 |
|
|
| INFORMATION |
| Published : |
Aug 30, 2007 |
| Length : |
4 |
| Type : |
White Paper |
|
| |
|
|
| Overview : |
SNMP (Simple Network Management Protocol) is an industry standard network management protocol for managing wide area and local area networks. It is easy to use, cost-effective, and is built into most networking devices. One of SNMP’s best assets is its use of in-band management, yet, this is also its biggest weakness.
The problem is that SNMP traffic goes over the same network path as data. SNMP uses the same LAN and WAN routers, hubs, communications links, and DSU/CSUs. While the network is operating, SNMP packets flow between the managed devices and the management workstation or Remote Monitor (RMON). SNMP TRAPs, SETs, and GETs move with the same priority as regular traffic on the LAN/WAN, and provide management information to the workstation or commands to the controlled devices. However, when the network goes down or is severely disrupted, SNMP traffic has no way to get between the managed device and the management workstation. |
|
 |
|
| |
| View All Items By This Company |
| Browse Related Categories : |
Business Continuity, High Availability, Infrastructure, Monitoring, Network Management, Remote Access, Remote Network Management, Wireless Service Providers |
|
|
|
|
SNMP (Simple Network Management Protocol) is an industry standard network management protocol for managing wide area and local area networks. It is easy to use, cost-eff ective, and is built into most networking devices. One of SNMP’s best assets is its use of in-band management, yet, this is also its biggest weakness.
The problem is that SNMP traffic goes over the same network path as data. SNMP uses the same LAN and WAN routers, hubs, communications links, and DSU/CSUs. While the network is operating, SNMP packets fl ow between the managed devices and the management workstation or Remote Monitor (RMON). SNMP TRAPs, SETs, and GETs move with the same priority as regular traffic on the LAN/WAN, and provide management information to the workstation or commands to the controlled devices. However, when the network goes down or is severely disrupted, SNMP traffic has no way to get between the managed device and the management workstation. When a remotely located network element such as a router or switch fails, it is often impossible for a network technician to get fast, eff ective access to the device via in-band communications. So, time-to-fix is often dependent upon placing a technician on-site as quickly as possible. Telnet is also used with a SNMP workstation. However, Telnet packets are also unable to fl ow between the management workstation and managed devices during network disruptions.
The solution
Out-of-Band remote site management solutions provide the NOC with alternative paths to remote managed devices independent of the LAN/WAN. They consist of high bandwidth connectivity such as Ethernet, GSM, CDMA, EDGE cellular and/or an on-board ADSL connectivity. These solutions provide a direct route to the management port of each device for troubleshooting, reconfiguration, and rebooting. These alternative routes are not dependent upon Telnet or SNMP packets moving through the LAN/WAN system.
Out-of-band management has its own potential security downside. Dial-up access to a port on a network element creates a “back door” that could be exposed to intruders. One way that organizations protect themselves against back-door exposure is through RADIUS, security tokens and other authentication tools used for securing dial-up access to enterprise systems. However, you can’t get access to the RADIUS server database when the network is down.
Having a remote site monitoring device between the managed network elements and the PSTN can provide the authentication and encryption capabilities necessary to protect the network, and apply secure out-of-band management that can be utilized during a network failure. This also eliminates security vulnerabilities associated with SNMP, as it encrypts communications between the managed elements and the NMS as it traverses the PSTN.
How does terminal server access compare?
Most devices can be connected to the network through a terminal server and their management port. However, terminal servers move the data path in-band. If the network goes down, there will be no path to the managed device. Remote site monitoring devices provide an independent, out-of-band path to control remote devices.
Control Remote Equipment
Minimizing or even eliminating truck rolls saves time and money, while keeping users satisfied. Remote site monitoring solutions give you the ability to correct problems by power control and rebooting of transceivers, servers, routers, A/C power, and more. Using out-of-band (pass-through) connectivity, these solutions allow NOC managers to remotely send commands to enable or disable remote power systems or manage devices, change equipment configuration parameters, connect remote users to restricted ports, and much more.
Choosing the right remote site monitoring solution for SNMP management
When choosing a remote site monitoring solution, you should acknowledge that there will be times when you use it in the middle of a network outage. Therefore, choosing a solution that is easy to use is critical. You should require intuitive commands and user-named ports to make it fast and easy to use a device you may not have managed for some time. Password security is necessary for dial-in, and VPN security for ADSL connectivity is a must. If you have on-site technicians, multiple controlling input ports are required. Otherwise, there will be re-wiring at each technician visit for local control. Other common issues such as economy, scalability, and additional features are also important.
|
|
|
|
 |
|
