Apply network management protocols to your organization for better results

Importance and Context in Network Management

Network management ranges from initial configuration to permanent monitoring of resources and devices, in order to ensure connectivity, security and proper maintenance of the network. This efficient communication and data flow have an impact on the business to achieve its objectives in stable, reliable, safe, efficient environments, better user experience and, consequently, the best experience of partners and customers.
Something important is the knowledge of the network context (topology and design), since there is an impact on its scalability, security and complexity. Through network diagrams, maps and documentation to visualize and understand the topology and design of the network, it is possible to perform analyses to identify potential bottlenecks, vulnerabilities and inefficiencies where action must be taken to correct or optimize it.
Another important aspect is the shared resources not only in the network but in increasingly widespread infrastructures in the cloud, in Edge Computing and even in the Internet of Things that demand monitoring of the state of the network, network configuration and diagnosis to promote efficiency, establish priorities and also anticipate or solve connection problems in the network and on the internet.
We’ll talk about the benefits of Network Management later.

Network protocols vs network management protocols

As explained above, network management protocols are part of network protocols. Although they may seem the same, there are differences: network protocols, as a rule, allow data transfer between two or more devices and are not intended to manage or administer such devices, while network administration protocols do not aim at the transfer of information, but the transfer of administrative data (definition of processes, procedures and policies), which allow to manage, monitor and maintain a computer network.
The key issue is to understand the following:

• Within the same network, network communication protocols will have to coexist with network management protocols.
• Network management protocols also have an impact on the overall performance of the platforms, so it is essential to know and control them.
• The adoption of cloud and emerging technologies, such as Edge Computing and the Internet of Things, make it clear that reliable and efficient connectivity is critical.

Deep Network Management Protocols

Network management protocols make it possible to know the status of resources, equipment and devices on the network (routers, computers, servers, sensors, etc.), and provide information on their availability, possible network latency or data loss, failures, among others. The most common network management protocols are: Simple Network Management Protocol (SNMP), Internet Control Message Protocol (ICMP) and Windows Management Instrumentation (WMI), as seen in the diagram below and explained below:

Simple Network Management Protocol (SNMP)

SNMP is a set of protocols for managing and monitoring the network, which are compatible with most devices (switches, workstations, printers, modems and others) and brands (most manufacturers make sure their product includes SNMP support) to detect conditions. SNMP standards include an application layer protocol, a set of data objects, and a methodology for storing, manipulating, and using data objects in a database schema. These protocols are defined by the Internet Architecture Board (Internet Architecture Board, IAB) and have evolved since their first implementation:

• SNMPv1: first version operating within the structure management information specification and described in RFC 1157
• SNMPv2: Improved support for efficiency and error handling, described in RFC 1901.
• SNMPv3: This version improves security and privacy, introduced in RFC 3410.

SNMP Architecture Breakdown: Agents and Administrators

All network management protocols propose an architecture and procedures to retrieve, collect, transfer, store and report management information from the managed elements. It is important to understand this architecture and its procedures to implement a solution based on said protocol.
The SNMP architecture is based on two basic components: Agents and Administrators or Managers, as we presented in the following diagram of a basic schema of the SNMP architecture:
Where:

• SNMP agents are pieces of software that run on the elements to be managed. They are responsible for collecting information on the device itself. Then, when SNMP administrators request such information through queries, the agent will send the corresponding. SNMP agents can also send the SNMP Manager information that does not correspond to a query but that comes from an event that takes place in the device and that requires to be notified. Then, it is said that the SNMP agent proactively sends a notification TRAP.
• SNMP Administrators are found as part of a management or monitoring tool and are designed to work as consoles where all the information captured and sent by the SNMP agents is centralized.

<

• OIDs (Object Identifier) are the items used to identify the items you want to manage. OIDs follow a format of numbers such as: .1.3.6.1.4.1.9.9.276.1.1.1.1.11. These numbers are retrieved from a hierarchical organization system that allows to identify the device manufacturer, to later identify the device and finally the item. In the following image we see an example of this OID tree outline.

• MIBs (Management Information Base) are the formats that the data sent from the SNMP agents to the SNMP managers will comply with. In practice, we have a general template with what we need to manage any device and then have individualized MIBs for each device, with their particular parameters and the values that these parameters can reach.

