Beruflich Dokumente
Kultur Dokumente
ON
A STUDY OF
MANAGEMENT.
NETWORKING
MONITORING,
At
NET CHECK SOLUTIONS (INDIA) PVT LTD.
By
SANTOSH K. KOLTE
MBA (I.T) 3rd SEMESTER
Submitted to
Through
MATRIX SCHOOL OF MANAGEMENT STUDIES, PUNE - 41
(2015-2017)
SECURITY
&
DECLARATION
I, Mr. Santosh Kolte hereby declare that this project is the record of authentic work
carried out by me during the academic year 2016-17 and has not been submitted to any
other University or Institute towards the award of any degree.
Santosh Kolte
ACKNOWLEDGEMENT
EXECUTIVE SUMMERY
Chapter 1
Introduction
1.1 What does Computer Networking mean?
Computer networking is an engineering discipline that aims to study and analyze the
communication process among various computing devices or computer systems that are
linked, or networked, together to exchange information and share resources.
Computer
networking
depends
on
the
theoretical
application
and
practical
Local Area Network (LAN): Used to serve a small number of people located in a
small geographical space. Peer-to-peer or client server networking methods can be
employed.
Wide Area Network (WAN): Formed to connect a computer with its peripheral
resources across a large geographical area.
Interconnection (OSI) is a reference model for a network and describes how information
from an application installed on a device or system moves through various nodes in the
network to another device within the same network or to an external network. There are
many components that make a network and enables communication between various
nodes, such as network addresses, data transport & communication protocols, and
methods used for transfer of packets between nodes within the same network or different
networks. Below are some of the basic components that are part of every computer
network and these also are the vectors that form the essentials of network monitoring.
Name
System
(DNS)
Each element in a network, in addition to an IP address, can also have a reference name.
This allows a user to communicate with a resource using an easy to remember
alphabetical name rather than a difficult to remember IP address. DNS maps the name of
a resource to its physical IP address or translates a physical IP address to a name.
Dynamic
Host
Configuration
Protocol
(DHCP)
counters
Microsoft Windows Server includes OS performance counters that are enabled by default.
These performance counters provide data about system performance, such as data on
cache, memory, disk, processor, etc., which can be used by server performance
monitoring applications.
Windows
Management
Instrumentation
(WMI)
WMI is a Microsoft feature that allows for accessing management information about the
status of computer systems. In addition, WMI supports actions, such as configuration &
changing system properties, permissions, scheduling processes, etc. WMI can be used to
manage servers as well as client machines locally and remotely.
Eventlog
Microsoft Windows OS generates a variety of event logs that contain information about
events that occur on a system, such as application events (eg. data loss, or any significant
problem with application performance), security events (failed logons, attempts to access
secure files, security log tampering etc.), or system events. These logs can be monitored
with a monitoring system to identify possible issues with server and client systems.
General Monitoring techniques and protocols:
Now that you know what makes up a network and the components available for Windows
monitoring, let us look at general monitoring techniques used by network and systems
admins.
In order to successfully monitor your network or even server and systems, the availability
of the below options are necessary:
Data or information from various elements in the network. Data includes
information about the working, current status & performance, and health of the
element being monitored.
An application or monitoring software must be able to collect, process, and
present data in a user friendly format. Software should even alert users about
impending problems based on thresholds.
A protocol or method for transmitting information between the monitored element
and the monitoring software.
Information collected from the network helps with better management and control over
the network, identification of possible network issues before they cause downtime, and
quick resolution of issues when something goes wrong. In short, constant monitoring will
help create a high performing network.
Below are some of the general techniques available for monitoring. These techniques are
used for collection of monitoring data from the network.
Ping
This is a network admin tool that is used to test the reachability and availability of a host
in an IP network. The data from ping results can determine whether a host in the network
is active or not. Furthermore, it can measure the transmission time and packet loss when
communicating with a host.
Simple
Network
Management
Protocol
(SNMP)
Syslog
Syslog (not to be confused with Windows Eventlog), is a message logging system that
allows for a device to send event notifications in IP networks. The information from these
messages can be used for system management, as well as security auditing. Syslogs are
supported on a variety of devices ranging from printers to routers, and firewalls.
