Given what's good about Web technology - most notably its ease of use and operating system independence - it makes sense that it should be extended to network management, a problem in dire need of both attributes. But to use Web technology to solve all net management problems would be a step in the wrong direction because there are already workable and agreed-upon ways to solve some aspects of the management dilemma. Rather than reinvent the wheel, it's better to use Web technology to only tackle issues that have yet to be adequately addressed. That is the premise behind the following white paper by Dr Jeffrey Case, who co-invented the Simple Network Management Protocol and is now president of SNMP Research International in the US. The paper was originally intended only for internal distribution at SNMP Research, a company that sells SNMP-related source code primarily to vendors.
Effective Web-based management means using the right tool for the job. In general terms, the four jobs of network and systems management are knowing, telling, crunching and showing.
Knowing means management data must first be identified and defined. Typically, this involves instrumentation - adding agents to or capturing status output from each device or system to be managed. The Internet-standard approach for instrumentation is the SNMP Structure of Management Information (SMI), defined in RFC 1902, and the use of standard Management Information Bases (MIB).
Telling is providing access to and transporting management data. Again, the Internet-standard approach is to use SNMP. Because of its low overhead as a connectionless protocol and its ability to punch through even during periods of network degradation, the User Datagram Protocol (UDP) has been used most often to transport SNMP data.
Crunching converts management data into meaningful information. Crunching is the job of smart applications capable of performing data reduction, data correlation and data aggregation. We'll call these "thinker" applications.
Showing is simply providing humans access to the information that results from all of the above.
The industry's current infatuation with Web-based management has induced some vendors to promote products that use Web-based technologies for all four tasks.
However, while the Web is well suited for some functions, using Web technology alone in other areas will lead to scalability, interoperability and performance nightmares. To illustrate, let's examine the suitability of Web-based technologies in the basic functional areas.
Knowing: using Web technology for data definition and instrumentationThe act of simply publishing a device's status or other management data is easy and convenient. But it assumes two things: that a human is available to read the Web page when the device is having a problem and it is sufficient to be able to monitor only one device at a time.
Unless a standard data definition language - such as the SNMP SMI - is used, interoperability among management systems and devices from multiple vendors is virtually impossible. When each vendor outputs device status or other management data to a Web page in a non-standard format, the data is programmatically useless to every management system except those supplied by the individual device vendor.
Any human may be able to read the data, but it will be impossible for any other vendor's management application to manipulate the data along with management data from other vendors' equipment. As a result, automation will never be achieved.
Over the past eight years, customers and vendors have made enormous investments of time, money and operator training in standards-based data definition and instrumentation based on the Internet-standard SMI and MIB. This investment has enabled at least a minimum degree of management interoperability. Disregarding that investment, rather than building upon it, will surely be incredibly and unnecessarily expensive in the long run.
Telling: using Web technology for data access and movementThe most prevalent management paradigm in use today is manager/agent, whereby a management system or mid-level manager (intelligent agent) periodically polls attached systems and devices to check status, retrieve critical information and to send configuration and control commands. The managed entities may also emit asynchronous traps (alerts) when a critical condition occurs.
HTML and HTTP are not well suited for polling, as they require a human to "push" a reload button to retrieve information and build a new screen. Likewise, HTML/HTTP are not designed for accepting asynchronous traps. While a Java applet may be written to emulate pushing the reload button or to achieve "server push" for trap notification, this is a workaround solution attempting to make HTML/HTTP do tasks for which they were not designed. Performance inefficiencies will result.
In contrast, it is more appropriate to view SNMP and Web technologies as complementary, and allow SNMP to perform the knowing and telling (instrumentation and data access/movement) while using the World Wide Web for other jobs.
Furthermore, analytical studies, controlled experiments and field experience have all shown the superiority of connectionless transports for use with management protocols, such as that used by SNMP, and have identified the problems associated with attempting to convey management data over a stateful connection-oriented transport stack, such as HTML over HTTP over TCP.
While SNMP has helped organise and drive the management industry with respect to instrumentation and data access/movement, the market still suffers fragmentation in the critical areas of data repository interface and data modelling. This, as well as operating system and hardware differences among various management platform suppliers, has created far too many permutations and combinations for management application providers (those who sell thinker applications) to support, eroding product profitability and the providers' ability to improve their products enough to satisfy customer requirements.
Web-based technology in general, and Java in particular, is certainly appropriate for reducing the porting burden among management application providers and perhaps for serving as a foundation for a data repository interface.
Showing: using Web technology for information displayThe ubiquity of the Web makes it an ideal display vehicle. Publishing data on a Web page is an effective, easy and affordable way to disseminate information to those who need it. The platform-independent features of HTML/HTTP and Java are certainly advantageous, leading one to conclude that the Web can be viewed as an effective replacement for X Windows in many situations.
HTML is limiting in that it is a markup language with limited dynamic capabilities. Java supports dynamic features and also has richer drawing capabilities.
Alternative Web-based architectures
The Web-based management market is beginning to organise, and various vendors and consortiums have proposed different architectures. The most well known of these include:
Web-based device management via HTTP access to devices (agents)HTTP access to management systemsJava and the Java Management API (JMAPI)Web-based Enterprise Management (WBEM)Architecture 1 involves putting a Web server in each managed device or system for enabling HTTP access to management data. In many cases, the management device also provides SNMP access to management data for compatibility with the enterprise's management strategy.