SNMP’s crucial functions are:

• Fault Validation: for detection, isolation and correction of network problems. With the SNMP trap operation, you may get the problem report from the SNMP agent running on that machine. The network administrator can then decide how, testing it, correcting or isolating that problematic entity. The OpManager SNMP monitor has an alert system that ensures you are notified well in advance of network issues such as faults and performance slowdowns.
• Performance Metrics Network: performance monitoring is a process for tracking and analyzing network events and activities to make necessary adjustments that improve network performance. With SNMP get and set operations, network administrators can track network performance. OpManager, an SNMP network monitoring tool, comes with powerful and detailed reports to help you analyze key performance metrics such as network availability, response times, throughput, and resource usage, making SNMP Management easier.

To learn more about SNMP, we recommend reading Blog SNMP Monitoring: keys to learn how to use the Simple Network Administration Protocol

Internet Control Message Protocol (ICMP)

This is a network layer protocol used by network devices to diagnose communication problems and perform management queries. This allows ICMP to be used to determine whether or not data reaches the intended destination in a timely manner and its causes, as well as to analyze performance metrics such as latency levels, response time or packet loss. ICMP contemplated messages typically fall into two categories:

• Error Messages: Used to report an error in packet transmission.
• Control messages: Used to report on device status.

The architecture that ICMP works with is very flexible, since any device on the network can send, receive or process ICMP messages about errors and necessary controls on network systems informing the original source so that the problem detected is avoided or corrected. The most common types of ICMP menssages are key in fault detection and performance metric calculations:

• Time-Out: Sent by a router to indicate that a packet has been discarded because it exceeded its time-to-live (TTL) value.
• Echo Request and Echo Response: Used to test network connectivity and determine round-trip time for packets sent between two devices.
• Unreachable Destination: Sent by a router to indicate that a packet cannot be delivered to its destination.
• Redirect: Sent by a router to inform a host that it should send packets to a different router.
• Parameter issue: Sent by a router to indicate that a packet contains an error in one of its fields.

For example, each router that forwards an IP datagram has to decrease the IP header time-to-live (TTL) field by one unit; if the TTL reaches zero, an ICMP type 11 message (“Time Exceeded”) is sent to the datagram originator.
It should be noted that sometimes it is necessary to analyze the content of the ICMP message to determine the type of error that should be sent to the application responsible for transmitting the IP packet that will ICMP message forwarding.
For more detail, it is recommended to access Pandora Discussion Forums FMS, with tips and experiences of users and colleagues in Network Management using this protocol.

Windows Management Instrumentation (WMI)

With WMI (Windows Management Instrumentation) we will move in the universe composed of computers running a Windows operating system and the applications that depend on this operating system. In fact, WMI proposes a model for us to represent, obtain, store and share management information about Windows-based hardware and software, both local and remote. Also, WMI allows the execution of certain actions. For example, IT developers and administrators can use WMI scripts or applications to automate administrative tasks on remotely located computers, as well as fetch data from WMI in multiple programming languages.

Architecture WMI

WMI architecture is made up of WMI Providers, WMI Infrastructure and Applications, Services or Scripts as exemplified in this diagram:

Where:

• A WMI provider is a piece responsible for obtaining management information for one or more items.
• The WMI infrastructure works as an intermediary between the providers and the administration tools. Among its responsibilities are the following:
  • Obtaining in a scheduled way the data generated by the suppliers.
  • Maintaining a repository with all the data obtained in a scheduled manner.
  • Dynamically finding the data requested by administration tools, for which a search will be made in the repository and, if the requested data is not found, a search will be made among the appropriate providers.
• Administration applications correspond to applications, services or scripts that use and process information about managed items. WMI manages to offer a consistent interface through which you may have applications, services and scripts requesting data and executing the actions proposed by WMI providers about the items that you wish to manage.

CIM usage and WMI Class Breakdown

WMI is based on CIM (Common Information Model), which is a model that uses item-based techniques to describe different parts of a company. It is a very widespread model in Microsoft products; In fact, when Microsoft Office or an Exchange server is installed, for example, the extension of the model corresponding to the product is installed automatically.
Precisely that extension that comes with each product is what is known as WMI CLASS, which describes the item to be managed and everything that can be done with it. This description starts from the attributes that the class handles, such as:

• Properties: Properties that refer to item features, such as their name, for example.
• Methods: Actions that refer to the actions that can be performed on the object, such as “hold” in the case of an item that is a service.
• Associations: They refer to possible associations between items.