Leveraging
the
power
of
scripts
In networks where an NMS is not available for monitoring, or the existing NMS does not
support specific functions or even extend the functionality of the existing NMS tool,
network admins can make use of scripts. Scripts use common commands, such as ping,
netstat, lynx, snmpwalk, etc., that are supported by most network elements to perform an
action, such as collecting information from elements, making changes to device
configurations, or perform a scheduled task. Bash scripts, Perl, etc. are common scripting
tools used by network admins.
Privacy is assured
Collaboration is encouraged
A strong security stance assures customers that sensitive information, such as credit card
numbers or confidential business details, will not be accessed and exploited. Your
business partners will feel more confident sharing data such as sales forecasts or prerelease product plans. In addition, the same technologies that keep intruders out can give
your partners secure access to information on your network, helping you collaborate and
work together more effectively.
Mobility
Improved productivity
While there is no precise definition of the term due to it being such a broad concept, some
of the main areas are summarized below:
Network Administration: This involves tracking and inventorying the many network
resources such as monitoring transmission lines, hubs, switches, routers, and servers; it
also involves monitoring their performance and updating their associated software
especially network management software, network operating systems, and distributed
software applications used by network users.
Network Operation: This involves smooth network functioning as designed and
intended, including close monitoring of activities to quickly and efficiently address and
fix problems as they occur and preferably even before users are aware of the problem.
Network Maintenance: This involves timely repair and necessary upgrades to all
network resources as well as preventive and corrective measures through close
communication and collaboration with network administrators. Example work includes
replacing or upgrading network equipment such as switches, routers and damaged
transmission lines.
Network Provisioning: This involves configuring network resources to support the
requirements of a particular service; example services may be voice capabilities or
increasing broadband requirements to facilitate more users.
Chapter 2
Company Profile
Net-Works Delivered.
Overview
Incorporated in 2003.
Beginning our sojourn with Network Testing, Installation, Tools & maintenance.
Proved our expertise in developing cutting-edge solutions for better harnessing of the
power of IT.
Thereafter, proved the expertise in network infrastructure development across the
length and breadth of the country
Mile stones
Key Services
Network Design
Implementation
Network Audit
Network Security
Work at a Glance
Yearly around 600 Kms of OFC work with all type of construction work and splicing
across India.
Yearly 10,000 Nodes Data and Voice Network Development / Capacity.
Large Corporate Network Infrastructure Development.
L2 and L3 Switching, Routing, Wireless, NAC, Storage.
Microwave/Carrier/Service Provider Network Infrastructure Development.
Satellite Communication/ Antenna Remoting.
Video Surveillance
Fire Alarm System
Access Control System
Major Achievements
Kirloskar Group Of Companies - 3000 + Points Data and Voice network. Fiber
connectivity.
HEMRL Nasik 625 + Data and Voice Points network. Fiber work of more than 85
Kms. with all construction work and splicing. Wireless connectivity for 4 No's of E1
Kirloskar Oil Engines Limited Network Migration from 3COM to Cisco with 10
GBPS backbone using Cisco 4500 series chassis at core level. Cisco ACS and WLC
for wired and wireless authentication.
Associations With
Cisco Premium Certified Partner - Switches, Routers, Wireless, Security, Voice and
Unified Communication
D-Link Switches, Routers, Wireless, Passive Components
Digilink / Schneider Passive Components
Schneider Pelco CCTV, DVR, Fire System
Morley Fire System
Motorola Canopy Wireless Point to Point Connectivity Siemens - Voice, IP
Telephony, Security
Multitech - Unified Communication
Polycom, Tandberg Video Conferencing
AMP Structured Cabling
Corning Structured Cabling, OFC
Comscope Systimax Structured Cabling
Leviton Structured Cabling
RPG, Usha Martin OFC and Copper Cables
IVC, FLIR, AXIS Video Surveillance, Thermal Cameras
Fibreco, Amphenol, Brugg, Multidyne, OCC Tactical Fiber Cable Assemblies .
Certificates
Chapter 3
Research Methodology
3.1 Introduction
No one can doubt the importance of network in the todays technology world but just
providing network is not sufficient for any organization, it should be well managed and
secure and should be monitored properly.
The market has been witnessing growth which is manifold for last few years. Many
players have entered the economy thereby increasing the level of competition. In the
competitive scenario it has become a challenge for each company to adopt practices that
would help the organization stand out in the market. The competitiveness of a company
of an organization is measured through the quality of products and services offered to
customers that are unique from others, so the Netcheck solution india private limited
suggested the topic A study of network monitoring ,management and Control(Security)
systems .
