2.9 System Management Services

System management, or in the context of a networked heterogeneous environment, network management, encompasses the planning, installation and operation of computer networks and network components. A network component is defined as a communications or data processing resource to be managed, including protocol state machines, protocol layers, connections, and physical devices such as network interface units. Each component is further characterized by one or more attributes, such as retransmission timers or buffer sizes, which are also manageable.

There is some overlap between Network Management and System Administration functions, but system administration focuses on resources and standard means to configure and use them. Definition of requirements for systems administration is still in its infancy and international standards for specific system administration functions are just starting to evolve. The DODIIS standards for system management are shown in table 2-14.

Table 2-14 . System Management Service Standards

2.9.1 Network Management

Network Management includes the protocols (see section 2.6.4 ), services, formats, and administrative procedures for collecting management information providing a means to recognize faults, system trends and various parameters that allow timely response for reconfiguration and maintenance actions.

2.9.1.1 Management Information

The Management Information Base (MIB) provides structured description for management information. SNMP has specific standards for describing MIB elements which is identified in MIL-STD-2045-17507-3 Structure and Identification of Management Information (SNMPv1). When implementing network management features on DODIIS systems, developers must use standard MIB definitions to facilitate the free exchange of management information between DODIIS management domains. If unique MIB extensions are required for reporting management information, it should be isolated from standard management information.

2.9.1.2 Specific Management Functional Areas

The activities associated with network management are being standardized by the ISO in terms of five Specific Management Functional Areas (SMFAs):

• Configuration Management. Configuration management includes functions to control the configuration of network, system, or layer entities. Supporting this area are functions to: 1) create, delete, examine, and change sets of management information that describe parts of a system; 2) examine and be notified of changes in the state of the system to monitor overall operability and use of the system and give or withhold permission for the use of specific components; and 3) examine the relationships among various parts of the system to see how the operation of one part of the system depends upon or is depended upon by other parts.
• Performance Management. Performance management provides the services needed to measure and maintain communication service quality objectives. Also included are functions to observe, track, store, and analyze performance information associated with network components operating either under normal or controlled conditions.
• Fault Management. Functions within fault management provide the services needed to detect, isolate, and correct problems in network components. Supporting fault management are functions to control the sending and logging of received event (e.g., error) reports, manipulate event logs, execute diagnostic tests, trace faults, and initiate the correction of faults.
• Security Management. Security management is concerned with system security management, and the management of security services and mechanisms. Examples include overall security policy management, distribution of cryptographic keys, event generation and reporting, the setting of administratively-imposed security selection parameters, the reporting of security-relevant events (audit trails), and service activation and deactivation.
• Accounting Management. Accounting management functions provide the services to identify and/or negotiate mechanisms for collecting, and associating charges with, information regarding communications resource usage. The communications resources for which usage information can be maintained may include resources within both end systems and intervening networks. Services are included to activate accounts and monitor account-relevant information. In the DODIIS community, this functional area does not have as much relevance as the other areas. DODIIS sites do not intend to charge fees for access to these systems.

2.9.1.3 Systems Management Functions (SMFs)

Within each of the SMF Associations (SMFAs), ISO/IEC groups are defining standards for functions (including requirements, models and services) for network management. Because requirements overlap between SMFAs, some of the management functions defined may also be used in other SMFAs. The management functions are being defined by the SMFA groups of ISO/IEC as SMFs. The seven most widely recognized SMFs are:

• Object Management Function (OMF). The OMF enables a management user to create, modify, examine or delete characteristics of a managed object.
• State Management Function (STMF). The STMF enables a management user to control the availability of specific resources. The user can examine states to be notified of state changes and to monitor overall operability and usage of resources in a consistent manner. There are basically three states defined for the management function:
  • Operational state, where/when the resource is physically installed and working.
    
  • Usage state, which identifies if the resource is active and what capacity is in use.
    
  • Administration state, for setting resource permissions for access and use.
• Attributes for Representing Relationships (ARR). ARR provides the functions and rules governing how one part of an open system may affect other parts of the system. In addition to describing the nature and types of managed object relationships and how they are represented, ARR describes the monitoring and controlling of these relationships. ARR also identifies how notifications of relationship changes are reported.
• Alarm Reporting Function (ARF). ARF specifies particular categories of alarms as well as a mechanism for communicating the alarms between peer management users. ARF identifies the semantics and parameters of alarms in the following five categories:
  • Communications
    
  • Quality of service
    
  • Processing failure
    
  • Equipment
    
  • Environmental
  • The ARF supports the network management capability of detecting faults, as early as possible, preferably before problems are noticed by network users.
• Event Report Management Function (ERMF). Management events indicate that some measurable activity has occurred in a network management system. The ERMF specifies discriminators for generating events and provides the management user with the following capabilities:
  • Flexible report control service
    
  • Control report delivery destinations
    
  • Selection of alternate report delivery destinations
    
  • External management of discriminators for generating a report
• Log Control Function (LCF). The LCF specifies particular management functions and services which allow logging of information about event reports, notifications and operations performed by and on various objects. The LCF provides services to initiate, terminate, suspend or resume logging activities by manipulating the log object. The LCF also supports retrieval of log attribute values, notification of attribute value changes, log record retrieval and log record deletion.
• Security Alarm Reporting Function (SARF). While there is a function for reporting system alarm conditions, security alarms are isolated as a dedicated function. The SARF specifies the particular format for reporting alarms on security related system events. The SARF identifies five types of security alarms and eighteen registered alarm causes. SARF also defines parameters to identify causes of security breaches.

