Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Management Protocols and Security

Published byAbner Nash Modified over 4 years ago

Similar presentations

Presentation on theme: "Network Management Protocols and Security"— Presentation transcript:

1 Network Management Protocols and Security
– Chapter 8

2 Chapter 8 Objectives Define and describe a Management Information Base (MIB) Define and describe Simple Network Management Protocol (SNMP) Define SNMP message types Define and describe Remote Network Monitoring (RMON) CMIP/CMIS

3 The Funnel Approach to Creating a Standard
Interfaces OSI Model Approximately 1–2 Years Approximately 6 Months Creates a Draft for a Standard

4 SNMP Overview SNMP v1 was developed in 1988 Simple Stopgap measure

5 SNMP Components The basic components of SNMP are: Manager Agent
Management Information Base (MIB) Network Management Protocol

6 SNMP Architecture Management Managed Station Device Queries/Response
Functions (FCAPS) Processes Queries/Response Agent Function Processes Application Access Control and User Interface Traps/Alarms MIB

7 SNMP Architecture (cont.)
Network Service Manager Process MIB SNMP UDP IP IP Network Interface (e.g., Ethernet, FDDI, x.25) Network Interface (e.g., Ethernet, FDDI, x.25) Management Station Network Device Query Manager Responses Agent Traps/Alarms MIB e.g., x.25 Communications Network

8 MIB Structure Categorization Collection of related objects
How groupings relate Agents

9 MIB Tree iso (1) org (3) dod (6) internet (1) directory (1) mgmt. (2)
system (1) interfaces (2) nt (3) ip (4) icmp (5) tcp (6) udp (7) egp (8) transmission (10) snap (11) experimental (3) private (4) enterprises (1)

10 SNMP v1 Message Types SNMP Manager Agent GetRequest GetResponse
GetNextRequest Trap SetRequest The three foundation specifications are: RFC 1155 – “Structure and Identification of Management Information for TCP/IP-Based Networks” RFC 1213 – “Management Information Base for Network Management of TCP/IP-Based Internets: MIB II” RFC 1157 – “Simple Network Management Protocol”

11 SNMP Messages Implemented on top of UDP/IP/Ethernet

12 Proxy Configuration To accommodate devices that do not implement SNMP The proxy agent converts each SNMP query into the management protocol supported by the managed device

13 SNMPv2 Drawbacks of SNMPv1:
Lack of support for distributed network management Functional deficiencies Security deficiencies SNMPv2 (1993) is intended to run on the OSI Protocol suite: Supports a greater networked configurations Overcomes the functional deficiencies of SNMPv1 Supports distributed network management RFCs (1996): 1901, , 2578, and 2579

14 InformRequestResponse
SNMP v2 Commands GetRequest GetResponse Agent GetNextRequest Trap Manager SetRequest GetBulkRequest GetBulkResponse InformRequest Manager InformRequestResponse

15 Distributed Management Configuration
The Inform command can be used to construct a multiple management cooperation in a large network

16 SNMPv1 Security Aspects
Supports Security through the SNMP Community concept: A relationship between an SNMP agent and a set of SNMP managers Defines authentication, access control, and proxy characteristics Authentication Service The community name associated with each message serves as a password. Access Control The agent can provide different categories of MIB access to different managers Combination of an MIB view and access mode provides an SNMP Community Profile Proxy Service The proxy knows which MIB object can be used and their access mode SNMPv1 Security Administrative Concepts

17 SNMP v3 A working group within IETF produced SNMPv3 in 1998:
Defines a framework for security features Supports an architecture to cover different versions of SNMP RFCs describe architecture, messages, and security features Security-related processing occurs at the message level through a User Security Model (USM) field

18 SNMP v3 Architecture Manager Agent MIB Instrumentation SNMP
Applications Message Processing SNMP Engine Manager Dispatch Agent Security Access Control MIB Instrumentation SNMP Applications IP Network Transport SNMP Transport – Gets and formats messages; sends the messages into the transport data units. Message Dispatch – Creates protocol data units (PDU) in the application header. Message Processing – Processes and dispatches messages to appropriate SNMP version. Security – Performs authentication and encryption for SNMP messages. Authorization – Provides authentication services to provide access to the MIB. SNMP Application – Provides procedures for each application when generating PDU. MIB Instrumentation – Provides access procedure to access the MIB.

19 SNMP v3 User Security Model
USM provides authentication and privacy services Authentication protocol HMAC-MD5-96 and HMAC-SHA-96 DES in cipher block chaining (CBC) mode SNMP engine uses two values: a 16-octet privKey for DES and a 16-octet authKey for HMAC algorithm, for both local users and remote users Encryption is performed first, then authentication is performed, if needed. RFC 2574 provides guidelines for the creation, update, and management of these keys. SNMP v3 Message format with USM

20 Benefits of SNMP Availability of agents Implementation Agent-level
Polling Robust and extensible Manager-agent interface

21 Drawbacks of SNMP Security Object-orientation Difficult to integrate
High communications Private MIBs No standard control definition

22 RMON (Remote Network Monitoring)
Provides standard information Hardware and software Probes Latest version

23 RMON Configuration NMS Station with RMON MIB Router Router RMON FDDI
Agent FDDI

24 CMIP/CMIS Managing System Managed System Queries/Response Manager
Agent Traps/Alarms OSI Stack OSI Stack CMIS Interface CMIP Protocol CMIS Interface

Download ppt "Network Management Protocols and Security"

Similar presentations

CIS 203 17 : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.

CIS : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.
Overview of Network Management. Outline Describe responsibilities of a network manager Define network management vocabulary Discuss network management.

Overview of Network Management. Outline Describe responsibilities of a network manager Define network management vocabulary Discuss network management.
Network Management Security

Network Management Security
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.
Manajemen Jaringan dan Network Security Pertemuan 26 Matakuliah: H0484/Jaringan Komputer Tahun: 2007.

Manajemen Jaringan dan Network Security Pertemuan 26 Matakuliah: H0484/Jaringan Komputer Tahun: 2007.
Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.

Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.

TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
Management Architecture and Standards II IACT 418 IACT 918 Corporate Network Planning Gene Awyzio Spring 2001.

Management Architecture and Standards II IACT 418 IACT 918 Corporate Network Planning Gene Awyzio Spring 2001.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
MJ04/07041 Session 04 Arsitektur SNMP Organization Model Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.

MJ04/07041 Session 04 Arsitektur SNMP Organization Model Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.
NS-H0503-02/11041 SNMP. NS-H0503-02/11042 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.

NS-H /11041 SNMP. NS-H /11042 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.
1 Pertemuan 26 Manajemen Jaringan dan Network Security Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.

1 Pertemuan 26 Manajemen Jaringan dan Network Security Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.
1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.

1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.
Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.

Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.
COMP4690, by Dr Xiaowen Chu, HKBU

COMP4690, by Dr Xiaowen Chu, HKBU
SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol
1 Network Management Computer Networks. 2 OSI Network Management Model Performance Management e.g. utilization Fault Management e.g. SNMP traps Configuration.

1 Network Management Computer Networks. 2 OSI Network Management Model Performance Management e.g. utilization Fault Management e.g. SNMP traps Configuration.
Chapter 6 Overview Simple Network Management Protocol

Chapter 6 Overview Simple Network Management Protocol
McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.

McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.

Similar presentations

Ads by Google