Page 320 - Optical Communications Essentials
P. 320

Network Management



          310  Chapter Eighteen


                       origin of faults, the management system might use fault isolation techniques
                       such as alarm correlation from different parts of the network and diagnostic
                       testing.
                      ■ Once the faults are isolated, the system issues trouble tickets that indicate
                       what the problem is and possible means of how to resolve the fault. These
                       tickets go to either a technician for manual intervention or an automatic fault
                       correction mechanism. When the fault or degradation is corrected, this fact
                       and the resolution method are indicated on the trouble ticket, which then is
                       stored in a database.
                      ■ Once the problem has been fixed, the repair is operationally tested on all
                       major subsystems of the network. Operational testing involves requesting per-
                       formance tests, tracking the progress of these tests, and recording the results.
                       The classes of tests that might be performed include echo tests and connec-
                       tivity examinations.

                        An important factor in troubleshooting faults is to have a comprehensive
                      physical and logical map of the network. Ideally this map should be part of a
                      software-based management system that can show the network connectivity
                      and the operational status of the constituent elements of the network on a dis-
                      play screen. With such a map, failed or degraded devices can be viewed easily,
                      and corrective action can be taken immediately.


          18.2.5. Security management
                      The ability of users to gain worldwide access to information resources easily and
                      rapidly has made network security a major concern among network adminis-
                      trators. In addition, the need of remote users and personnel who telecommute
                      to access corporate data from outside the corporation presents another dimen-
                      sion to network security. Figure 18.3 shows some of the points in a network and
                      at its external interfaces where security may be an issue. Network security covers
                      a number of disciplines, including

                      ■ Development of security policies and principles
                      ■ Creating a security architecture for the network
                      ■ Implementing special firewall software to prevent unauthorized access of cor-
                       porate information from the Internet
                      ■ Applying encryption techniques to certain types of traffic
                      ■ Setting up virus protection software
                      ■ Establishing access authentication procedures
                      ■ Enforcing network security

                        The principal goal of network security management is to establish and enforce
                      guidelines to control access to network resources. This control is needed to


                 Downloaded from Digital Engineering Library @ McGraw-Hill (www.digitalengineeringlibrary.com)
                            Copyright © 2004 The McGraw-Hill Companies. All rights reserved.
                              Any use is subject to the Terms of Use as given at the website.
   315   316   317   318   319   320   321   322   323   324   325