Now, once WMI providers use the classes of the items to collect administration information and this information goes to the WMI infrastructure, it is required to organize data in some way. This organization is achieved through logical containers called namespaces, which are defined by administration area and contain the data that comes from related objects.
Namespaces are defined under a hierarchical scheme that recalls the outline that folders follow on a disk. An analogy many authors use to explain data sorting in WMI is to compare WMI to databases, where the classes correspond to the tables, the namespaces to the databases, and the WMI infrastructure to the database handler.
To learn more about WMI, we recommend reading our blog post What is WMI? Windows Management Instrumentation, do you know it?

Key Insights for Network Management Protocol Analysis:

It is easy to understand that the more complex and heterogeneous the platform you want to manage, the greater its difficulty from three angles:

• Faults: have fault detection procedures and a scheme for reporting them.
• Performance: Information about platform performance to understand and optimize its performance.
• Actions: Many administration protocols include the possibility of executing actions on network devices (updating, changes, setting up alerts, reconfigurations, among others).

It is important to understand which of the three angles each of the protocols tackels and, therefore, what it will allow you to do. A fundamental pillar is Data Organization, which we will explain below.

Effective data organization: a fundamental pillar in network management protocols

A fundamental aspect of Network Management Protocols is the way in which the elements to be managed are defined and identified, making approaches on:

• What element can I administer with this protocol?
• Should it just be the hardware or should applications be considered too, for example?
• What format should be used to handle data? And how is it stored, if so?
• What are the options you have to access this information?

In that sense, effective data sorting allows the successful information exchange between devices and network resources. In network monitoring, data is required from routers, switches, firewalls, load balancers, and even endpoints, such as servers and workstations. The data obtained is filtered and analyzed to identify possible network problems such as configuration changes or device failures, link interruptions, interface errors, lost packets, latency or response time of applications or services on the network. Data also makes it possible to implement resource planning due to traffic growth or the incorporation of new users or services.

Challenges, Benefits and Key Tasks in Network Management Protocols

For those in charge of operating and managing enterprise networks, it is important to know five common challenges:

• Mixed environments, in which resources and devices exist in local and remote networks (including Edge Computing and IoT), which makes it necessary to adapt to the demands of hybrid networks.
• Understand network needs and perform strategic planning, not only in physical environments but also in the cloud.
• Reinforcing the security and reliability of increasingly dynamic networks, more so when business ecosystems are engaging interconnecting customers, suppliers, and business partners.
• Achieve observability that gets rid of network blind spots and provide a comprehensive view of IT infrastructure.
• Establish a network management strategy that can be connected, integrated, and even automated, especially when IT teams are doing more and more tasks in their day-to-day lives.

As we have seen throughout this Blog, understanding how network management protocols work is essential for communication, business continuity and security, which together have a great impact on organizations to:

• Establish and maintain stable connections between devices on the same network, which in turn results in less latency and a better experience for network users.
• Manage and combine multiple network connections, even from a single link, which can strengthen the connection and prevent potential failures.
• Identify and solve errors that affect the network, evaluating the quality of the connection and solving problems (lower latency, communication reestablishment, risk prevention in operations, etc.)
• Establish strategies to protect the network and the data transmitted through it, relying on encryption, entity authentication (of devices or users), transport security (between one device and another).
• Implementing performance metrics that ensure quality service levels.

Key Tasks and Benefits in Network Management

Efficient network administration involves device connectivity, access systems, network automation, server connectivity, switch management and network security, so it is recommended to carry out the following tasks:

