This chapter covered network management, whereas the previous chapter covered ne
ID: 3774715 • Letter: T
Question
This chapter covered network management, whereas the previous chapter covered network security. Note that network design tasks are often interwoven, however, and shouldn’t be considered discrete just because a book is divided into discrete chapters. In what ways are network management and network security interrelated? When de- signing network management for your customer, what security concerns will you ad- dress? When designing network security for your customer, what network manage- ment concerns will you address?
Explanation / Answer
what ways are network management and network security interrelated
The primary connection between network management and security is that the security an organization needs largely determines exactly how professionals manage the network. Each part of the security system also has to be organized well to ensure efficiency of control, with managers identifying the threats present for the network. When managers find breaches of policy or law that relate to the system, it is their responsibility to turn individuals over to the proper authorities or take appropriate business action.
Network Security Design
Following a structured set of steps when developing and implementing network security will help you address the varied concerns that play a part in security design. Many security strategies have been developed in a haphazard way and have failed to actually secure assets and to meet a customer's primary goals for security. Breaking down the process of security design into the following steps will help you effectively plan and execute a security strategy:
Identify network assets.
Analyze security risks.
Analyze security requirements and tradeoffs.
Develop a security plan.
Define a security policy.
Develop procedures for applying security policies.
Develop a technical implementation strategy.
Achieve buy-in from users, managers, and technical staff.
Train users, managers, and technical staff.
Implement the technical strategy and security procedures.
Test the security and update it if any problems are found.
Maintain security.
Security Problems in Network Management
The network has become a business-critical asset for most corporations. Managing the network and developing comprehensive security measures are necessities that often decrease the availability of network resources.
Where it once was sufficient to require passwords on all user accounts to maintain a reasonable information defense, now a vast number of techniques are required to confront the wily hacker. Firewalls are used to segment networks into zones of control, Network Address Translation (NAT) is used to restrict access and conceal internal network structures, and Virtual Private Networking (VPN) technology is used to hide sensitive information as it traverses unsecured networks.
With the evolution of network management, more responsibility has been placed upon the "framework" to fulfill the TMN FCAPS model. Typical network operations centers, which support Simple Network Management Protocol (SNMP)-based logical and physical devices, must now be capable of supporting all business units in a uniform fashion.
There is a fundamental security concern with any type of remote management, whether it is remote system management or remote network device management. The goal of the security system is usually to limit access to devices to a small set of services, and to track that access as closely as possible. However, remote management, by its nature, typically requires complete access to all devices. Security staff would prefer to limit access to only a specific set of programs and files, on a limited set of systems, during fixed periods, from fixed locations.
SNMP provides this pervasive access to network systems and devices. As with any application protocol, this system has implications to the security environment that creates a large number of risks, but it also provides great benefit that cannot be ignored.