Title: eBusiness Tutorial
1SINMS A Slow Intelligence Network Manager based
on SNMP Protocol
Francesco Colace1 fcolace_at_unisa.it Shi-Kuo
Chang2 chang_at_cs.pitt.edu Massimo De Santo1
desanto_at_unisa.it
1Department of Information and Electrical
Engineering, University of Salerno,
Italy 2Department of Computer Science,
University of Pittsburgh, USA
DMS 2010 Chicago, IL
2Outline
- The Network Management
- Towards a Slow Intelligence Network Manager
- The Slow Intelligence System Approach
- The Ontology
- The SNMP Protocol
- SINMS
- The proposed architecture
- A first prototype
- Evaluation Parameters
- Experimental Results
- Conclusions
3The Network Management
- The Network Management the process of
controlling a network so as to maximise its
efficiency and productivity - Network Management Tasks
- Fault management
- Configuration management
- Accounting management
- Performance management
- Security management
4The Network Management
- The are a small number of accessories methods to
support network and network device management. - Access methods include
- the SNMP
- command-line interface (CLIs)
- custom XML
- CMIP
- Windows Management Instrumentation (WMI)
- Transaction Language 1
- CORBA
- NETCONF
- Java Management Extensions (JMX).
5Towards A Slow Intelligence Network Manager
- The aim of this paper is to design and implement
a Network Manager able - To detect automatically faults in a computer
network - To infer the actions to do in order to recover
the faults - To share knowledge about faults and actions with
other similar networks - The proposed results can be reached by the use of
- Slow Intelligence System Approach
- Ontology
6Slow Intelligent System
- SISs are general-purpose systems characterized by
being able to improve performance over time
through a process involving an Enumeration Phase
7Slow Intelligent System
- SISs are general-purpose systems characterized by
being able to improve performance over time
through a process involving a Propagation Phase
8Slow Intelligent System
- SISs are general-purpose systems characterized by
being able to improve performance over time
through a process involving an Adaptation Phase
9Slow Intelligent System
- SISs are general-purpose systems characterized by
being able to improve performance over time
through a process involving an Elimination Phase
10Slow Intelligent System
- SISs are general-purpose systems characterized by
being able to improve performance over time
through a process involving a Concentration Phase
11Slow Intelligent System
- A SIS continuously learns, searches for new
solutions and propagates and shares its
experience with other peers - A SIS differs from expert systems in that the
learning is not always obvious. - From the structural point of view, a SIS is a
system with multiple decision cycles such that
actions of slow decision cycle(s) may override
actions of quick decision cycle(s), resulting in
poorer performance in the short run but better
performance in the long-run
12Slow Intelligent System and Network Management
- A network manager has to find a possible solution
starting from a fault signal. So it has to
enumerate all the possible solutions Enumeration
Phase - A network manager can share with other systems or
experts knowledge in order to acquire new
solutions approaches Propagation phase - A network manager has to adapt a candidate
solution to the context of the managed network
Adaptation Phase - A network manager has to select only one
solution Elimination Phase - A network manager has to execute at its best the
selected solution Concentration Phase
13Slow Intelligent System and Ontology
Ontology
14Ontology for Network Management
- Ontology
- the definition of ontology is still a challenging
task - a good practical definition is an ontology is a
method of representing items of knowledge (ideas,
facts, things) in a way that defines the
relationships and classification of concepts
within a specified domain of knowledge - O C, A, RT, R, AX
15Ontology for Network Management
- The development of the ontologies system has
been obtained - By the use of SNMP protocol
- It is more than just a protocol. In fact it
defines an architecture for extracting
information from the network regarding the
current operational state of the network, using a
vendor-independent family of mechanisms - By the use of experts
16Ontology for Network Management
- In the case of the proposed Network Manager the
following ontologies have been developed - OSNMP CSNMP, ASNMP, HSNMP, RTSNMP, RSNMP.
