Whitepaper Quality of Service Testing in the VoIP Environment Carrying voice traffic over the Internet rather than the traditional public telephone network has revolutionized communications. Initially,
1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network
WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What
IPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region
IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express
CPNI VIEWPOINT 03/2007 HOSTED VOICE OVER IP
HOSTED VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices
NETWORK TO NETWORK INTERFACE PLAN
AT&T will provide interconnect points at both the Network Security Operations Center (NSOC) and the Sam Houston Building (SHB), the prescribed DIR locations via AT&T s VPN (AVPN) service. The standards-based
Application Notes. Introduction. Contents. Managing IP Centrex & Hosted PBX Services. Series. VoIP Performance Management. Overview.
Title Series Managing IP Centrex & Hosted PBX Services Date July 2004 VoIP Performance Management Contents Introduction... 1 Quality Management & IP Centrex Service... 2 The New VoIP Performance Management
Technical Note. ForeScout CounterACT: Virtual Firewall
ForeScout CounterACT: Contents Introduction... 3 What is the vfw?.... 3 Technically, How Does vfw Work?.... 4 How Does vfw Compare to a Real Firewall?.... 4 How Does vfw Compare to other Blocking Methods?...
Application Note. Pre-Deployment and Network Readiness Assessment Is Essential. Types of VoIP Performance Problems. Contents
Title Six Steps To Getting Your Network Ready For Voice Over IP Date January 2005 Overview This provides enterprise network managers with a six step methodology, including predeployment testing and network
SIP Security Controllers. Product Overview
SIP Security Controllers Product Overview Document Version: V1.1 Date: October 2008 1. Introduction UM Labs have developed a range of perimeter security gateways for VoIP and other applications running
GoToMyPC Corporate Advanced Firewall Support Features
F A C T S H E E T GoToMyPC Corporate Advanced Firewall Support Features Citrix GoToMyPC Corporate features Citrix Online s advanced connectivity technology. We support all of the common firewall and proxy
CloudLink - The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds
- The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds February 2011 1 Introduction Today's business environment requires organizations
Troubleshooting Your VoIP Ecosystem with Prognosis Sue Bradshaw, Technology Writer
White Paper Troubleshooting Your VoIP Ecosystem with Prognosis Sue Bradshaw, Technology Writer This white paper from Integrated Research discusses how managing the complete VoIP ecosystem with Prognosis
Lesson 5-2: Network Maintenance and Management
Unit 5: Network Operating Systems Lesson 5-2: Network Maintenance and Management At a Glance This lesson presents an overview of network planning and management tasks. It also discusses hardware and software
Stateful Inspection Technology
Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions
BlackRidge Technology Transport Access Control: Overview
2011 BlackRidge Technology Transport Access Control: Overview 1 Introduction Enterprises and government agencies are under repeated cyber attack. Attacks range in scope from distributed denial of service
OpManager MSP Edition
OpManager MSP Edition Product Overview (6.5) June 2007 Agenda MSP Edition Architecture And Features About OpManager MSP Demo (https://mspdemo.opmanager.com) MSP Edition Architecture And Features Scalable
How To Understand and Configure Your Network for IntraVUE
How To Understand and Configure Your Network for IntraVUE Summary This document attempts to standardize the methods used to configure Intrauve in situations where there is little or no understanding of
Whitepaper. 10 Metrics to Monitor in the LTE Network. www.sevone.com blog.sevone.com [email protected]
10 Metrics to Monitor in the LTE Network The deployment of LTE increases dependency on the underlying network, which must be closely monitored in order to avert serviceimpacting events. In addition, the
Injazat s Managed Services Portfolio
Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.
EA-ISP-012-Network Management Policy
Technology & Information Services EA-ISP-012-Network Management Policy Owner: Adrian Hollister Author: Paul Ferrier Date: 01/04/2015 Document Security Level: PUBLIC Document Version: 1.00 Document Ref:
CGHub Client Security Guide Documentation
CGHub Client Security Guide Documentation Release 3.1 University of California, Santa Cruz April 16, 2014 CONTENTS 1 Abstract 1 2 GeneTorrent: a secure, client/server BitTorrent 2 2.1 GeneTorrent protocols.....................................
Tk20 Network Infrastructure
Tk20 Network Infrastructure Tk20 Network Infrastructure Table of Contents Overview... 4 Physical Layout... 4 Air Conditioning:... 4 Backup Power:... 4 Personnel Security:... 4 Fire Prevention and Suppression:...
