Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Kyung Hee University Prof. Choong Seon HONG Network Control.

Published byBarbra Hardy Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Kyung Hee University Prof. Choong Seon HONG Network Control."— Presentation transcript:

1 1 Kyung Hee University Prof. Choong Seon HONG Network Control

2 2 Kyung Hee University Introduction  Network control : modifying parameters in and causing actions to be taken by the end systems, intermediate systems and subsystems  Performance, fault and accounting : related to monitoring  Configurations and Security : related to control

3 3 Kyung Hee University Configuration Management  Concerned with the initialization and maintenance, and shutdown of individual components and logical subsystems Managed resources : including as follows. l Identifiable physical resources (for example, a server or router) l Lower-level logical objects (for example, a transport-layer retransmission timer) Configuration values l Specifying default values for attributes l Possessing proper parameter values  Performance management and configuration management functions If performance management monitoring function detects that response time is degrading due to an imbalance in load, Configuration management may adjust the configuration to achieve load level.

4 4 Kyung Hee University Configuration Management (cont’d)  Fault management and configuration management If fault management detects and isolates a fault, Configuration management may alter the configuration to by bypass the fault  Functions of configuration management Define configuration information Set and modify attribute values Define and modify relationships Initialize and terminate network operations Distribute software Examine values and relationships (through query-response interaction) Report on configuration status (via an event report)

5 5 Kyung Hee University Configuration Management (cont’d)  Define Configuration Information Configuration information l including a specification of the resources under management and the attributes of those resources l A simple structured list of data fields l An object-oriented database l A relational database : the structure of the database reflects the relationships among network elements network resources l Physical resources : end systems, routers, bridges, communication facilities, services, communication media, and modems l Logical resources : timers, counters, states, operational characters, software version number, and release level Network control function l Should enable the user to specify the range and type of values l Should be able to define new object type, or data type element types (on- line or off-line)

6 6 Kyung Hee University Configuration Management (cont’d)  Set and Modify Attribute Values Configuration management function should enable a manager station to remotely set and modify attribute values in agents and proxies l A manger must be authorized l Some attributes reflect the “reality” at a resource and cannot be modified remotely. ( just by a physical action at the router) Three categories of configurable attributes for modification l Database update only – changing contact information l Database update plus resource modification – for example, physical port id set to “disabled” and agent not only updates the state attribute but also disables the port l Database update plus action – if an authorized manger sets a reinitialize parameter to TRUE, the router would go through a reinitialization procedure

7 7 Kyung Hee University Configuration Management (cont’d)  Define and Modify Relationships Relationship describes an association, connection, or condition that exists between network resources or network components l topology, hierarchy, physical and logical connection, or a management domain l One example of the use of relationship – managing link layer connection between LAN nodes LLC protocol in one node can issue a connection request to another node A network manger station could set up a fixed LLC connection between two nodes; This connection set up would designate the SAP (service access point) in each node

8 8 Kyung Hee University Configuration Management (cont’d)  Data relationships foo blee bar Devices Vendors Contacts Allan Karen Banzai Hack

9 9 Kyung Hee University Configuration Management (cont’d)  Initialize and Terminate Network Operations Initialization : including verification that all settable resource attributes and relationships have been properly set, notifying users of any resource, attribute, or relationship still needing to be set, and validating users’ initialization commands. Termination : allowing users to request retrieval of specified statistics, blocks, or status information before the terminal procedures have completed  Distribute Software software loading requests transmitting the specified versions of software updating the configuration tracking systems updating routing tables

10 10 Kyung Hee University Security control  Security Threats a definition of security requirement l Secrecy : reading by authorized parties l Integrity : can modified only by authorized parties l Availability : available to authorized parties

11 11 Kyung Hee University Security control (cont’d)  Types of Threats Interruption l destroyed or become unavailable or unusable l a threat to availability Interception l an unauthorized party gains access to an asset l a threat to secrecy Modification l an unauthorized party not only gains access but tampers with an asset l a threat to integrity Fabrication l an unauthorized party inserts counterfeit objects into the system l a threat to integrity

12 12 Kyung Hee University Security control (cont’d) Information source Information destination Normal Flow Interruption Modification Interception Fabrication

13 13 Kyung Hee University Security control (cont’d)  Security threats to Network DATA Hardware device Software Communication Lines Modification Interception (capture, analysis) Masquerade Interruption (loss) Interruption (Theft, denial of service) Interception Modification Interruption (deletion) Masquerade Modification Interruption (loss) Interception (capture, analysis)

14 14 Kyung Hee University Security control (cont’d)  Steps in an example of Security Management (step 1) identifying the sensitive information to be protected (step 2) finding the access points (step 3) securing the access points (step 4) maintaining the secure access points l Note: access points: software services, hardware components, and network media Disk with sensitive information Router Data Network Services: remote login file transfer Monitoring system Console Query (step 4) (step 1) (step3) (step 2)

15 15 Kyung Hee University Security control (cont’d)  Identifying sensitive information accounting, financial, customer, market, engineering and employment  Finding the access points remote login, file transfer, electronic mail, remote process execution, file and directory servers, name servers  Securing the access points on the data link level: use encryption on the network level: use packet filters on every host level: use host authentication, user authentication and key authentication  Maintaining the secure access points basis for auditing network security: potential network access points and their required security deploy programs to check for commonly known security problems: trying passwords and encryption key offering on the public network cash prizes

Download ppt "1 Kyung Hee University Prof. Choong Seon HONG Network Control."

Similar presentations

Chapter 1 - 1 ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.

Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
CIS 203 17 : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.

CIS : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.
30/04/2015Tim S Roberts 20081 COIT13152 Operating Systems T1, 2008 Tim S Roberts.

30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
Network+ Guide to Networks, Fourth Edition

Network+ Guide to Networks, Fourth Edition
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
Informationsteknologi Thursday, October 11, 2007Computer Systems/Operating Systems - Class 161 Today’s class Security.

Informationsteknologi Thursday, October 11, 2007Computer Systems/Operating Systems - Class 161 Today’s class Security.
6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,

Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Similar presentations

Ads by Google