Trends in Managementusing the SNMP-based

Internet Standard Management Framework

Jeff CaseFounder and CTO

SNMP Research, Inc.+1 865 573 1434

case@snmp.com

Introduction

SNMP Research is pleased to be a Silver Patron of IM 2001: The IFIP/IEEE International Symposium on Integrated Network Management

Topics:Market DriversTrends in Management using the SNMP-

based Internet Standard Management Framework

Some things we are working on at SNMP Research

Significant Market Drivers

Growth and scale Dearth of expert personnel The need for seamlessness The need for security Standards and enabling technology Driver du jour:

secure policy-based configuration of policy, e.g., secure policy-based configuration of security policy

important to note multiple meanings of security and policy

Multiple Meanings of Policy

Policy-based distribution of configurations (targets selected according to a policy, e.g., every system which run Solaris and an Apache Web server)

Policy-based application of configuration rules within a system (targets selected according to roles), e.g., for each interface on a switch, apply configuration A on every backbone interface andconfiguration B on all other interfaces

Configuration of policy, e.g., QoS policy or Security policy

Trend #1: The SNMP-based Management Framework is Evolved and Evolving Not the same old SNMP your mother used in

1988 Many positive advancements already

standardized, implemented, and deployed Some more are nearly done and ready for

implementation and deployment:SNMP-based configuration

Policy-based Management MIB Provisioning MIB for DIFFSERV

Some standardization work is just getting started:SMIngEvolution of SNMP: SNMP EOS

SNMP: The Right Architecture, in part, for the Wrong Reason Multiple competing efforts circa 1987 - early

1988 with duplication of effort slowing progress and discouraging product development and deployment

The time of GOSIP Blue-ribbon panel develops direction statement SNMP was to be the “short-term interim”

standard Protocol independent SMI-based MIB MIB independent SMI-based protocol SMI “glue”

Protocol Versions:Summary Picture

Simple-Based Management

SNMPv3SNMPv2*

SNMPv2c

Common

SNMPv2uSNMPv2

SNMPv1Party-based

SNMPv2

Management Information Definitions (MIB Documents)

RFC1155Format

RFC1212/1215Format

RFC1442-4Format

RFC1902-4Format

RFC2578-80Format

SNMP: The Right Architecture, in part, for the Wrong Reason This architecture which was designed to

ease the shortening of the life of SNMP has actually allowed it to age gracefully and to evolve, thereby extending its useful life

People have been predicting the demise of SNMP for a decade and it just keeps going and growing while “replacements” appear and then disappear

Structure of Management Information (SMI) Evolution 1st Generation (1988-1991): RFC 1155 2nd Generation (1991-1993): RFC 1212

and 1215 3rd Generation (1993-present): SMIv2

RFCs 2578-2580 4th Generation: SMIng: a new work in

progress

Management Information Base (MIB) Evolution Definitions of management information

Standard or non-standardProtocol independent Instrumentation described in the [Internet-

standard] Management Information Base (MIB)

Has undergone constant revision (mostly expansion) since first defined in 1988

A wide variety of technologies covered by standard MIB definitions and others through vendor-specific extensions

Management Information Base(MIB) Evolution Many of those are on the standards

track at various levels of standardization maturity and market acceptance/demandMost are adequate for monitoringMany must be supplemented for

configuration and control More standardization work needed Enterprise-specific extensions in the absence

of standards

Protocol Evolution

GenerationProtocol

OperationsTransportMappings

Security &Administration

1st

RFC 1157(1988–1993)

Community-based

2nd

RFC 1905(1993- )

RFC 1906(1993- )

Party-basedRFC 1445-47(1993-1995)

3rd

SNMP EOS(new work)

User-basedRFC 2570-76

(1998- )

Trend #2: The SNMP-based Management Framework is Secure SNMPv3 with security and administration

adds:Security, i.e., Authentication and Privacy

Authentication Privacy

Administration Authorization and view-based access control Logical contexts Naming of entities, identities, and information People and policies Usernames and key management Notification destinations and proxy relationships Source-side notification suppression Remotely configurable via SNMP operations