There is also work on defining additional SMFs in future versions of the management standards. Some SMFs that have been identified for future work include:

• Security audit trail
  
• Objects and attributes for access control
  
• Account metering
  
• Workload monitoring
  
• Test management
  
• Changeover
  
• General relationship model
  
• Management domain
  
• Response time monitoring
  
• Scheduling
  
• Time management
  
• Summarization
  

The intention of the standards community is to develop additional SMFs as needed.

2.9.1.4 Management Domains

Within large distributed and complex systems, it is frequently necessary to partition the management activity and responsibilities. These partitions are referred to as management domains. Domains are created for several reasons. For example, domains may be created to accommodate:

• Organizational or administrative entities
  
• Multiple geographical locations
  
• Differing communications technologies
  
• Differing equipment domains
  
• Differing application domains
  
• Security
  
• Historical accident (artifact) as a large network grows over time
  
• Large numbers of resources
  

DODIIS constitutes a management domain and each site has another management domain which is internal to the site. The partitioning of systems into management domains as outlined above implies that each manager has responsibility for its domain. Furthermore, sharing of management information may take place across domains when such information is necessary for the domains to understand the interactions between them. Management information must be shared across DODIIS as well as internal to the site configuration.

The formal definition of management domains states that management domains are composed of systems resources which are referred to as managed components. Each management domain possesses at least the following three properties: 1) a name which uniquely identifies that management domain; 2) identification of a collection of managed components which are members of the domain; and 3) identification of the inter- domain relationships. Management domains may or may not overlap; when they do overlap, specific conditions may apply to the common managed components. Figure 2-8 illustrates management domain overlap.

Figure 2-8. Management Domains

2.9.1.5 Administration of Management Domains

Naturally there must be formal administrative processes overseeing these multiple domains. These requirements include:

• Establishing and maintaining the respective authorities of each management domain
  
• Applying any modifications to their domain boundaries
  
• Organizing the way in which some domain components overlap

In order to meet the administrative requirements, a special type of management administrative domain is defined. A management administrative domain is a management domain where the managed components in the domain are all under the responsibility of one and only one administrative authority.

An administration authority of a management administrative domain may be a public administration (e.g., a public telecommunications administration or some organization offering communication services) or a private organization. The organizations concerned, in this case DODIIS, will select applicable systems management functions to control the numerous managed components and the management domains which are entirely within its management administrative domain.

2.9.1.6 Network Control Center

In the DODIIS architecture, system and network management are supported by a generic Network Control Center (NCC) modeled after the Strategic Air Command's NCC. The NCC provides management and administrative services for the network. The services provided include: 1) monitoring functions to report the status of and detect problems with each of the network components (e.g., gateways and bridges); 2) collecting and reporting network traffic statistics; 3) implementing traps and alarms to alert operators when a problem occurs; 4) integrating configuration tools to permit the operator to enable and disable network interface devices; and 5) identifying diagnostic and repair tools to permit an operator to analyze and repair a fault condition.

2.9.2 System Administration

System administration and management of local assets is also required at each DODIIS site. System administration includes the capabilities of defining and managing user access, devices, file systems, administrative processes (job accounting), queues, machine and platform profiles, authentication (passwords), authorization of resource usage, and system backup. IEEE P1387 defines the POSIX interface for system administration services. P1387 is currently in draft stages and its four volumes are limited to print services, software installation and user administration. Additional systems management areas will be added as they mature into standards. Additional POSIX interfaces such as backup and on-line disk management are currently under consideration.

2.9.3 Object Management

The Object Management Group (OMG) is a consortium of vendors and users that is defining specifications for distributed object-oriented computing. Jointly released by the OMG and X/Open, the Common Object Request Broker Architecture (CORBA) specification defines a framework by which objects can transparently make and receive requests. A number of vendors are currently providing or working to provide CORBA-based products, and some are incorporating the products into their operating system environment. The CORBA 1.1 specification does not address some important issues such as interoperability and security, but CORBA 2.0, the most recent release of the CORBA specification, does address these issues. The DODIIS community will adopt the OMG specifications as conforming COTS products become widely available.

2.9.4 System Management Security Services

Security management, an integral part of system management, is concerned with the management of security services and mechanisms. Included within security management is overall security policy management. Security management services include system security management, security service management, key management, and security mechanism management. Security mechanism management functions include maintaining sensitivity labels, managing user clearance levels, performing security audit administration, maintaining security databases, and distributing cryptographic keys. The area of key management is undergoing considerable change within DOD and civil agencies. Various systems are being investigated, to include the National Security Agency's electronic Key Management System; several Service key management systems; the Service Common Tier I development effort, and Local Authority Workstation being developed under MISSI (see section 2.6.5.4 ). DODIIS will monitor these developments to determine their appropriateness within the community. Selection of standard for supporting key management are expected to be defined in the next release of this document.

Future DODIIS standards for security management include the security services provided by SNMPv2. International standards being monitored for potential inclusion with the DODIIS Profile are those associated with work items of ISO SC21 Working Group 4. This particular working group is developing security management standards in the areas of alarm reporting, security alarm reporting, and the security audit trail function.