Device Discovery and Mapping
#Troubleshooting Versus Management
In a very real sense, troubleshooting and management
are just different sides of the same coin. Ideally, management deals with problems
before they happen, while troubleshooting deals with problems after the fact.
#Characteristics of Management Software
- Discovery and mapping
Discovery includes both the automatic detection of all devices on a network and the collection of basic information about each device, such as the type of each device, its MAC address and IP address, the type of software being used, and, possibly, the services it provides. Mapping is the creation of a graphical representation of the network showing individual interconnections as well as overall topology.
- Event monitoring
Once a picture of the network has been created, each device may be monitored to ensure continuous operation. This can be done passively, by waiting for the device to send an update or alert, or by actively polling the device.
- Remote configuration
You should be able to connect to each device and then examine and change its configuration. It should also be possible to collectively track configuration information, such as which IP addresses are in use.
- Metering and performance management
Information on resource utilization should be collected. Ideally, this information should be available in a usable form for purposes such as trend analysis and capacity planning.
- Software management
Being able to install and configure software remotely is rapidly becoming a necessity in larger organizations. Being able to track licensing can be essential to avoid legal problems. Version management is also important.
- Security and accounting
Depending on the sensitivity of data, the organization’s business model, and access and billing policies, it may be necessary to control or track who is using what on the network.
#Discovery and Mapping Tools
A wide range of tools is available. At the low end are point tools—tools designed to deal with specific tasks or closely related tasks.
#Selecting a Product
#Device Discovery
-IP Address Management
-nmap
-arpwatch
#Device Identification
-Stack Fingerprinting
-queso
-nmap Revisited
#Scripts
-Tcl/Tk and scotty
#Mapping or Diagramming
-tkined
Troubleshooting Strategies
#Generic Troubleshooting
Any troubleshooting task is basically a series of steps. The actual steps you take
will vary from problem to problem. Later steps in the process may depend on the
results from earlier steps.
For truly difficult problems, you will need to become formal and systematic. A
somewhat general, standard series of steps you can go through follows,
1. Document. Before you do anything else, start documenting what you are doing. Depending on your circumstances, management may require a written report. If you have a complex problem, you are likely to forget at some point what you have actually done. This often means starting over, in such a situation Documenattion plays a vital role.
2. Collect information and identify symptoms. Actually, this step is two inter-
twined steps. But they are often so intertwined that you usually can’t sepa-
rate them. You must collect information while filtering that information for
indications of anomalous behavior. These two steps will be repeated
throughout the troubleshooting process. This is easiest when you have a clear
sense of direction.
3. Define the problem. Once you have a clear idea, you can begin coming to
terms with the problem. This is not the same as identifying the symptoms but
is the process of combining the symptoms and making generalizations.
4. Identify systems or subsystems involved. As you collect information, you will define and refine not only the nature of the problem, but also the scope of the problem. This is the step in which we divide and hopefully conquer our problem.
5. Develop a testable hypothesis. Of course, what you can test will depend on
what tools you have,
6. Select and apply tests. Not all tests are created equally. Some will be much
easier to apply, while others will provide more information. Determining the
optimal order for a set of tests is largely a judgment call. Clearly, the simple
tests that answer questions decisively are the best.
7. Assess results. As you perform tests, you will need to assess the results, refine
your tests, and repeat the process. You will want new tests that confirm your
results. This is clearly an iterative process.
8. Develop and assess solutions. Once you have clearly identified the problem,
you must develop and assess possible solutions.
9. Implement and evaluate your solution. Once you have decided on a solution
and have implemented it, you should confirm the proper operation of your
system. Depending on the scope of the changes needed, this may mean exten-
sive testing of the system and all related systems.
#Task-Specific Troubleshooting
Each problem will be different, and you will need to vary your approach
as appropriate.
No comments:
Post a Comment