Implications of Secure Management Able to practice safe sets

Configuration / Control / ProvisioningNo longer mere monitoring

Now able to distribute management out to intelligent agents and mid-level managersScalabilityKeep local management traffic localShorter feedback loops with lower latency

Standards-based applications for administration

The SNMP-based Management Framework can be used as the basis for seamless Internet management: traditional network managementsystem managementapplication managementservice managementproxy management of legacy devices

The only relatively complete, open, multi-vendor, multi-platform, interoperable, standards-based management framework for seamless management

Trend #3: The SNMP-based Management Framework Is Not Just For Networks

Importance of Seamlessness

Sharing: Among cooperating management applications

Showing: User interfaces and reports Crunching: Converting data to

information and information to data Telling: SNMP-based movement of

management data Knowing: SMI-based instrumentation

Importance of Seamlessness

No single application or set of applications can meet all requirements

Sharing is essentialSingle naming schemeConsistent data definitionsStandard information semantics

Mapping functions do not work wellEvery time you convert you lose

Example: event correlation for network, system, and application management with point solutions and proprietary database formats

Originally “the short-term interim standard”

According to the pundits, has been on its last legs since 1988 to be eclipsed by a succession of replacements

SNMP-based management is stillgrowingexpanding scopeevolving

While “replacements” come and go

Trend #4: The SNMP-based Management Framework is Sturdy

What ever happened to?

Pre 1989 Proprietary, e.g. IBM Netview, DEC NMCC

1989 CMIP over TCP/IP (CMOT)

1990 DCE RPC – based management

1991 Open Software Foundation DistributedManagement Environment (OSF DME)

1992 CMIP over LANs (CMOL)

What ever happened to?

1993 DMTF’s Distributed Management Interface(DMI) Management Information File (MIF)

1994 OMNIPoint

1995 CORBA

1996 Web-based device management, Webenabled management

1997 DMTF’s WBEM: HMMS, HMMP, HMOM,etc

What ever happened to?

1998 JMAPI over Java and DEN/LDAP

1999 JDMK over Java and CIM

2000 COPS/PIBs

2001 XML

Beyond … more to come …

Conclusions:

The Internet-Standard Management Framework based on SNMP isEvolvedSecureNot just for networksSturdy

But there is much more work to be doneAdditional standards workBetter applications ImplementationDeployment

Conclusions:

SNMP-based management is far from perfect, but it continues to be the best game in town

The architecture and vision are fine We need to execute to completion

SNMP Research: Who we are

Famous since 1988 for licensing source code to developers constructing agent and manager applications now in ubiquitous use

Market research: More end-users than OEMs(we did not pay much for this exclusive insight)

Now also providing tools to end-users in binary form

Supplying and supporting OEM developers continues to be an important part of our business

SNMP Research Products

Infrastructure componentsLibrariesCommand-line utilitiesMIB compiler tools

SNMP Research Products (Continued) Agent Products

EMANATE® Extensible Agent System for open systems and embedded systems

EMANATE/Lite monolithic agent for embedded systems

EMANATE Adaptation Layer (EAL) and EMANATE Protocol Interface Components (EPIC) for multi-protocol management

CIAgent for intelligent, distributed management of systems, applications, and services

DR-Web agent for Web-based device managementSpecialty MIB implementations: e.g., RMON, Policy,

MLM, DISMAN MIBs: script, schedule, event, etc

SNMP Research Products (Continued) Management Stations and Applications

Asynchronous Request Library (ARL):Multilingual callback-based library

BRASS: Extensible Manager ToolkitDR-Web Manager: Web-based managementEnterPol: Tri-lingual Java-based management

station CIAgent Policy Pro: Policy-based system, application,

and service management Simple Policy Pro: Policy-based management of SNMP Infrastructure: Database, iconic map, and polling,

autodiscovery, and distribution enginesSNMPv3 Security Pack for HP OpenView NNM

Moving Forward

At SNMP Research, we look forward to working with you and your colleagues toSpecify necessary improvements Implement in productsDeploy in enterprises and service providers

Thanks to the entire IM 2001 team for this great conference