Solution(I)
Pvt. Ltd.
The necessary information for this research is collected through Primary and Secondary
source. These sources are as follows:
under study. It serves as an original source of information about the topic. In this
search, the primary data is collected through discussion with the employees of
Netcheck.
Secondary Source: Secondary data means data that already available i.e., they
refer to the data which have been collected and analyzed by someone else. In this
research, secondary data is collected through various research papers and
Websites.
Chapter 4
Theoretical Background
Shirbhate, R.S. & Patil, P.A. (2012): Network Traffic Monitoring Using Intrusion
Detection System, in this research paper the mentioned Security is a big issue for all
networks in todays enterprise environment. Many methods have been developed to
secure the network infrastructure and communication over the Internet, among them the
use of firewalls, encryption, and virtual private networks. Intrusion detection is a
relatively new addition to such techniques. IDS protect a system from attack, misuse, and
compromise. It can also monitor network activity. Network traffic monitoring and
Khan R , Khan S.U , Zaheer R. , Babar M.I (2013):Large organizations always require fast
and efficient network monitoring system which reports to the network administrator as
soon as a network problem arises. This paper presents an effective and automatic network
monitoring system that continuously monitor all the network switches and inform the
administrator by email or sms when any of the network switch goes down. This system
also point out problem location in the network topology and its effect on the rest of the
network. Such network monitoring system uses smart interaction of Request Tracker (RT)
and Nagios softwares in linux environment. The network topology is built in Nagios
which continuously monitor all of the network nodes based on the services defined for
them. Nagios generates a notification as soon as a network node goes down and sends it
to the RT software. This notification will generate a ticket in RT database with
problematic node information and its effect on the rest of the network. The RT software is
configured to send the ticket by email and sms to the network administrator as soon as it
is created. If the administrator is busy at the moment and does not resolve the ticket
within an hour, the same ticket is automatically sent to the second network responsible
person depending upon the priority defined. Thus, all persons in the priority list are
informed one by one until the ticket is resolved.
Yongjie Cai (2014): Various wireless network technologies have been created to meet the
ever-increasing demand for wireless access to the Internet, such as wireless local area
network, cellular network and sensor network and many more. The communication
devices have transformed from large computational servers to small wireless hand-held
devices, ranging from laptops, tablets, and smartphones to small sensors. The advances of
these wireless networks (e.g., faster network speed) and their intensive usages result in an
enormous growth of network data in terms of volume, diversity, and complexity. All of
these changes have raised complicated network measurement and management issues. In
this proposal, I first investigate the impact of wireless local area network in home and
network security monitoring. Then I propose effective and efficient approaches in
analyzing network data, particularly those generated by smartphone apps and sensor
networks
Navneet Kaur Dhillon and Mrs. Uzma Ansari(2012):Todays enterprise networks are
composed of multiple types of interconnected networks. Operations and management
staff must provide an efficient, reliable and secure operating environment to support an
organizations daily activities. Enterprise networks must be monitored for performance,
security, and fault management .Current management uses the complex, hard-to-learn and
hard-to-use tools. We need a simple, uniform, easy tool for managing networks. Client
server based management promises to provide such solutions. This paper focuses on the
use of packet capturing technology like WinPcap and JPCAP for the purposes of
enterprise network traffic monitoring and reporting. In this paper, we first examine the
requirements for enterprise network traffic monitoring, analysis and reporting, and then
present the design and implementation of a network traffic monitoring and reporting
system. Network traffic Monitoring is a network diagnostic tool that monitors local area
networks and provides a graphical display of network statistics. While collecting
information from the network's data stream, Network Monitor displays the following
types of information:
The source address of the computer that sent a frame onto the network.
The destination address of the computer that received the frame.
The protocols used to send the frame.
The process by which Network Monitor collects this information is called capturing. By
default, Network Monitor gathers statistics on all the frames it detects on the network into
a capture buffer, which is a reserved storage area in memory. To capture statistics on only
a specific subset of frames, we can single out these frames by designing a capture filter.
To use Network Monitor, our computer must have a network card that supports
promiscuous mode.
