Network Monitoring And Management System Information Technology Essay

Network monitor And wariness System Information Technology EssayAliterature critical reviewis a body of text that aims to review the critical points of actual knowledge including substantive findings as well as theoretical and methodological contributions to a fussy topic. Literature reviews atomic number 18secondary sources, and as much(prenominal), do not report any unexampled or original experimental work.Most often associated with academic-oriented literature, such astheses, a literature review usu wholey precedes a research proposal and results section. Its ultimate goal is to bring the reader up to date with current literature on a topic and forms the basis for another goal, such as future research that may be needed in the atomic number 18a.A well-structured literature review is characterized by alogicalflow of ideas current and relevant references with consistent, appropriatereferencing style proper use ofterminology and an unbiased and well-rounded view of the pre vious research on the topic.4.1 Domain Research4.1.1 Network supervise and Management trunk4.1.1.1 Introduction to the use of Network Monitoring and Management schemeWhenever there is vital information in an constitution there has to be some agent who has to provide surety measures to that information. This is because this vital information quarter be some sort of business plans, customer details or any kind of confidential tenders that is very important to organizational benefit. Any opp wholenessnt company canister gain profit if it has accessed to those information by any means. Thus here arise the need and usage of intercommunicate observe trunk that go forth be able to monitor the activities of its client.Secondly in both company one can expect there pull up stakes be one mesh decision maker. But when the number of machine increases it is difficult to manage those machines manually. Suppose one need to install some kind of programs in the client PC, the adminis trator has to go to that PC and then install. It is literally time consuming to go to each and every PC for initiation and finishing a set up litigate. Another way to solve this problem is to hire more employees for maintenance of the machines. Now this will be costly affair. So the use of Network Monitoring and Management together forms an important part of organizational computing machine network in day to life.4.1.1.2 Network Monitoring and Management SystemThe termnetwork observedescribes the use of a system that constantly monitors acomputer networkfor slow or failing components and that notifies thenetwork administrator(via email, pager or other alarms) in case of outages. It is a subset of the functions involved innetwork focussing. While an encroachment detection systemmonitors a network for threats from the outside, a network monitoring system monitors the network for problems caused by overloaded and/or crashed servers, network connections or other turn of eventss. Ef fective planning for a network guidance system requires that a number of network coun selling tasks be performed. The network concern system should discover the network inventory, monitor the health and status of devices and provide alerts to conditions that come to system performance.Anintrusion detection system(IDS) is a device or parcel applicationthat monitors network and/or system activities for malicious activities or insurance policy violations and produces reports to a Management Station. Intrusion prevention is the process of performing intrusion detection and attempting to stop detect possible incidents.Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, attempting to stop them, and reporting them to security system administrators. IDPSs have become a necessary appendage to the security infrastructure of nearly every organization.Network managementrefers to the activities, methods , procedures, and tools that pertain toOperation deals with glide bying the network (and the services that the network provides) up and running smoothly. It includes monitoring the network to spot problems as soon as possible, ideally before users are affected.Administration deals with keeping track of resources in the network and how they are assigned. It includes all the housekeeping that is necessary to keep the network under control.Maintenance is concerned with performing repairs and upgrades-for example, when equipment must be replaced, when a router needs a patch for an direct system image, when a new switch is added to a network. Maintenance besides involves corrective and preventive measures to make the managed network run better, such as adjusting device configuration parameters.Provisioning is concerned with configuring resources in the network to support a given service. For example, this might include setting up the network so that a new customer can receive voice se rvice.4.1.1.2.1 Types of intrusion detection systems B5B6For the purpose of dealing with IT, there are three main fibers of IDSFig Showing type of intrusion Detection systemNetwork intrusion detection system(NIDS)It is an independent platform that identifies intrusions by examining network traffic and monitors multiple hosts. Network intrusion detection systems gain access to network traffic by connecting to anetwork hub,network switchconfigured forport mirroring, ornetwork tap. In a NIDS, sensors are located at choke points in the network to be monitored, often in the demilitarized zone(DMZ) or at network