Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

A Local Area Network (LAN) Containing a switch with 8 ports which connects an NM

ID: 3737878 • Letter: A

Question

A Local Area Network (LAN) Containing a switch with 8 ports which connects an NMS(port 4), a printer (port 8), a server, and hosts A, B, C, and D. The LAN is connected to the Internet by router R (port 5). The following figure shows this LAN.

Ports 1 and 7 are down and the rest are up.

The NMS can detect that port 1 (is a "C" host) and port 7 ( is a server ) are down using traps or monitoring tools. Explain these two methods. Which method can locate the exact port number & Describe how the NMS can discover all active devices?

MS Printer erve Internet

Explanation / Answer

SNMP trap Messages

# SNMP traps are alert messages sent from a remote SNMP-enabled device to a central collector, the "SNMP manager". A trap might tell you that a device is overheating, for example. "As you'll recall, SNMP is one possible protocol that devices can use to communicate".

# SNMP traps are most commonly issued by one of two device types. Newer devices are able to send traps on their own to alert an SNMP trap manager when they experience a problem. For older devices that do not support SNMP, an SNMP RTU may be used to collect alarms from multiple legacy devices, convert them to SNMP traps, and transmit them (most commonly over LAN) back to your SNMP manager.

Different types of SNMP trap

# The most important thing to keep in mind is SNMP versions, like v1, v2c, and v3. Each version has different pros and cons, and you need to think about compatibility. SNMPv3 supports encryption for security, while SNMPv1 is very simple to set up. If you have standardized on SNMPv3, for example, you're going to need SNMPv3 devices. Older devices will need to be upgraded. You can also install a translation device to convert between SNMP versions.

network Monitoring

# Network monitoring is the use of logging and analysis tools to accurately determine trafc fows, utilisation, and other performance indicators on a network. Good monitoring tools give you both hard numbers and graphical aggregate representations of the state of the network. Tis helps you to visualise precisely what is happening, so you know where adjustments may be needed.

# It is very important that the computer network needs to be managed properly. Management of networking requires monitoring. Network monitoring is a set of mechanisms that allows network administrators to know instantaneous state and long-term trends of a complex computer network

Example of monitoring tool

lets take GFI Network Server Monitor for example,

# GFI Network Server Monitor monitors network for failures or irregularities. It maximizes network availability by monitoring all aspects of Windows and Linux servers, workstations and devices such as routers. When it detects a failure, GFI Network Server Monitor can send alerts via SMS, pager, email or a network message.

# GFI Network Server Monitor consists of a network monitoring service and a separate management interface. No agent software needs to be installed on the machines you wish to monitor. The Network Monitor Engine is multi-threaded and can run 40 checks at a time. This software architecture allows for high reliability and scalability to monitor both large and small networks.

# GFI Network Server Monitor allows you to store monitoring data to either an SQL Server or MS Access database backend. SQL Server is more appropriate for users with higher monitoring level requirements as well as those who need to centralize the monitoring results of multiple GFI Network Server Monitor installations in one place, such as backups, remote accessing as well as report generation by third party tools such as Crystal Reports or MS Reporting Services.

# You can check rule status from any location using GFI Network Server Monitor's remote web monitor. You can check critical processes and services on local and remote computers using GFI Network Server Monitor. You can also monitor the CPU usage of a machine.

Which method can locate the exact port number

# as far as i can tell A port is always associated with an IP address of a host and the protocol type of the communication. It completes the destination or origination network address of a message. Ports are identified for each protocol and address combination by 16-bit unsigned numbers, commonly known as the port number.

# Specific port numbers are commonly reserved to identify specific services. The lowest numbered 1024 port numbers are called the well-known port numbers, and identify the historically most commonly used services. In the client–server model of application architecture, the ports that network clients connect to for service initiation provide a multiplexingservice, so that multiple simultaneous communication sessions may be initiated from these ports.

lets take a Example of internet mall system for use of port

# A server used for sending and receiving email generally needs two services. The first service is used to transport email to and from other servers. This is accomplished with the Simple Mail Transfer Protocol (SMTP). The SMTP service application usually listens on TCP port 25 for incoming requests. The second service is usually either the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP) which is used by e-mail client applications on users' personal computers to fetch email messages from the server.

# he POP service listens on TCP port number 110. Both services may be running on the same host computer, in which case the port number distinguishes the service that was requested by a remote computer, be it a user's computer or another mail server.

how the NMS can discover all active devices

# The discovery function of most network management platforms is intended to provide a dynamic listing of devices found in the network. A discovery engine provides detailed configuration information of network devices.

#  Knowledge of the underlying network is becoming one of the key requirements of the new generation of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). Lacking this knowledge can result in numerous ambiguities when interpreting alerts and making decisions on adequate responses.

# Acquiring this knowledge can be accomplished by a variety of techniques that can be placed in two general categories as follows

1) active Discovery Techniques. 2) passive Discovery Techniques.

# Passive network discovery and monitoring is a technology that processes captured packets from a monitored network in order to gather information about the network, its active elements, and their properties. It is usually installed at a network chokepoint.

# The underlying methodology behind active profiling techniques involves actively probing a target device, for which there is a wide variety of techniques, and then analyzing the device’s response Through the use of these techniques, various pieces of information about the network and its devices can be discovered, including the network topology, device availability, the protocols in use etc.

# On start of discovery process, a range of IP-Address is given as an input to the Ping Scanner module. This range can be specified either as start or an end ip-address or can be input as single ip-address and ask the Ping Scanner to look for all the address in the corresponding network.  Ping Scanner sends an ICMP Echo (ping) request to each and every ip-address within the range. And it sends all the ICMP packets in one go and then wait for ICMP echo replies. It waits for configurable amount of time before moving on to next step. After waiting ‘Ping scanner’ passes the list of discovered hosts/devices to SNMP scanner to do the further processing.

# SNMP Scanner sends SNMP Get request on all the discovered hosts/devices in one go, and then wait for configurable amount of time to receive SNMP response.

# Final collected information is stored in internal datastructures and displayed to user through a third party SNMP Browser, using internally developed MIB.

# At the end of the discovery process, the new data collected is compared with that of the last time. If a new device is discovered i.e. discovered during the current scan but not present in the last scan, a trap ‘deviceUp’ is raised. Similarly, if a device goes down i.e. not discovered during the current scan but present in the last scan, a trap ‘deviceDown’ is raised.

Related Questions

A Juarez, Mexico, manufacturer of roofing supplies has developed monthly forecas
Question #2477663
A Jumping-Off Place A successful, medium-sized U.S. manufacturing firm in Ohio h
Question #419891
A June 2015 Gallup Poll asked a SRS of 340 Democrats if they trusted their docto
Question #3234471
A June 2015 Gallup Poll asked a SRS of 340 Democrats if they trusted their docto
Question #3249185
A June sales forecast projects that 1,500 units are going to be sold at a price
Question #2567774
A June sales forecast projects that 6,000 units are going to be sold at a price
Question #2443056
A June sales forecast projects that 7,500 units are going to be sold at a price
Question #2380733
A K + -meson (with a rest mass of 493.7 MeV/c2) initially at rest decays into a
Question #2268936
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
A Live on Campus Live Off Campus, Not with Parents Live Off Campus, with Parents
Next
A Lone Wolf? As a very independent person, you started a business and it is very

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.