Advertisment

Configuration Management

author-image
PCQ Bureau
New Update

One of the toughest tasks for a network manager is to configure the network, including devices, servers and desktops. Configuring management includes keeping track of the hardware and software resources present on the network and their details. It includes controlling things such as OS and application installation on desktops and servers, configuring settings on switches, routers and other devices, among other things. Configuration management also deals with change-change in configuration of devices, new applications getting installed, installation of updates, change in network topology, new devices getting added and new services being provided. Managing and automating all this becomes really complex even for small networks, leave aside big ones.

Advertisment

There are various steps required for a configuration-management process and some of the steps are repeated whenever there is a change in the network. The first step is the process of obtaining data from network devices, servers, desktops as well as setting any configuration data in them. This helps in checking, comparing and setting current configuration automatically. It makes handling the configuration of a large number of devices efficiently and provides up-to-data inventory of all the hardware and software running on them, including firmware. Obtaining data from the network should be automatic with network auto discovery. Modification to the devices should be recorded before they are sent out. All the data, which is obtained from the network and modifications should be stored in a proper format such as ASCII files or a database. This helps in maintaining inventory and generating reports about the resources present within the enterprise. Any change in the network-like firmware upgradation of devices-may lead to errors. So a process for comparing the current and stored configuration of the device is required. This helps in doing any rollbacks to the update. Plus, keeping log files of the various devices helps in analysis and diagnosis in case of a problem. The current configuration should be verified with the stored configuration on regular intervals to remove any inconsistencies and traps generated if mis-configuration is found.

SNMP

The Simple Network Management Protocol is an application-layer protocol that facilitates the exchange of management information between network devices. It is part of the TCP/IP protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems and plan for network growth.



Two versions of SNMP exist: SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). Both versions have a number of features in common, but SNMPv2 offers enhancements, such as additional protocol operations.


An SNMP-managed network consists of three key components: managed devices, agents and NMSs (Network Management Systems).


A managed device is a network node that contains an SNMP agent and resides on a managed network. Managed devices collect and store management information and make this information available to NMSs using SNMP. Managed devices, sometimes called network elements, can be routers and access servers, switches and bridges, hubs, computer hosts, power supply or printers.


An agent is a network-management software module that resides in a managed device. An agent has local knowledge of management information and translates that information into a form compatible with SNMP.


An NMS executes applications that monitor and control managed devices. NMSs provide the bulk of the processing and memory resources required for network management. One or more NMSs can exist on any network.



Some of the technologies that provide a foundation for effective network configuration management are SNMP, Syslog, SSH, TFTP, Telnet, RADIUS and TACACS. 

Advertisment

SNMP provides a common way for a network configuration-management solution to retrieve configuration settings (which can be saved to a database) and to reconfigure a device, if necessary. SNMP is generic and can work with any object. It uses MIBs (Management Information Base), which define device-specific parameters, describing to an SNMP management station which parameters are available for the device. Another aspect of SNMP is traps, which can serve as a trigger, notifying the solution that the device's configuration might have changed.

Syslog is a remote logging protocol for network devices and servers. Rather than generating their own onboard log files (which many devices can still do), log messages are sent to a central logging server-the Syslog server or collector-and stored in a central database.

TFTP (Trivial FTP) provides the most efficient way for network devices to dump their configuration files and to read new configuration files. Almost all managed network devices can act as a TFTP client, writing and reading configurations to and from a TFTP server. A network configuration-management solution can work in conjunction with a TFTP server to move configuration data to and from network devices. 

Advertisment

RMON

Remote Monitoring enables data collection from remote network segments and covers the lower layer of the OSI model. It shows traffic based on MAC addresses. To overcome this, RMON2 standard was developed. RMON2 provides greater insight into traffic patterns based on the Ethernet layer and applications usage. There are different RMON groups, such as alarm and statistics, each with different functionality to meet the network-monitoring requirements.

RADIUS can make it much easier for a network manager or network-management solution to access a variety of devices. Rather than configuring each of your network devices with an individual password to be used by the network

configuration-management solution, you configure each network device to use RADIUS, allowing the network configuration management solution to use a single, universal set of credentials.

TACACS has a similar role as RADIUS in network configuration management, with the exception that TACACS is primarily supported in Cisco devices.

Advertisment