FANDOM


Background: Know: Tension between security & NM Accidents vs malice, dependability, Denial of Service, OIDs, ASN.1, BER Recognize:

Up
Previous Next
Down


FCAPS linksEdit

!!!some extraneous material here


Monitoring/Anomaly detection:Edit

  • NM detects faults:
Network Management can detect the faults occurred in network, which includes but not limit to the following, network monitoring, fault diagnosis, root cause analysis and trouble ticketing.

Network monitoring is used to keep track of the network current state and to visualize that state. The functionality is to recognize and react to fault conditions when it occurs; Fault diagnosis in network is to diagnose the network issue and quickly identify the cause. The analysis process which leads to a diagnosis is referred as the root cause analysis;Trouble tickets can help network provider keep track of the resolution of network problems which typically demand human intervention, and can be issued to describe the network problem when the problem happened or reported by users.


  • Security to detect intrusions:
Intrusion detection is used to monitor what are occurring in the network and help analyze the signs of the intrusions, which includes authorizing users who attempt to gain additional unauthorized privileges and misuse the privileges given to them.

Recording src/dst of trafficEdit

  • NM : Accounting& billing
Accounting use the statistics for users who can be billed and use quota
  • Security: identify attacker, track how they penetrated
Detecting unauthorized use or attacking on a network. IDS can detect the insider and external attacks

Authentication&Authorization: Accounting + Sec'yEdit

  • NM :Determine what needs managing
  • NM /Sec: Restrict acess to registered devices
  • Insecurity: Intruder identify targets to attack

OIDs,ASN.1 and BER even used by some security mechanismsEdit

Kerberos is a network authentication protocol which is designed to provide authentication and cryptography over the network, using secret key cryptography to help secure the information systems, so that the client can prove its identity to a server across an insecure network connection. After that, encrypting all the communications to assure privacy and data integrity.
X.500 directory service is a global directory service providing the capability to look up information by name and to browse and search for information.“The information is held in a directory information base (DIB). Entries in the DIB are arranged in a tree structure called the directory information tree (DIT).Each entry is a named object and consists of a set of attributes.Each attribute has a defined attribute type and one or more values.The directory schema defines the mandatory and optional attributes for each class of object (called the object class).Each named object may have one or more object classes associated with it.”

Same IT people often do both security and NMEdit

Security and network management are the essential features for IT people to manage network.

ReferenceEdit

http://www.sans.org/reading_room/whitepapers/detection/choose-intrusion-detection-solution_334

ftp://www.polinux.upv.es/viejo/pub/doc/ids/A_Comparative_Analysis_of_Current_Intrusion_Detection_Technologies.pdf

http://web.mit.edu/Kerberos/#waht_is

http://www.windowsecurity.com/articles/what_you_need_to_know_about_intrusion_detection_systems.html

http://docs.oracle.com/javase/jndi/tutorial/ldap/models/x500.html

http://en.wikipedia.org/wiki/Network_security

A. Clemm: Network Management Fundamentals, Cisco Press, 2006