Register your product to gain access to bonus material or receive a coupon.
Practical Guide to SNMPv3 and Network Management, A
- Published May 4, 1999 by Pearson.
Book
- Sorry, this book is no longer in print.
Description
- Copyright 1999
- Dimensions: 7 X 9-1/4
- Pages: 352
- Edition: 1st
- Book
- ISBN-10: 0-13-021453-1
- ISBN-13: 978-0-13-021453-9
2145C-6
Practical Guide to SNMPv3 and Network Management
Implement SNMPv3, the new network management standard -- hands-on!
To manage and secure today's information systems -- and prepare for tomorrow's -- you need to master SNMPv3, the latest industry-standard protocol for managing IP networks. With David Zeltserman's Practical Guide to SNMPv3 and Network Management, you will. Accessible and authoritative, this book combines just enough theory with extensive guidance for real-world SNMPv3 deployment. Coverage includes:
- New SNMPv3 framework, textual conventions, and message format
- Leveraging SNMPv3's powerful security features, including authentication, encryption, and access control
- Configuring SNMPv3 for generating notifications and proxy forwarding
- Detailed examples of how to manage SNMPv3 devices
- Coexistence with SNMPv1 and SNMPv2
- Practical techniques for using RMON2 to gain insight into your network
- Examples for utilizing Cisco MIBs to help manage your network
- Many practical insights into network management
SNMPv3 and the related RMONv2 standard have a reputation for complexity, but this book cuts through the confusion, showing you the logic and simplicity beneath. Whether you're ready to deploy these technologies, or simply to understand them, you won't find a more valuable resource.
Sample Content
Downloadable Sample Chapter
Click here for a sample chapter for this book: 0130214531.pdf
Table of Contents
Preface.
Chapter 1: Introduction.
Chapter 2: SNMP Basics.
How It All Works. Data Types. Structure of Management Information (SMI). Textual Conversions. SNMPv1 Operations. Some Additional Thoughts. Upper Level Protocols.
Chapter 3: MIB-II.
System Group. Interfaces Group. IP Groups. ICMP Group. TCP Group.UDP Group. Transmission Group. SNMP Group. Extensions to MIB-II. Summary.
Chapter 4: SNMPv3 Framework.
Architecture Overview. New Textual Conventions. The snmpEngineGroup. SNMPv3 Message Format. Additional SNMP Statistics. Reports. Summary.
Chapter 5: SNMPv3 Applications.
Command Generator Applications. Command Responder Applications. Notification Originator Applications. Notification Receiver Applications. Proxy Forwarder Applications. MIB Tables for Configuring Notifications and Proxy Forwarding. Summary.
Chapter 6: SNMPv3 Security.
Authoritative and Non-authoritative. Security Parameters. Discovery. Timeliness. Keys. USM MIB. Authentication. Privacy. Final Thoughts.
Chapter 7: SNMPv3 View-based Access Control.
VACM MIB Overview. vacmContextTable. vacmSecurityToGroupTable. vacmAccessTable. vacmViewTreeFamilyTable. Example Configuration. Testing for Whether Access Is Allowed. Configuring the VACM MIB. Summary.
Chapter 8: Coexistence Issues.
Proxy Issues. Supporting Multiple Message Processing Models.
Chapter 9: RMON2.
Textual Conventions. Quick Overview of RMON2 Configuration. Protocol Directory Group. Protocol Distribution Group. Address Map Group. Network Layer Host Group. Network Layer Matrix Group. Application Layer Host Group. Application Layer Matrix Group. User History Collection Group. Ideas on Measuring Application Response Time.
Chapter 10: Using Cisco Private MIBs305.
Cisco Ping MIB. Cisco Syslog Message MIB. Cisco Queue MIB. Cisco Discovery Protocol MIB. Cisco Bulk File MIB and Cisco FTP Client MIB. Cisco System MIB. Cisco Interfaces MIB. Cisco Frame Relay MIB. Cisco Response Time Monitor MIB (RTTMON). Summary.
Bibliography.
Index.
Preface
Preface
While I was working on this book, I would tell people the title, A Practical Guide to SNMPv3 and Network Management, and the most common response I would get would be, "Isn't that an oxymoron?" It's a good line but it's not really true. SNMPv3 is conceptually simple. While its use within a network will add complexity, it addresses a major weakness of SNMP which is the lack of strong security. You can't add sophisticated features like authentication, encryption, and access control without adding some complexity to how these features are configured. Still, I have talked with several engineers I know who develop network management software, and they have dismissed SNMPv3 without even attempting to understand it. I feel this is a mistake. I have this image in my mind of SNMPv3 as a series of dark clouds that are rolling in over the horizon. Like it or not the storm is coming and you'd better be prepared for it.
