ch11.htm

this describes managing multivendor networks

	management reports to a Web server. This feature will enable anyone with a Web browser
	and proper access to view management reports from any location. 
<HR>


</BLOCKQUOTE>

<P>The trend towards integration is being seen throughout the network management
industry. Novell Inc. (Provo, Utah) and Intel Corp. (Santa Clara, California) have
a new version of the ManageWise network management suite that better integrates the
two companies' management applications. ManageWise 2.0 combines separate consoles
for Intel's LANDesk and Novell's NetWare Management System. It integrates the NetWare
Directory Services (NDS) and unifies network management and administration for the
two management platforms. NDS maintains a central directory of authorized users,
and provides for a single point of administration for enterprises with multiple servers.
ManageWise 2.0 will also offer better SNMP support. Through ManageWise, an SNMP console
will be able to manage a NetWare server.</P>
<P>Products like SystemView and OpenView often work with third-party products to
expand their reach into other areas--such as a NetWare network. Novell's network
management products are supported by both IBM and HP; users of SystemView and OpenView
can gain immediate access to NetWare statistics through Novell's products.</P>
<P>Novell offers two network management products: LANalyzer for Windows and ManageWise.
<I>LANalyzer</I> is an inexpensive, software-only network analyzer meant for smaller
networks or for portable use. Running on an IBM 80386 processor, LANalyzer will continuously
monitor traffic on an Ethernet or token-ring segment, capture and decode NetWare
packets, and derive a variety of statistics such as bandwidth usage, traffic patterns,
and packet counts. However, because it can only monitor a single segment at a time,
it is usable only on smaller networks.</P>
<P>For managing multiple segments simultaneously, Novell offers their ManageWise
network management software. <I>ManageWise</I> is a more full-featured, integrated
set of management services that is used for controlling the network on an end-to-end
basis. Like LANalyzer, it manages Ethernet and token-ring networks running NetWare
3 or 4. It offers extensive standards support, including SNMP, IP, IPX, and RMON;
and several enhancements are available from third parties. IBM, SunSoft, and Hewlett-Packard
have all agreed to support ManageWise 2.0 in their own systems management offerings.</P>
<P>Novell takes the approach of offering network management as a network service,
integrated into the network itself, as opposed to presenting it as a centralized
system. ManageWise is installed on each NetWare server, and enables an administrator
to manage all NetWare servers from a single site. Because it is a distributed service,
it can take advantage of the processing power that exists on the network, and minimize
network traffic. Because ManageWise enables for shared access to the management information
it collects, multiple consoles can cooperatively manage a heterogeneous environment.
Users of IBM's SystemView can take advantage of the ManageWise network agent to get
a dynamic view of the NetWare topology directly from SystemView. Similarly, users
of HP's OpenView gain immediate access to NetWare statistics from the OpenView enterprise
console.</P>
<P>Version 2.0 of ManageWise permits managers to move easily between SNMP management
and NDS network administration. It uses NDS as a security measure for SNMP management
by enabling staff to authenticate managers on the network and restrict access to
management functions. ManageWise's SNMP agent technology permits NetWare servers
to be managed from any SNMP management console, and also makes its network mapping
services available to other consoles. Because it distributes its intelligent management
agents throughout the network, the need for continuous polling is kept to a minimum.
<H2><A NAME="Heading12"></A><FONT COLOR="#000077">Remote Monitoring (RMON)</FONT></H2>
<P><I>RMON technology</I> makes management tasks that were previously available only
in the SNA environment possible for a distributed, internetworking environment. These
features in- clude network security, network design, and simulation. An embedded
RMON agent can be beneficial to the corporate network, as the number of interconnected
LANs and desktops continue to increase. RMON lends stability to the network, and
enables network managers to support more users and segments without incurring bandwidth
usage penalties. Most major internet-working vendors support embedded RMON, including
3Com (Santa Clara, Cailfornia), Bay Networks (Santa Clara, California), and Cisco
Systems (San Jose, California).</P>
<P>The RMON and RMON 2 standards were created to permit troubleshooting and diagnosis
of problems in an enterprise network, and to provide the means to proactively monitor
and diagnose a distributed LAN. In the RMON model, a monitoring device, known as
an <I>agent</I> or <I>probe,</I> monitors a network segment, gathers statistics,
and monitors for user-defined thresholds that, when exceeded, trigger an alarm. These
probes communicate via SNMP with a central management station. As networks get more
complex and far-reaching, standards such as RMON are becoming essential. The original
RMON 1 standard supported the monitoring of traffic only through the MAC (Data Link)
Layer of the OSI model, and was limited in its usefulness. RMON 1-based probes only
viewed traffic on the local LAN segment, and did not identify hosts beyond the router
level.</P>
<P>The RMON 2 standard supports the Network Layer and Application Layer as well,
making it usable for managing an enterprise network. The RMON 2 standard, however,
does not support high-speed LAN/WAN topologies, switched LANs, or monitoring of network
devices (the as-yet-undefined RMON 3 standard might accommodate these technologies).
RMON 2 still goes far beyond the previous specification in providing a more complete
view of network traffic, because the RMON groups map to the major Network Layer protocols,
such as IP, IPX, DECnet, Appletalk, Vines, and OSI.</P>
<P>The importance of Network Layer support is evident when looking at a distributed
environment, where resources might be on different physical LAN segments. These multiple
LAN segments might be connected by routers or switches. Any user, given the right
authorization by the administrator, can access any remote resource in the distributed
network. RMON 2-based products are available for deployment in switched internetworking
environments.</P>
<P>RMON can be used by managers to go beyond those functions afforded by SNMP for
network management, and can accommodate a much larger enterprise. SNMP is used to
configure and monitor network devices, but there are some limitations. SNMP management
software usually polls the software agents on a continual basis. As a result, there
is a finite amount of devices that can be monitored before the amount of traffic
reaches an unacceptable level. The IETF (Internet Engineering Task Force) Remote
Network Monitoring Management Information Base (RMON MIB) specification adds an extra
MIB that defines managed objects, using standard SNMP mechanisms. The RMON MIB is
mainly used to support monitors or probes that are not constantly connected to the
management software. The RMON MIB also diagnoses and logs events on network segments,
detects and reports error conditions, and expands SNMP's two-level hierarchy to provide
the network manager with more flexibility. A RMON monitor can send data to more than
one management application, and the alerts can be sent to the most appropriate station.</P>
<P>There are 10 basic RMON MIB groups, nine of which support Ethernet topologies
and the tenth reserved for parameters that are specific to token ring. The 10 groups
are:

