This repository contains the implementation of a network monitor step by step. All topics viewed during the Network Services Management course 2018-2 ESCOM IPN are covered.
- Introduction to Network Service Management
- Network Monitoring using SNMP
- Monitoring for SLA's and Fault Management
- Configuration Management and Server Monitoring
When hundreds or thousands of components (links, bridges, routers, hosts, etc...) are cobbled together by an organization to form a network, it is not surprising that components will occasionally malfunction, network elements will be misconfigured, resources be overutilized, or that network components will simply "break". The network administrator, whose job is to keep the network "up and running" must be able to respond to (and better yet, avoid) such mishaps. With potentially thousands of network components spread out over a wide area, the network administrator in a network operations center (NOC) clearly needs tools to help monitor, manage, and control the network. These tools must offer cover to the following scenarios:
- Failure of an interface card at a host
- Monitoring traffic to aid in resource development
- Detecting rapid changes in routing tables
- Monitoring for SLA's (Service Level Agreements)
- Intrusion Detection
The ISO states in the well known 7-layer ISO reference model the following five areas that network management must cover:
- Performance management
- Fault management
- Configuration management
- Accounting management
- Security management
This Network Monitor covers all the previously mentioned scenarios, as well the first 3 areas stated by the ISO.
SNMP has been used in the implementation of this Network Monitor since it provides a framework which makes the communication and information exchange easier between one or more management systems and a number of agents. A SNMP network consists of the following elements:
- Management Stations: Elements that manage the network agents.
- Network Agents: Passive elements located at host nodes, routers, modems, multiplexors and more, that will be managed.
Monitoring traffic to aid in resource development, Performance management and Configuration management are covered in this part.
The Management Information Base is a type of database that contains hierarchical information, structured in tree shape of all the manageable parameters in each device managed in the communications network. Through this database polling of the network agents is possible, allowing monitoring the whole network.
MIB v2.0 has been used in this project, therefore monitoring of the following structural nodes is possible:
- SYSTEM: Provides generic information about the managed system.
- INTERFACES: Provides information about the network interfaces that are in the system (Includes statistics of the events).
- AT: Provides the link level addresses corresponding to an IP address (This is a legacy node).
- IP: Provides information about the IP layer (Includes configuration parameters and statistics).
- ICMP: Stores the counters of the in/out ICMP packets.
- TCP: Provides information corresponding to the current TCP protocol (Includes configuration parameters, statistics and states).
- UDP: Provides information corresponding to the current UDP protocol (Includes configuration parameters, statistics and states).
- EGP: Here it is grouped all information corresponding to configuration and operation of the EGP protocol.
- TRANSMISSION: Contains many groups that are addressed to different technologies of the link level, that are implemented in the network interfaces of the managed system.
The first part of the monitor is located at "ASR/". This folder contains all the implementation of the web application that monitors the agents using SNMP. It has been developed using Django framework (v2.0) and other util libraries (which are contained in the virtual environment). The project runs at port 8000 at localhost.
Note: Passwords for database access and more are specified at "User_Manual_1.pdf"
Service Level Agreements (SLA) contracts define specific performance metrics and acceptable levels of network provider performance with respect to these metrics. These SLAs include service availability (outage), latency, throughput and outage notification requirements. Clearly, performance criteria as part of a service agreement between a network provider and its users, measuring and managing performance are of great importance to the network administrator.
The goal of fault management is to log, detect, and respond to fault conditions in the network. We can think of fault management as the immediate handling of transient network failures (e.g., link, host or router hardware or software outages). As with performance management, the SNMP protocol plays a central role in fault management of IP networks.
The second part of the monitor is located at "Service_Monitoring/". This folder contains scripts that monitor SLA's and perform fault management. For prediction of faults, Holt Winter forecasting algorithm has been used, as well base line and minimum squares methods.
Note: SLA's contracts and more are specified at "User_Manual_2.pdf"
Configuration management allows a network manager to track which devices are on the managed network and the hardware and software configurations of these devices. It provides documentation and scope of updated networks, and allows to perform repairs and modifications if needed.
All network monitors must supervise the functionality of servers that are available within the supervised network topology. This monitor provides support for the following types of servers:
- Email Servers: servers that use IMAP, POP3 and SMTP protocols for mail service.
- Web Servers: servers that host web sites and use HTTP protocol in their transactions.
- File Servers: servers that are dowload centers and perform storage using FTP protocol.
- Printers Servers: servers that manage the configuration of printers within a network using CUPS.
- Access Remote Servers: servers that provide a remote access to their clients using SSH.
The third and last part of the monitor is located at "Sensors/". This folder contains scripts that provide an interface that allows interaction and operations over the previously mentioned servers. Also for each type of server, there is a test script for connection testing and availability of the server.
Note: Server's credentials and more are specified at "User_Manual_3.pdf"
This is the team that made this Network Monitor possible:
| Eric Alejandro López Ayala | Joel Romero López |
|---|---|
 |
 |
System Architect and Fullstack Developer |
System Architect and Fullstack Developer |
- MIT license
- Copyright 2018 © Eric Alejandro López Ayala Joel Romero López..