borders. Sensors mesmerise all network traffic and analyze the content of individual packets for malicious traffic. An example of a NIDS is Snort.Host-based intrusion detection system(HIDS)It consists of an agent on a host that identifies intrusions by analyzing system calls, application logs, file-system modifications (binaries, password files, capability databases, Access cont rol lists, etc.) and other host activities and state. In a HIDS, sensors usually consist of asoftware agent. Some application-based IDS are also part of this category. An example of a HIDS isOSSEC.Perimeter Intrusion Detection System(PIDS)Detects and pinpoints the location of intrusion attempts on gross profit margin fences of critical infrastructures. Using either electronics or more advancedfiber opticcable technology fitted to the perimeter fence, the PIDS detects disturbances on the fence, and this signal is monitored and if an intrusion is detected and deemed by the system as an intrusion attempt, an alarm is triggered.4.1.1.2.2 Comparison with firewallsThough they both relate to network security, an intrusion detection system (IDS) differs from a firewall in that a firewall looks outwardly for intrusions in order to stop them from happening. Firewalls limit access between networks to prevent intrusion and do not signal an attack from inside the network. An IDS evaluates a sus pected intrusion once it has taken place and signals an alarm. An IDS also watches for attacks that originate from within a system. This is traditionally achieved by examining network communications, identifying heuristics and patterns (often known as signatures) of common computer attacks, and taking action to alert operators. A system that terminates connections is called anintrusion prevention system, and is another form of anapplication layer firewall4.1.1.3 Components of Network Monitoring and Management SystemThe network monitoring system elementaryally contains different modules with the help of which proper functioning is carried out. The following are the list of modules and processesInitial Set-Up This is the startle step while setting up a network monitoring tool. The machines must be physically connected. IP addressing should be properly carried out.Network subroutine The system sends out a command across the network along with usage of various components to get the m inimum knowledge on the get in which the network is functioning network. This model is useful for documenting the network configuration.Machine Pooling Now the map is prepared, and the system sends the current status request to the components that are in the network. With this process the system would able to get the knowledge of any potential failures that exist in the network.Alarms Notification The application can detect the potential failures in the real network. Like if any system has gone out of LAN due to any cable fault or any type of other failures it will send notification to the administrator. Information about errors can be displayed centrally or even sent as an SMS message to a mobile telephone Notification can be through e-Mail, SMS or Pager.Reporting The log-sheet with the help of the command can be very useful for the system administrator to hand the idea of the type of error that has been frequently occurring.By undergoing a thorough research the developer has found out that certain processes like filtering of client, listing of process, managing clients and their processes are the basic functionalities that must be present in a network monitoring system.4.1.1.4 Network based Application ArchitectureNetwork based application architecture can be described as the software architecture of the network based application. It provides an abstract view and the model for comparison of the architecture that is going to be used to build the system. It explains how system components are allocated and identified and how these components interact with the system. Also provides information on the amount and granularity of communication needed for interact. Along with it also gives idea on the interface communications protocols.4.1.1.4.1 Client/Server Architecture W2W3The client-server model distinguishes between applications as well as devices. Network clients make requests to a server by sending messages, and servers respond to their clients by acting on each request and returning results. One server generally supports numerous clients, and multiple servers can be networked together in a pool to handle the increased processing load as the number of clients grows.CUsersJAYESHPicturesfeatures-client-server.jpgCUsersJAYESHPicturesclient_server_architecture.jpgFig- A Client-Server NetworkTheclient-server modelof computing is adistributed applicationstructure that partitions tasks or workloads between the providers of a resource or service, calledservers, and service requesters, calledclients.Often clients and servers communicate over acomputer networkon separate hardware, but both client and server may reside in the same system. A server machine is a host that is running one or more server programs which share their resources with clients.In most cases, client-server architecture enables the roles and responsibilities of a computing system to be distributed among some(prenominal) independent computers that are known to each other o nly through a network. This creates an additional advantage to this architecture greater ease of maintenance. For example, it is possible to replace, repair, upgrade, or even relocate a