Several different network monitoring solutions have been examined thus far, each of which was designed to solve a specific problem. In turn, each of these applications has addressed one or more of conceptual areas identified by the Open Systems Interconnect network management model.
This chapter seeks to clarify how each of the applications that have been discussed fit into the OSI model, and how the various applications depend on, and interrelate with each other in order to paint a broader picture of the work that has been covered.
Some of the systems presented in earlier chapters were designed to address specific problems at Rhodes University. In all cases, however, the concepts behind each of the applications are applicable to a large variety of other situations, as will be shown later in this chapter.
The OSI model for network management was presented in Chapter 2 as a framework into which the goals of network monitoring could be fitted. The five conceptual areas of network management are performance management, configuration management, accounting management, fault management and security management. Every network monitoring application fulfils some or all of the roles associated with one or more of these network management areas.
It is important to understand the intended role of each network monitoring application, and the OSI model provides a useful way to outline the tasks a particular system is intending to achieve. The applications described in earlier chapters of this work each relate to specific areas of the OSI model, and will now be examined.
Three of the applications developed during the course of this project fall under the banner of performance management: the RADSL monitoring mentioned in Section 3.1, the tracking of network growth that was the subject of Chapter 5 and the logical location of machines, as described in Section 6.1.
The first of these, RADSL monitoring, is perhaps the most relevant application of performance management. Detailed records of the performance of each of the forty-four remote access lines terminating in Hamilton Building are kept, with historical information for up to a year. This information is used to determine when the performance of these lines falls below acceptable limits, or when there is a significant change in the performance of the lines.
Determining the logical location of machines also comes under the heading of performance management, since the positioning of elements within a network directly has an impact on the performance of the network — for example, highly utilised servers should be positioned at the core of the network rather than on low bandwidth leaf nodes. By tracking the logical location of hosts on the network, the impact of changes on the performance of the network can be predicted.
The last of the three applications, tracking and predicting network growth, is in itself a goal of performance management.
The area of configuration management is vast and includes most of the applications that have been discussed in this work to some extent or another. Specifically, the network maps described in Chapter 4, the tracking of network growth from Chapter 5, and the location of machines that was discussed in Chapter 6 all fall under the umbrella that is configuration management.
The layer two and layer three network maps that are presented in Chapter 4 can be used to monitor changes in the configuration of a network, as can the location applications presented in Chapter 5. These changes could be either intentional or unintentional. In the case of the latter, historical information kept about the configuration of the network can be used to restore the network to its normal state, as well as to help track down the cause of the change.
The application presented in Chapter 5, on the other hand, provides a way to predict and pre-empt the need for changes in the configuration of the network. For example, if a sudden growth is experienced in a particular part of the network, the network can be reconfigured to provide the necessary infrastructure to cater for this growth.
While none of the systems described in this work were directly intended to provide any sort of accounting management capabilities, any application that keeps track of the addition or removal of hosts from a network can be used to feed information into an accounting system.
Say, for example, that a particular organisation has a policy which required that entities (people or departments) are billed for each connection to the organisation's network. Any application that detects the presence of hosts on the network could contribute useful information about when and where a host was connected to the network, and how long it remained connected.
In the same way, applications that monitor the presence of machines on a network can be used to enforce policies regarding the access and use of that network.
The area that is perhaps most conventionally thought of when people envision networking monitoring is that of fault management. It is not surprising, therefore, that fault management forms a large part of the systems that have been examined in previous chapters, with each system fulfilling some of the criteria set out by this conceptual area.
Intelligent reporting of faults, as presented in Chapter 7, is almost exclusively a fault management system — its sole function is to detect the occurrence of faults on the network and report them, in an intelligent manner, to the network administrator.
Other systems that feature a strong fault management component are the RADSL monitoring in Section 3.1, the network maps of Chapter 4 and the locating of machines in Chapter 6. Each of these systems could, in turn, be used to feed the intelligent reporting component of Section 7.3.3.
Only one of the systems examined thus far falls directly into the area of security management; the physical location of machines described in Section 6.2 can be used to determine whether machines that contain confidential or other sensitive information are located in an area that is physically secure.
That said, data obtained from other systems, such as the logical location of hosts from Section 6.1 could be used to feed systems in the security management area with relevant information. In the same way, systems that plot maps of the network topology, like those discussed in Chapter 4 can be used to determine which intermediary hosts (routers, et cetera) could be considered a risk to the security of a particular machine.
Figure 8-1 provides a summary of how the various systems and components that have been discussed in the section relate to the conceptual areas of the OSI network model. In this figure, the rectangular boxes represent systems that have been discussed (the figure in parenthesis is the chapter or section number that describes the system in question), and the ovals represent OSI conceptual areas. The lines between the two show which conceptual areas each system falls into.
The most notable feature of Figure 8-1 is the number of interconnections that it shows, indicating the coverage of a large number of conceptual areas. The only exception is the OSI security management, which stands out on its own.