How To Provide Qos Based Routing In The Internet
CHAPTER 2 QoS ROUTING AND ITS ROLE IN QOS PARADIGM 22 QoS ROUTING AND ITS ROLE IN QOS PARADIGM 2.1 INTRODUCTION As the main emphasis of the present research work is on achieving QoS in routing, hence this
WHITE PAPER September 2012. CA Nimsoft For Network Monitoring
WHITE PAPER September 2012 CA Nimsoft For Network Monitoring Table of Contents EXECUTIVE SUMMARY 3 Solution overview 3 CA Nimsoft Monitor specialized probes 3 Network and application connectivity probe
Firewalls Overview and Best Practices. White Paper
Firewalls Overview and Best Practices White Paper Copyright Decipher Information Systems, 2005. All rights reserved. The information in this publication is furnished for information use only, does not
Region 10 Videoconference Network (R10VN)
Region 10 Videoconference Network (R10VN) Network Considerations & Guidelines 1 What Causes A Poor Video Call? There are several factors that can affect a videoconference call. The two biggest culprits
Analysis of IP Network for different Quality of Service
2009 International Symposium on Computing, Communication, and Control (ISCCC 2009) Proc.of CSIT vol.1 (2011) (2011) IACSIT Press, Singapore Analysis of IP Network for different Quality of Service Ajith
One software solution to monitor your entire network, including devices, applications traffic and availability.
One software solution to monitor your entire network, including devices, applications traffic and availability. About Britannic Expert Integrators We are award winning specialists in IP communications,
HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT
HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT The frequency and sophistication of Distributed Denial of Service attacks (DDoS) on the Internet are rapidly increasing. Most of the earliest
Avaya ExpertNet Lite Assessment Tool
IP Telephony Contact Centers Mobility Services WHITE PAPER Avaya ExpertNet Lite Assessment Tool April 2005 avaya.com Table of Contents Overview... 1 Network Impact... 2 Network Paths... 2 Path Generation...
Restorable Logical Topology using Cross-Layer Optimization
פרויקטים בתקשורת מחשבים - 236340 - סמסטר אביב 2016 Restorable Logical Topology using Cross-Layer Optimization Abstract: Today s communication networks consist of routers and optical switches in a logical
Receiving the IP packets Decoding of the packets Digital-to-analog conversion which reproduces the original voice stream
Article VoIP Introduction Internet telephony refers to communications services voice, fax, SMS, and/or voice-messaging applications that are transported via the internet, rather than the public switched
ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science
ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized Internet users
Third Party Network Management Standard Best practice
Third Party Network Management Standard Best practice Issue 1.0 Date: 27/04/2016 Author: BT Security, 3rd Party Security Team SEC/STD/BP003 Contents 1 Introduction... 3 1.1 General... 3 1.2 Objectives...
CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
Network traffic monitoring and management. Sonia Panchen [email protected] 11 th November 2010
Network traffic monitoring and management Sonia Panchen [email protected] 11 th November 2010 Lecture outline What is network traffic management? Traffic management applications Traffic monitoring
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
Network Monitoring. Chu-Sing Yang. Department of Electrical Engineering National Cheng Kung University
Network Monitoring Chu-Sing Yang Department of Electrical Engineering National Cheng Kung University Outline Introduction Network monitoring architecture Performance monitoring Fault monitoring Accounting
WHITE PAPER OCTOBER 2014. CA Unified Infrastructure Management for Networks
WHITE PAPER OCTOBER 2014 CA Unified Infrastructure Management for Networks 2 WHITE PAPER: CA UNIFIED INFRASTRUCTURE MANAGEMENT FOR NETWORKS ca.com Table of Contents Solution Overview 3 Specialized Probes
CCNP SWITCH: Implementing High Availability and Redundancy in a Campus Network
CCNP SWITCH: Implementing High Availability and Redundancy in a Campus Network Olga Torstensson SWITCHv6 1 Components of High Availability Redundancy Technology (including hardware and software features)
DoS: Attack and Defense
DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches
White Paper. Protecting Databases from Unauthorized Activities Using Imperva SecureSphere
Protecting Databases from Unauthorized Activities Using Imperva SecureSphere White Paper As the primary repository for the enterprise s most valuable information, the database is perhaps the most sensitive
IP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview
This module describes IP Service Level Agreements (SLAs). IP SLAs allows Cisco customers to analyze IP service levels for IP applications and services, to increase productivity, to lower operational costs,
The OSI Network Management Model - Capacity and performance management
Edith Cowan University Research Online ECU Publications Pre. 2011 2008 The OSI Network Management Model - Capacity and performance management Chompu Nuangjamnong Edith Cowan University Stanislaw P. Maj
INSTANT MESSAGING SECURITY
INSTANT MESSAGING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part
Internet Protocol: IP packet headers. vendredi 18 octobre 13
Internet Protocol: IP packet headers 1 IPv4 header V L TOS Total Length Identification F Frag TTL Proto Checksum Options Source address Destination address Data (payload) Padding V: Version (IPv4 ; IPv6)
IS TEST 3 - TIPS FOUR (4) levels of detective controls offered by intrusion detection system (IDS) methodologies. First layer is typically responsible for monitoring the network and network devices. NIDS