<UL>
	<LI><I>Statistics.</I> This group shows data concerning network uses, traffic levels,
	and other information for troubleshooting. It counts Ethernet or token-ring frames,
	octets, broadcasts, multicasts, and collisions.<BR>
	<BR>
	
	<LI><I>History.</I> Provides trend analysis of the data in the above Statistics group.<BR>
	<BR>
	
	<LI><I>Alarms.</I> Permits thresholds to be configured, such that events can be triggered
	when those thresholds have been exceeded.<BR>
	<BR>
	
	<LI><I>Hosts.</I> Permits SNMP managers to receive information on network nodes that
	lack SNMP agents.<BR>
	<BR>
	
	<LI><I>Host TopN.</I> Permits reports to be defined, such that the top &quot;n&quot;
	ranking hosts are listed for different variables. For example, a report can be generated
	that shows the top &quot;n&quot; number of nodes that generated a specific number
	of errors over a time period.<BR>
	<BR>
	
	<LI><I>Traffic Matrix.</I> Permits a matrix that cross-references destination addresses
	against source addresses, and plots values for frames, octets, and errors for each
	traffic pattern. This permits the manager to discover which conversations generate
	the most traffic or errors.<BR>
	<BR>
	
	<LI><I>Filters.</I> Enables the manager to define packet match conditions to capture
	relevant data for analysis.<BR>
	<BR>
	
	<LI><I>Packet Capture.</I> This group provides capture buffers to hold information
	derived from actions taken by the Filters group. Captured packets are used by several
	network analysis software tools, such as Novell's LANalyzer.<BR>
	<BR>
	
	<LI><I>Events.</I> Generates an events log.<BR>
	<BR>
	
	<LI><I>Token Ring.</I> Actually several groups rolled into one, the Token Ring group
	includes token-ring-specific functions, such as ring station order and source routing.
</UL>

<P>Large token-ring internetworks often must be managed with minimal management and
monitoring tools, simply because of limited availability. Token-ring RMON represents
a standards-based approach to managing a token-ring LAN. However, many of the existing
token-ring probes lack support for token-ring-specific features, such as autosensing
ring speed or the ability to stop beaconing after a number of unsuccessful insertion
attempts. There are also, of course, bandwidth issues to consider. The RMON management
application accesses the RMON probes through in-band SNMP functions, which means
that the bandwidth consumption of information requests can be a major consideration.</P>
<P>Major vendors of RMON products include Armon Networking (Santa Barbara, California),
Frontier Software (Tewksbury, Massachusetts), and Hewlett-Packard (Palo Alto, California).
In terms of the OSI model, RMON 2 supports Layer 1 (Physical), Layer 2 (Data Link),
Layer 3 (Network), and Layer 7 (Application). Most RMON products, however, do accommodate
all seven layers, although support for the Transport, Session, and Presentation layers
are not yet standardized and are implemented through proprietary extensions.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>RMON Agents</B></FONT><BR>
	Both 3Com Corp. and Cisco Systems Inc. have plans for offering RMON agents that pass
	data to RMON management applications. The agents will be built into the companies'
	switches as a standard feature. RMON agents send data from each port on a switch
	to a management application. The agents perform the same task as RMON probes, which
	are attached to the links between switches, although the stand-alone probes are a
	more costly solution. 
<HR>


</BLOCKQUOTE>

<P>Frontier Software has created a superset of RMON 2, known as <I>EnterpriseRMON,</I>
that overcomes the limitations of RMON 2 and supports all seven layers of the OSI
model. Frontier's <I>NETscout</I> further extends RMON by supporting switched LANs
and high-speed LAN/WAN topologies. (In the future, Frontier is also planning on adding
support for Fast Ethernet and ATM.) The ability to monitor LAN switch and interswitch
traffic permits NETscout to manage a virtual LAN (VLAN) environment. A NETscout probe
device can be managed from any RMON-compliant management software product; similarly,
the NETscout Manager application can manage any RMON probe.
<H2><A NAME="Heading13"></A><FONT COLOR="#000077">VLAN (Virtual LAN) Technology</FONT></H2>
<P><I>VLANs</I> represent software-defined groups of endstations that communicate
as though they were physically connected. The end stations can, how