One of the goals for this book is to prepare you for SNMPv3. This means making it understandable at both a conceptual and practical level. For me, understanding it at a practical level means understanding how to work with it. This book will show how to configure SNMPv3 for generating notifications, proxy forwarding, authentication, security, and access control. It is not a goal for this book is to describe the logical subsystems that make up an SNMPv3 architecture, or any of the abstract service interfaces that are used between these subsystems. While this information might be useful to people implementing SNMPv3 engines, this book is intended for network managers who need to use SNMPv3 and for software developers who need to build network management applications using SNMPv3. Besides, the INTERNET-DRAFT documents do a fine job of defining these various subsystems and their abstract service interfaces, probably a better job than I could do.
Another goal for this book is to make RMON2 understandable. RMON2 is one of the more important advancements that have been made to the network management space. One of the keys to managing a network is understanding it. RMON2 lets you understand both the network-layer and application-layer traffic going across your network. You can further understand the network-layer and application-layer conversations occurring on your network. By understanding the protocol usage and conversations occurring on a network (and by tracking this over time) a network manager can better plan for network growth and optimize client-server communications.
Over the past year I have talked with several customers who have expressed confusion over how to configure and use RMON2. While the RMON2 MIB is rather imposing, it is fairly consistent in its configuration and in how its data tables are accessed. The RMON2 chapter in this book shows how to configure RMON2 and how to access its data tables. It also suggests several RMON2 applications that can be built.
The major goal for this book, however, is to provide practical insights into building SNMP-based applications. I have spent the past sixteen years building both network devices and network management products. As such my focus is more on the practical nature of getting things built then on the theoretical or academic nature. This book is really for network managers and developers who need to focus on getting things built.
NOTATIONPseudocode is used throughout the book to describe the logic in configuring and accessing SNMPv3 and RMON2 MIB tables. The format of the psuedocode is a loose combination of C and Tcl, with a little Java thrown in where it makes sense. All pseudocode is shown in a courier font.
The pseudo code is meant to be descriptive and obvious. The command line, x <- 100, assigns x the value 100. A foreach command loops through a collection. For example, the psuedocode
foreach x in Col {ProcessObject(x)}The following pseudocode will perform an SNMP Get operation, collecting sysDescr.0 and sysUpTime.0, and will assign the response pdu to the variable responsePDU.
pdu <- {sysDescr.0, sysUpTime.0}responsePDU <- SnmpGet(pdu)pdu <- {ifAdminStatus.2 <- 'down',ifAdminStatus.3 <- 'down' }responsePDU <- SnmpSet(pdu)There are several places in the book where I show how an SNMP entity determines something, such as what target addresses to send notifications to. In these examples I use a foreach statement to cycle through all the rows in a MIB table. I also access the MIB objects directly. The following pseudocode will cycle through each row in the ifTable, printing the ifSpeed value:
foreach inst in ifTable{print ifSpeed.inst}The chapters of this book are divided into three parts. In the first part we describe SNMPv1 and SNMPv2. Chapter 2, SNMP Basics, shows the basic data types that are used to represent management information and then shows textual conventions that are used to represent abstract data types. The chapter then proceeds to show the rules for naming and defining managed objects. It then describes the operations that were defined for SNMPv1, and extensions that were defined for SNMPv2. Chapter 3 focuses on the management information represented by MIB-II, specifically how this management information can be utilized by a network manager.
Part II focuses on SNMPv3. Chapter 4 describes the framework defined for SNMPv3. It also shows new textual conventions that have been defined for SNMPv3, along with a new SNMPv3 message format. Chapter 5 spends a little time discussing the SNMPv3 applications that can run within an SNMP entity. The focus in the chapter, however, is on configuring notifications and proxy forwarding using MIBs that have been defined for SNMPv3. Chapter 6 discusses the security features that are provided by SNMPv3. Again, the focus on this chapter is both understanding how the security features work and how they are configured using new SNMPv3 MIBs. Chapter 7 shows how the view-based access control model works, and how it can be configured using new SNMPv3 MIBs. Chapter 8 examines coexistence issues between the different SNMP versions.
Part III takes a look at several practical network management issues. Chapter 9 describes RMON2, and shows how RMON2 can be utilized to understand the network-layer and application-layer traffic running on a network. Chapter 10 examines several Cisco Private MIBs, and shows how they can be used to do useful stuff.