• Strategies for Upgrades and Effective Maintenance: One of the big challenges is achieving end-to-end network visibility in an increasingly complex business environment. Most IT professionals have an incomplete understanding of how their network is set up, as new components, hardware, switches, devices, etc. are constantly being added, so it is vital to maintain an up-to-date catalog of your network and provide proper maintenance to guide network management principles and enforce the correct policies. You also have to consider that there are resource changes in your IT team. It is possible that the original administrator who defined the network topology and required protocols may no longer be available, which could result in having to undergo a full network administration review and incur additional costs. This can be avoided by detailed documentation of configurations, security policies, and architectures to ensure that management practices remain reusable over time.
• Rigorous Performance Monitoring: Network management demands performance monitoring (e.g. with a dashboard with performance indicators) consistently and rigorously with defined standards to provide the best service and a satisfactory usage experience without latency and as stable as possible. Previously this was a greater challenge when traditional network environments relied primarily on hardware for multiple devices, computers, and managed servers; today, advances in software-defined networking technology make it possible to standardize processes and minimize human effort to monitor performance in real time. It is also recommended to ensure that network management software is not biased towards one or a few original equipment manufacturers (OEMs) to avoid dependence on one or a few vendors in the long run. The impact would also be seen in the difficulty in diversifying IT investments over time.
• Downtime Prevention: A team designated for network failure management allows you to anticipate, detect and resolve network incidents to minimize downtime. On top of that, the team is responsible for logging information about failures, performing logs, analyzing, and assisting in periodic audits. This implies that the network failure management team has the ability to report to the network administrator to maintain transparency, and to be in close collaboration with the end user in case failures need to be reported. Also, it is recommended to rely on a Managed Service Provider (MSP) as an external partner that can assist in the design and implementation of the network and in routine maintenance, security controls and configuration changes, in addition to being able to support on-site management and support.
• Network Security Threat and Protection Management: Business processes are increasingly moving online, so network security is vital to achieving resilience, alongside risk management.
  A regular stream of logs is generated in an enterprise network and analyzed by the network security management team to find digital fingerprints of threats. Depending on the business and the size of the organization, it is possible to have equipment or personnel assigned for each type of network management. Although it is also recommended to rely on services managed by experts in the industry in which the organization operates, with a clear knowledge of common risks, best security practices and with experts in the field of security that constantly evolves and becomes more sophisticated.
• Agile IP Address Management and Efficient Provisioning: Network protocols are the backbone of digital communication with rules and procedures on how data is transmitted between devices within a network, regardless of the hardware or software involved. Provisioning must contemplate the IT infrastructure in the company and the flow and transit of data at different levels from the network, including servers, applications and users to provide connectivity and security (also managing devices and user identities).
  Another important task in network management is transparency about usage, anomalies and usage trends for different functions or business units and even individual users. This is of particular value for large companies in that they must make transparent the use of shared services that rent network resources to different branches and subsidiaries to maintain an internal profit margin.

Summary and conclusions

In business digitization, Network Management Protocols aims to take actions and standardize processes to achieve a secure, reliable and high-performance network for end users (employees, partners, suppliers and end customers). Companies distributed in different geographies depend on Network Management Protocols to keep the different business areas, functions and business teams connected, allowing the flow of data inside and outside the company, whether on local servers, private clouds or public clouds.
As technology continues to evolve, so do network protocols. The IT strategist and the teams assigned to network management must prepare for the future of network protocols and the integration of emerging technologies, to take advantage of advances in speed, reliability and security. For example, 5G is a technology that is expected to have a significant impact on networks, driven by the need for greater connectivity and lower latency. People’s daily lives also involve connecting objects (vehicles, appliances, sensors, etc.), revolutionizing networks to meet the Internet of Things. In Security, more robust network protocols are being developed, such as Transport Layer Security (TLS), which encrypts transmitted data to prevent access or manipulation by third parties.
All this tells us that the development of network protocols will not slow down in the short term as we move towards an increasingly connected world.
Pandora FMS works with the three main protocols for network management to offer a comprehensive and flexible monitoring solution. Check with Pandora FMS sales team for a free trial of the most flexible monitoring software on the market: https://pandorafms.com/en/free-trial/
Also, remember that if your monitoring needs are more limited, you have at your disposal the OpenSource version of Pandora FMS. Find out more here: http://pandorafms.com/community
Do not hesitate to send us your queries. Our Pandora FMS team will be glad to assist you!

Olivia Díaz

Market analyst and writer with +30 years in the IT market for demand generation, ranking and relationships with end customers, as well as corporate communication and industry analysis.

Analista de mercado y escritora con más de 30 años en el mercado TIC en áreas de generación de demanda, posicionamiento y relaciones con usuarios finales, así como comunicación corporativa y análisis de la industria.

Analyste du marché et écrivaine avec plus de 30 ans d’expérience dans le domaine informatique, particulièrement la demande, positionnement et relations avec les utilisateurs finaux, la communication corporative et l’anayse de l’indutrie.