server while its clients remain both unaware and unaffected by that change.Client/Server architecture with respect to champaign research4.1.1.4.2 Network monitoring protocols W12Website monitoring service can check HTTP pages, HTTPS, SNMP, FTP, SMTP, POP3, IMAP, DNS, SSH,TELNET,SSL,TCP,ping,SIP,UDP, Media Streaming and a range of other ports with a variety of check intervals ranging from every four hours to every one minute. Typically, most network monitoring services test your server anywhere between once-per-hour and per-minute.SNMP is the most well known protocol used to manage networked devices. It was to facilitate the exchange of management information between networked devices operating at the application layer of the ISO/OSI model. A collection of network management stations and network elem ents are implicit in the SNMP architectural model. Network management stations monitor and control network elements by executing management applications for Network devices such as hosts, gateways, terminal and servers which have management agents responsible for performing the network management functions requested by the network management stations. The easy Network Management Protocol (SNMP) is used to communicate management information between the network management stations and the agents in the network elements.SNMP is most normally used for remote management of network devices. SNMP is moreover known for its flexibility. Adding network-management functions to the existing system is very easy. An SNMP-managed network typically consists of three componentsManaged devicesAgentsNetwork management systemsA managed device can be any piece of equipment that sits on your data network and is SNMP compliant. Routers, switches, hubs, workstations, and printers are all examples of manag ed devices. An agent is typically software that resides on a managed device. The agent collects data from the managed device and translates that information into a format that can be passed over the network apply SNMP. A network-management system monitors and controls managed devices. The network management system issues requests and devices return responses.4.1.1.5 HCI (Human calculating machine Interaction)Human-computer interaction is a discipline concerned with the design, evaluation and implementation of interactive computing systems for human use and with the study of study phenomena surrounding them. Association for Computing MachineryAs Smart Whistle Blower- a network management and monitoring tool completely functions according to the user. That is why developer tried and true to implement peoples interaction with computers and to develop the computers for successful interaction with human by the concept of HCI (Human- Computer Interaction). The developer used followin g main parts of HCIUserComputerInteractionThe developer implemented HCI with the aim of improving the interactions between humans and computers by making computers more usable and receptive to the users needs. Usability can be defined as the extent to which the system can be learnt and used by the users. So the developer measures the usability of the system by analyzing the following pointsEasy to learnEffective to use cost-effective to useWhile developing a system using HCI principles the following factors must be considered by the developerOrganizational FactorsEnvironmental FactorsHealth and Safety Factors pouffe FactorsPeopleSystem/Network AdministratorSupervisor AdvisorHCI now is being used in a wide range of fields which are shown in the diagram belowFig Showing related modules to HCIUSource http//images.google.co.in/imgres?imgurl=http//www.deepamehta.de/docs/images/talk/39-middle.png4.1.1.6 Market Research4.1.1.6.1 Similar software available in foodstuffThere are numerous mo nitoring tools available in the market, some of which are listed belowApplication MonitoringPerformance Monitoringselective informationbase Monitoring earnest MonitoringEnvironment MonitoringNetwork Traffic MonitoringPC MonitoringProtocol Analyzing4.1.1.6.2 Comparison map W13 W14 W15W16W17W18W19W20Fig Showing Comparison Chart between ten software and Smart Whistle BlowerA Brief AnalysisOn a comparison with 10 network monitoring system it has been found that the proposed software i.e. Smart Whistle is providing many such facilities that the current network monitoring system do not have. The comparison has been do on nine different features that network monitoring and management software must have. The features commonly are as follows Logical Grouping Distributed Monitoring ironware Intrusion Detection WebApp Auto discovery Triggers/alerts Live Screening Chat enabled Support Network Management System4.1.2 trade protection management recommendation protective covering Mana gement for networks is different for all kinds of situations. A small home or an office would only require basic security while large businesses will require high maintenance and advanced software and hardware to prevent malicious attacks fromhackingandspamming.Small homesA basicfirewalllike COMODO Internet Security or aunified threat managementsystem.For Windows users, basicAntivirus softwarelikeAVG Antivirus,ESET NOD32 Antivirus,Kaspersky,McAfee,Avast,Zone Alarm Security SuiteorNorton Antivirus. An anti-spyware program such asWindows DefenderorSpybot Search Destroywould also be a good idea. There are many other types of antivirus or anti-spyware programs out there to be considered.When using a wireless connection, use a robust password. Also sample to use