This ontology aims to define the entire structure
of SNMP protocol by analyzing the various
messages and the relations between them - OFault CFault, AFault, HFault, RTFault,
RFault. This ontology describes each kind of
possible errors that can occur within a LAN - OCause CCause, ACause, HCause, RTCause,
RCause. This ontology defines the causes of the
faults that may occur in a LAN - OSolution CSolution, ASolution, HSolution,
RTSolution, RSolution. This ontology defines the
solutions that can be taken to recover from fault
situations which occurred within a LAN - OAction CAction, AAction, HAction, RTAction,
RAction. This ontology aims to identify the
actions to be taken in order to recover from
fault situations - OComponent CComponent, AComponent, HComponent,
RhComponent, RAction . This ontology describes
the components that may be present within a LAN - OEnvironment CEnvironment, AEnvironment,
HEnvironment, RhEnvironment, REnvironment. This
ontology describes the operative context where
the LAN works
17Ontology for Network Management Faults
18Ontology for Network Management Actions
19SINMS The Proposed Architecture
Device_k_1
Device_k_2
Device_k_n
Device_m_1
Device_m_2
Device_m_n
Ok-SNMP Ok_Fault Ok_Cause Ok_Solution Ok_Action O
k_Component Ok_Environment
Om-SNMP Om_Fault Om_Cause Om_Solution Om_Action O
m_Component Om_Environment
Local_Server_k
Local_Server_m
Ocentral-SNMP Ocentral_Fault Ocentral_Cause Ocent
ral_Solution Ocentral_Action Ocentral_Component Oc
emtral_Environment
Central_Server
Oi-SNMP Oi_Fault Oi_Cause Oi_Solution Oi_Action O
i_Component Oi_Environment
Oj-SNMP Oj_Fault Oj_Cause Oj_Solution Oj_Action O
j_Component Oj_Environment
Local_Server_i
Local_Server_j
Device_i_1
Device_i_2
Device_i_n
Device_j_1
Device_j_2
Device_j_n
20SINMS The Proposed Architecture
Zabbix_Server
Ontologies Local_Server_i
Ontologies Central_Server
SINMS Local_Server_i
SINMS Central_Server
SNMP-Message Reader
SNMP_Events
Actions
Actions
Actions
Actions
Actions
Device_1
Device_2
Device_N
Other_Local_servers
Zabbix_Agent
Zabbix_Agent
Zabbix_Agent
21SINMS The Operative Workflow
Local Server
Comparator Empty Set
Local_Server_Actions
Action Builder
Actions
Actuator
Comparator Empty Set
Comparator Empty Set
Action Builder
Central Server_Actions
Local_Server_Actions
Ontology Updating
Action Builder
Action Selector
Ontologies
Ontology Updating
Ontology_Nodes
Ontologies
Action Builder
Ontology Selector
Local_Servers
Ontology_Nodes
Report Generator
Ontology_Nodes
22SINMS The Prototype
- Adopted Technologies for the framework
development - Java
- MySql
- SNMP
- Zabbix
- OWL
- Protegè
23SINMS The Prototype
24Experimental Scenario 1
- The network manager has to manage two different
LANs. - The first one is composed by a Cisco switch and
30 personal computers - The second LAN is composed by a Nortel switch, 30
personal computers equipped with various
operative systems and a HP network printer. - Each local server has SNMP ontology able to cover
the 80 of the SNMP messages that the hosts in
the LAN can launch
25Experimental Scenario 1
- The experimental phase aimed to evaluate the
following parameters - The systems ability to identify the correct
management actions to apply in the LAN after a
SNMP signal. This parameter, named CA, is so
defined - The systems ability to select in a LAN a viable
solution that was previously adopted in a similar
case in another LAN. This parameter, named IS, is
so defined - The systems ability to manage the introduction
of a new component in a LAN. In particular the
system has to recognize components that were
previously managed in other LANs. This parameter,
named KC, is so defined
26Experimental Scenario 1
- The previous indexes were calculated in the
following way - The CA index this index was calculated after 10,
20, 30, 40 and 50 SNMP signals. In this case
there was not variations in the LANs - The IS index this index was calculated forcing
some SNMP events in the LAN not expected in its
SNMP reference ontology. This index was evaluated
after 10, 20, 30, 40, 50 SNMP signal not
expected. - The KC index was estimated after the introduction
of new components in a LAN. In particular for
five times a component belonging to a LAN has
been shifted in the other LAN and the index was
evaluated after 10, 20, 30, 40, 50 SNMP signal
launched from the host.
Index 10 20 30 40 50
CA 90,00 95,00 93,33 92,50 94,00
IS 50,00 60,00 66,67 70,00 74,00
KC 60,00 70,00 76,67 80,00 82,00
27Experimental Scenario 2
The Network Manager has been tested for 72 hours
monitoring the following LANS Lab_1 1 Switch
Cisco Catalyst 1 HP Network Printer 40 Personal
Computer Lab_2 1 Switch Nortel 1 Canon Network
Printer 35 Personal Computer Lab_3 1 Switch
Cisco Catalyst 50 Personal Computer
28Experimental Scenario 2
The network manager can recognize 237 OID Each
local server can recognize and manage 80 OID
(selected in a randomatic way) The overlapping
among the systems is the following S_L_1 and
S_L_2 45 S_L_1 and S_L_3 39 S_L_2 and S_L_1
37
29Experimental Scenario 2
SNMP_Signals Managed_Signals Managed_Signals_ After_Central_ Server_Request Not_Managed_ Signals
Local_Server_1 4128 4058 29 41
Local_Server_2 4007 3926 28 53
Local_Server_3 3824 3749 32 43
24 hours M/MAR/NM 48 hours M/MAR/NM 72 hours M/MAR/NM
Local_Server_1 1222 12 - 17 1244 11 - 10 1592 6 - 14
Local_Server_2 1104 13 - 11 1321 10 - 24 1501 5 - 18
Local_Server_3 1281 12 8 1309 13 - 19 1159 7 - 16
30Conclusions
- In this paper a novel method for network
management has been introduced - This method is based on
- SNMP
- Ontology
- Slow Intelligence System approach
- The approach has been tested in various operative
scenario with good results - The future works aim to improve the system by the
introduction of some modules based on Artificial
Intelligence for the automatic inference of
actions when the network manager does not find
any solutions