IP network management focuses on keeping the network up and running smoothly and comprises a number of aspects, including the initial design and layout of the network; selecting the equipment to install; setting up and configuring routers, firewalls and managed switches; selecting and installing security software; managing users; setting policies; and so on. On large networks, these tasks are handled by a whole department, but even small networks require some network management to work efficiently and effectively. As more audio, video and transport streams begin to migrate over to the IP world for transport, it becomes even more important for broadcast engineers to understand and control these IP networks.
If you are new to networking or are the kind person who would rather copy files onto a CD or USB drive to move files from one computer to another instead of using the network, it would be best to take a class or pick up a book on network fundamentals before getting started. There are many resources available on the Web to help you get started, including Broadcast Engineering's own “IT Fundamentals” webinar series.
Monitoring a network's operation is imperative, and several software packages, known as route analytics, are available to do this. Using this type of software allows the network manager to observe how the network is working as a whole in real time. Routers send each other instructions of how to route a particular IP packet to its destination. To find the shortest path for an IP packet, the router must know if any of the routers near it will get the packet closer to its destination. By exchanging information between them, routers are able to construct a map of how to get data from point “A” to point “B” via the shortest path.
Route analytics software listens to the inter-router messages and creates a visual map of the entire network, which enables the network manager to actually see what is happening on the network. Routers work at Layer 3, the network layer, of the OSI network model, which is the same layer that the Internet operates on. Routers over the years have become highly sophisticated and can reach out to other routers to understand the entire network to make better routing decisions.
Route analytics software also records network traffic, so the network manager can look back and observe what was happening on the network when a fault occurs. Because it is continuously monitoring the health of the network, it can alert the network manager to spikes in network traffic or even loss of any part of the network. These software packages also allow for simulations of the network, allowing managers to experiment with what-if scenarios and better plan for the future.
FCAPS is the ISO Telecommunications Management Network model and framework for network management. It breaks down the management of an IP network into five areas — fault, configuration, accounting, performance and security — which are the five network management functions, or elements, as defined by ITU-T and the ISO. (See Figure 1.)
- Fault managementThis is where faults are detected, isolated and repaired before any users are affected. Faults in the network can lead to downtime, so fault management is the most widely implemented of network management elements.
- Configuration managementKeeping track of all the versions of software and the configuration of the software and hardware is the goal of this part of network management.
- Accounting managementMeasuring the use of and the traffic on the network down to the level of individual users is the responsibility of this part.
- Performance managementThis is a measurement of the overall performance of the network, including latency, packet loss, retransmission and throughput. This monitors the general health of the network and how well it is serving its users.
- Security managementThis element controls access to network resources to protect them from attack or theft. Only those users who are authorized should be able to access the network.
Route analytics software can cover several areas of FCAPS, including fault, accounting and performance management.
Network security also falls under network management and is comprised of both hardware and software. Firewalls are used to keep unwanted data and users off the network. Most companies have intranets that connect to the Internet so their users can access it, but a firewall is the best way to prevent unwanted users from accessing a company's intranet and its resources. If it's necessary for remote employees to log onto the network, a virtual private network (VPN) should be used. Firewalls can also keep employees from connecting to places on the Internet such as FTP sites or music/movie download sites and can also record the activity passing through them, so expansion can be planned for as needed. In addition, dedicated computers can be set up as hardwire firewalls, which can handle more data traffic at higher speeds than software-only firewalls located on a server, and many routers can act as firewalls, but they must be configured to do so.
Every computer on the network should also have its own software firewall, in addition to updated antivirus software, to keep an infected computer from spreading a virus or malware over an intranet. All of these tasks fall under the IP network manager's domain.
IP address design
Don't forget about IP addressing within the network. Keeping the IP addresses under control is very important in any network, and this all starts with planning the network and assigning the static address, as well as the ranges for the dynamic addresses. Keeping a record of all assigned IP addresses is necessary, and many managers use a spreadsheet to keep track of them. There also are computer programs that will do this, and they can assist in network planning and automatically configure subnets as well as subnet masks.
Configuring the network equipment and keeping a record or copy of it falls under this category. Other than the physical layout of the network, this is where the network is told how to perform the required functions. It is probably one of the least understood parts of the network, but one of the most important.
As a network grows, keeping accurate records of the equipment and their configuration becomes increasingly important. If a router fails and must be replaced, would you know how to set it? What if the last person to configure it left the company, and there are no records? Having a copy of the setup file would be the best solution to this problem, because it could be loaded in the replacement equipment, but a written record should always be kept as well.
This is only a rudimentary introduction to an increasingly complex issue. As IP network management becomes more important, network managers need to do all they can to keep up on the issue, even if this requires some extra training.
Russell Brown is chief engineer at KMTP-TV in San Francisco and writer of Broadcast Engineering's “Transition to Digital” e-newsletter.