the starchyest security supported by your wireless devices, such as WPA2 with AES encryption.Enable MAC Address filtering to keep track of all home network MAC devices connecting to your router.Assign STATIC IP addresses to n etwork devices. modify ICMP ping on router.Review router or firewall logs to help identify abnormal network connections or traffic to the Internet.Use passwords for all accounts.Have multiple accounts per family member, using non-administrative accounts for day-to-day activities. Disable the guest account (Control Panel Administrative Tools Computer Management Users).Raise awareness about information security to children.Medium businessesA fairly strongfirewallorUnified Threat ManagementSystemStrongAntivirus softwareand Internet Security Software.Forauthentication, use strong passwords and change it on a bi-weekly/ periodical basis.When using a wireless connection, use a robust password.Raise awareness aboutphysical securityto employees.Use an optionalnetwork analyzeror network monitor.An enlightened administrator or manager.Large businessesA strongfirewallandproxyto keep unwanted people out.A strongAntivirus softwarepackage and Internet Security Software package.Forauthentication, use strong passwords and change it on a weekly/bi-weekly basis.When using a wireless connection, use a robust password.Exercisephysical securityprecautions to employees.Prepare anetwork analyzeror network monitor and use it when needed.Implementphysical securitymanagement likeclosed circuit televisionfor entry areas and restricted zones.Security fencingto mark the companys perimeter.Fire extinguishersfor fire-sensitive areas like server rooms and security rooms.Security guardscan help to maximize security.SchoolAn adjustablefirewallandproxyto allow authorized users access from the outside/inside.StrongAntivirus softwareand Internet Security Software packages.Wireless connections that lead tofirewalls.Childrens Internet Protection Actcompliance.Supervision of network to guarantee updates and changes based on popular site usage.Constant inspection by teachers, librarians, and administrators to guarantee protection against attacks by bothinternetandsneaker netsources.security via fir ewallLarge governmentA strongfirewallandproxyto keep unwanted people out.StrongAntivirus softwareand Internet Security Software suites.Strongencryption.White list authorized wireless connection, block all else. only network hardware is in secure zones.All hosts should be on a private network that is invisible from the outside.Put web servers in aDMZ, or a firewall from the outside and from the inside.Security fencingto mark perimeter and set wireless range to this.4.1.3 Service and Technology Growth in IndiaAs India emerging as one of the major IT leaders of the world, more and more IT companies are establishing in the present scenario. With the increase in IT companies more competition will arise in the market, as a result there will be increase in business politics and hence everybody will try to win this race of competition in the market. Thus there is high risk of hackers intruding into company database and taking away vital information and selling them to rival company. So here the importance of Network Security arises. As a result more and more number of Network Monitoring and management systems is being developed.On a detailed research it has been found that the number of cases of cyber crime is increasing every year. With practical guidancedelivered by expert speakersan organization named as e-CrimeIndia is the premier networking and knowledge initiative for security, IT, fraud, investigations, CERT, audit, forensics, and compliance professionals who are responsible forprotecting against existing attacks and emerging threats.Major IT companies in India like the Infosys, TCS, and Wipro etc. are having separate department to develop software related to network security. Hence one can say the importance of developing such a system because this type of software is ever- demanding with the increase and development of technology.4.2 Information and ResourcesNetworks Networking ConceptsComputer Networks and Internets with Internet Applications, 4th Internati onal strain, Douglas E Comer, Ralph E. Droms, ISN013123627X, Publisher Prentice Hall, Copyright 2004Behrouz Forozuan, (2004) Introduction to Data Communication Networking, 3rd Edition, McGraw-HillTanenbaum, Andrew S. (2003) Computer Networks, 4th Edition, Prentice HallStallings, William (2006) Data and Computer Communications, 7th Edition, Prentice HallBooksLeslie Ann Robertson, 2003, Simple Program Design, 2nd Edition , Boyd and FraserShelly, G.B., Cashman, T.J. Rosenblatt, H.J. (2005) System Analysis and Design, 5th or 6th Edition, Course TechnologyOConnell, F. (2001) How to Run Successful Projects III The Silver Bullet. Addison Wesley, ISBN 0201748061CCTA (2002) Managing Successful Projects with PRINCE2. The Stationary Office Books, Cleland, D. (2001) A Guide to the Project Management Body of Knowledge 2000. PMI. ISBN 0113308914White Paper and JournalParnas, David,A rational design process and how to fake it (PDF)An influential composition which criticises the idea that softwa re production can occur in perfectly discrete phases.Royce, Winston (1970),Managing the Development of Large Software Systems,Proceedings of IEEE WESCON26(August) 1-9Web billetwww.onestoptesting.com/sdlc-models/waterfall-model/http//www.freelancer.com/projects/by-tag/projects-socket-programming-based-multi-client-server-architecture.html