Mr. Nagaraja G.S., Chittal R.R., Kumar K.(2007): Computer networks have
influenced the software industry by providing enormous resources distributed around the
globe and interactions among people working anywhere in the world that the world today
seems too small. Networks themselves have undergone a radical change in the last few
decades starting from ARPANET to the Inter-Continental data cables that we see today.
The amount of data that is carried on the Information Super Highway has been increasing
everyday prompting for efficient management of the Trans-Continental Super Highway
of data. The growing dependence on networks for everyday tasks has created the demand
for high performance; reliable networks thereby making companies invest a lot on
research on improving the networks and new designs. Part of achieving the goal of high
performance is active monitoring of networks to help in the identification and prevention
of network errors. Many tools have emerged to aid in performance monitoring of
networks. The most common class of tools is based on the Simple Network Management
Protocol (SNMP), a protocol for sending and transmitting network performance
information on IP networks. Other types of network performance monitoring tools
include packet sniffers, flow monitors and application monitors. Examples of the various
monitoring tools are SolarWind's Orion SNMP monitoring platform, WireShark packet
capture tool, Webmetrics' Global Watch and Cisco's NetFlow flow monitoring tools. Key
words: Simple network management protocol, internet protocol, monitoring tools.
emphasize on the network security also we present some major issues that can affect our
network.
Keywords- Network Security, Threats, Cryptography, Ping
Esad S. and Ivan. I(2011):The purpose of this document is to provide an insight into
basic NMS (Network Management System) activities, along with recommendations for
administrators of campus and/or local networks intending to apply the NMS tools within
their networks. The document begins with a discussion of network topology. Changes in
topology are recommended based on the idea that a majority of NMS activities should be
conducted through the management segment of the network. The discussion focuses on
two alternatives: the management network and the production network may either be
separated physically (out-band management segment) or they may share the same
physical infrastructure (the VLAN segment of the network). The document further
identifies the three components that should, as a minimum, be covered by a Network
Management System. They are the configuration management and log management,
along with the already recognized Network Monitoring component implemented using
one of the NMS software packages. Finally, the document briefly describes the most
frequently used management protocols and their application in different environments
and on different types of devices within a network (such as network devices, servers,
UPS devices and A/C), provided they do not jeopardize the security of the network.
Kadry S., Hassan W.(2008): The basic reasons we care about information systems
security are that some of our information needs to be protected against unauthorized
disclosure for legal and competitive reasons; all of the information we store and refer to
must be protected against accidental or deliberate modification and must be available in a
timely fashion. We must also establish and maintain the authenticity (correct attribution)
of documents we create, send and receive. Finally, the if poor security practices allow
damage to our systems, we may be subject to criminal or civil legal proceedings; if our
negligence allows third parties to be harmed via our compromised systems, there may be
even more severe legal problems. Another issue that is emerging in e-commerce is that
good security can finally be seen as part of the market development strategy. Consumers
have expressed widespread concerns over privacy and the safety of their data; companies
with strong security can leverage their investment to increase the pool of willing buyers
and to increase their market share. We no longer have to look at security purely as loss
avoidance: in todays marketplace good security becomes a competitive advantage that
can contribute directly to revenue figures and the bottom line. Networks today run
mission-critical business services that need protection from both external and internal
threats. In this paper we proposed a secure design and implementation of a network and
system using Windows environment. Reviews of latest product with an application to an
enterprise with worldwide branches are given. Keywords: Network design, LAN, WAN,
Security, Encryption, VPN, IPSec, Active Directory.
Bibliography:
1. (https://www.techopedia.com/definition/25598/computer-networking)
2. (http://www.cisco.com/cisco/web/solutions/small_business/resource_center
/articles/secure_my_business/what_is_network_security/index.html?
referring_site=smartnavRD)
3. (http://www.solarwinds.com/basics-of-network-monitoring)
4. Network Traffic Monitoring Using Intrusion Detection System
(http://www.ijarcsse.com/docs/papers/january2012/V2I1059.pdf)
accessed date on 26/07/16
5. An Efficient Network Monitoring and Management System
(http://www.ijiee.org/papers/280-N011.pdf) accessed date on 26/06/16
Science/Student
%20Presentations/Yongje%20Cai/Yongjie_Cai_ThesisProposal.pdf)
accessed
date on 27/06/16.
Tool
With
JPCAP
API
(http://www.ijarcsse.com/docs/papers/11_November2012/Volume_2_issue_11_N
ovember2012/V2I11-0142.pdf )