trends in management using the snmp-based internet standard management framework jeff case founder...
TRANSCRIPT
Trends in Managementusing the SNMP-based
Internet Standard Management Framework
Jeff CaseFounder and CTO
SNMP Research, Inc.+1 865 573 1434
Introduction
SNMP Research is pleased to be a Silver Patron of IM 2001: The IFIP/IEEE International Symposium on Integrated Network Management
Topics:Market DriversTrends in Management using the SNMP-
based Internet Standard Management Framework
Some things we are working on at SNMP Research
Significant Market Drivers
Growth and scale Dearth of expert personnel The need for seamlessness The need for security Standards and enabling technology Driver du jour:
secure policy-based configuration of policy, e.g., secure policy-based configuration of security policy
important to note multiple meanings of security and policy
Multiple Meanings of Policy
Policy-based distribution of configurations (targets selected according to a policy, e.g., every system which run Solaris and an Apache Web server)
Policy-based application of configuration rules within a system (targets selected according to roles), e.g., for each interface on a switch, apply configuration A on every backbone interface andconfiguration B on all other interfaces
Configuration of policy, e.g., QoS policy or Security policy
Trend #1: The SNMP-based Management Framework is Evolved and Evolving Not the same old SNMP your mother used in
1988 Many positive advancements already
standardized, implemented, and deployed Some more are nearly done and ready for
implementation and deployment:SNMP-based configuration
Policy-based Management MIB Provisioning MIB for DIFFSERV
Some standardization work is just getting started:SMIngEvolution of SNMP: SNMP EOS
SNMP: The Right Architecture, in part, for the Wrong Reason Multiple competing efforts circa 1987 - early
1988 with duplication of effort slowing progress and discouraging product development and deployment
The time of GOSIP Blue-ribbon panel develops direction statement SNMP was to be the “short-term interim”
standard Protocol independent SMI-based MIB MIB independent SMI-based protocol SMI “glue”
Protocol Versions:Summary Picture
Simple-Based Management
SNMPv3SNMPv2*
SNMPv2c
Common
SNMPv2uSNMPv2
SNMPv1Party-based
SNMPv2
Management Information Definitions (MIB Documents)
RFC1155Format
RFC1212/1215Format
RFC1442-4Format
RFC1902-4Format
RFC2578-80Format
SNMP: The Right Architecture, in part, for the Wrong Reason This architecture which was designed to
ease the shortening of the life of SNMP has actually allowed it to age gracefully and to evolve, thereby extending its useful life
People have been predicting the demise of SNMP for a decade and it just keeps going and growing while “replacements” appear and then disappear
Structure of Management Information (SMI) Evolution 1st Generation (1988-1991): RFC 1155 2nd Generation (1991-1993): RFC 1212
and 1215 3rd Generation (1993-present): SMIv2
RFCs 2578-2580 4th Generation: SMIng: a new work in
progress
Management Information Base (MIB) Evolution Definitions of management information
Standard or non-standardProtocol independent Instrumentation described in the [Internet-
standard] Management Information Base (MIB)
Has undergone constant revision (mostly expansion) since first defined in 1988
A wide variety of technologies covered by standard MIB definitions and others through vendor-specific extensions
Management Information Base(MIB) Evolution Many of those are on the standards
track at various levels of standardization maturity and market acceptance/demandMost are adequate for monitoringMany must be supplemented for
configuration and control More standardization work needed Enterprise-specific extensions in the absence
of standards
Protocol Evolution
GenerationProtocol
OperationsTransportMappings
Security &Administration
1st
RFC 1157(1988–1993)
Community-based
2nd
RFC 1905(1993- )
RFC 1906(1993- )
Party-basedRFC 1445-47(1993-1995)
3rd
SNMP EOS(new work)
User-basedRFC 2570-76
(1998- )
Trend #2: The SNMP-based Management Framework is Secure SNMPv3 with security and administration
adds:Security, i.e., Authentication and Privacy
Authentication Privacy
Administration Authorization and view-based access control Logical contexts Naming of entities, identities, and information People and policies Usernames and key management Notification destinations and proxy relationships Source-side notification suppression Remotely configurable via SNMP operations
Implications of Secure Management Able to practice safe sets
Configuration / Control / ProvisioningNo longer mere monitoring
Now able to distribute management out to intelligent agents and mid-level managersScalabilityKeep local management traffic localShorter feedback loops with lower latency
Standards-based applications for administration
The SNMP-based Management Framework can be used as the basis for seamless Internet management: traditional network managementsystem managementapplication managementservice managementproxy management of legacy devices
The only relatively complete, open, multi-vendor, multi-platform, interoperable, standards-based management framework for seamless management
Trend #3: The SNMP-based Management Framework Is Not Just For Networks
Importance of Seamlessness
Sharing: Among cooperating management applications
Showing: User interfaces and reports Crunching: Converting data to
information and information to data Telling: SNMP-based movement of
management data Knowing: SMI-based instrumentation
Importance of Seamlessness
No single application or set of applications can meet all requirements
Sharing is essentialSingle naming schemeConsistent data definitionsStandard information semantics
Mapping functions do not work wellEvery time you convert you lose
Example: event correlation for network, system, and application management with point solutions and proprietary database formats
Originally “the short-term interim standard”
According to the pundits, has been on its last legs since 1988 to be eclipsed by a succession of replacements
SNMP-based management is stillgrowingexpanding scopeevolving
While “replacements” come and go
Trend #4: The SNMP-based Management Framework is Sturdy
What ever happened to?
Pre 1989 Proprietary, e.g. IBM Netview, DEC NMCC
1989 CMIP over TCP/IP (CMOT)
1990 DCE RPC – based management
1991 Open Software Foundation DistributedManagement Environment (OSF DME)
1992 CMIP over LANs (CMOL)
What ever happened to?
1993 DMTF’s Distributed Management Interface(DMI) Management Information File (MIF)
1994 OMNIPoint
1995 CORBA
1996 Web-based device management, Webenabled management
1997 DMTF’s WBEM: HMMS, HMMP, HMOM,etc
What ever happened to?
1998 JMAPI over Java and DEN/LDAP
1999 JDMK over Java and CIM
2000 COPS/PIBs
2001 XML
Beyond … more to come …
Conclusions:
The Internet-Standard Management Framework based on SNMP isEvolvedSecureNot just for networksSturdy
But there is much more work to be doneAdditional standards workBetter applications ImplementationDeployment
Conclusions:
SNMP-based management is far from perfect, but it continues to be the best game in town
The architecture and vision are fine We need to execute to completion
SNMP Research: Who we are
Famous since 1988 for licensing source code to developers constructing agent and manager applications now in ubiquitous use
Market research: More end-users than OEMs(we did not pay much for this exclusive insight)
Now also providing tools to end-users in binary form
Supplying and supporting OEM developers continues to be an important part of our business
SNMP Research Products (Continued) Agent Products
EMANATE® Extensible Agent System for open systems and embedded systems
EMANATE/Lite monolithic agent for embedded systems
EMANATE Adaptation Layer (EAL) and EMANATE Protocol Interface Components (EPIC) for multi-protocol management
CIAgent for intelligent, distributed management of systems, applications, and services
DR-Web agent for Web-based device managementSpecialty MIB implementations: e.g., RMON, Policy,
MLM, DISMAN MIBs: script, schedule, event, etc
SNMP Research Products (Continued) Management Stations and Applications
Asynchronous Request Library (ARL):Multilingual callback-based library
BRASS: Extensible Manager ToolkitDR-Web Manager: Web-based managementEnterPol: Tri-lingual Java-based management
station CIAgent Policy Pro: Policy-based system, application,
and service management Simple Policy Pro: Policy-based management of SNMP Infrastructure: Database, iconic map, and polling,
autodiscovery, and distribution enginesSNMPv3 Security Pack for HP OpenView NNM