Products in this category typically use one of two approaches for accomplishing this: dual stack, meaning the SNMP stack is separate from the HTTP stack; or integrated stack, where a single communications stack is used for both SNMP and HTTP, with mapping between SNMP and HTTP constructs occurring at a high layer in the stack.
A number of vendors have implemented dual-stack technology. However, the integrated approach offers many advantages, including:
Tighter security, because there is a single path to management data Better guarantee of set synchronisation Smaller stack footprint and memory size Consistency - again, a single path to management dataTesting is also easier because there are fewer components to test - one stack instead of two.
While Web-based device management has several positive features, it also has a number of limitations. Management is more than just perusing MIB variables with a Web browser. Web browsers are connection-oriented; they were not designed for machine-to-machine interaction. Since Web browsers are meant to handle only one connection at a time, an enterprise-wide global view is hardly supportable.
For these reasons, among others, Web-based device management does not scale and is a poor choice for fault management. But it is well suited for some aspects of configuration management.
Web access to management stations
Architecture 2 provides HTTP access to the management system while preserving the use of SNMP between the manager and agents. The architecture uses a protocol designed to carry management data (SNMP) to perform that task and uses protocols intended for communications with browsers (HTML and HTTP) to do just that. That is, it uses technologies for their originally intended purposes - the right tool for the job.
One advantage of this architecture is that multiple browsers can access the management system concurrently. And the management system, in turn, can manage multiple devices concurrently.
While this architecture solves the problems of data collection and information display, it does not yet address other areas of management fragmentation, such as data repository and data modelling.
Java and JMAPI
Architecture 3, JMAPI, is part of SunSoft's Java-based Solstice Workshop initiative. Solstice Workshop is a programming environment for developing Web-based network and systems management software. In addition to JMAPI, the Solstice Workshop includes a small footprint database and a Java programming environment. Solstice Workshop's big drawing card is JMAPI's extensibility and the popularity of Java's "write once, run anywhere".
A number of third-party vendors have endorsed JMAPI, and several plan to release beta products built using the first version of the JMAPI tool kit. This tool kit will support Java "widgets" for a standardised presentation look.
However, JMAPI object classes have not yet been defined in any detail, and tool kits with refined data definitions will not be available for sometime. In fact, much of the detail of managed object definitions will be left up to third parties to sort out.
As such, standards will be needed to achieve the level of integrated applications users need and to provide the level of application portability developers need.
Web-based enterprise management
Architecture 4, WBEM, will include detailed data definitions. The original WBEM architecture - spearheaded in July 1996 by Microsoft, Compaq, Cisco Systems, BMC Software and Intel - has been publicly endorsed by more than 50 vendors.
It calls for defining the following components:
HyperMedia Management Schema (HMMS) is an extensible data description for representing the managed environment. The original intent was that HMMS would be further defined by the Desktop Management Task Force (DMTF). However, the DMTF has chosen to overhaul the ambitious schema effort and is about to publish a superset called the Common Information Model. CIM specifies mappings between HMMS and products conforming to the Common Object Request Broker Architecture, SNMP and DMTF Desktop Management Interface standards.
The HyperMedia Object Manager is a data model that consolidates management data from different sources.
HyperMedia Management Protocol is a communications protocol that embodies HMMS and runs over HTTP and has planned interfaces to SNMP and DMI.
The WBEM/CIM is the most ambitious of all Web-based management architectures and is, therefore, more likely to take the longest time to reach maturity.
Adjusting the vision
Java shows promise for reducing the portability burden associated with developing thinker applications while providing unprecedented information display capabilities. But amidst the excitement over Java, some segments of the industry are moving towards repeating mistakes of the past: pursuing gigantic efforts not sufficiently compatible with the installed base. For example, both the JMAPI and WBEM architectures are ambitious efforts rivalling the scope of the now defunct Open Software Foundation's Distributed Management Environment. Huge efforts such as these rarely result in useful products in a timely fashion.
Some in the Java and WBEM camps are trying to reinvent instrumentation; they will have to take a performance and compatibility hit for mapping to the existing installed base.
Users learned about the costs of incompatibility when attempts were made to deploy the DMTF's technology with enterprise wide SNMP-based management.
Another lesson can be found in recalling the network management platform wars of the early 1990s, which, although diminished in fury, continue to this day. Reinventing today's net management platforms as Web-based platforms will only fuel similar battles. We need standards for data modelling, a data repository and libraries for those functions in order to avoid repeating the costly platform wars.
In summary, the industry needs to be realistic about what technologies such as Java-based applets can and cannot do. Standards - of the right kind - are needed before real progress can be made toward solving the truly difficult management problems customers face.
For example, a Java-based application "bus" for manager station extensibility is one practical solution. Such a bus would provide Java-based, platform-independent, standard interfaces that can be exploited by portable management applications.
The amount of work to produce standards for these interfaces is daunting, so it behoves vendors to work together on the problem.
In the meantime, throughout this year many more devices supporting Web-based device management will enter the market, most of which will also support SNMP access. Useful Web-based management standards will evolve slowly. But progress will be slowed even further by attempts to revisit the solved problems of instrumentation and data movement rather than focusing efforts on the harder problems of management application integration and data definition.
Customers are advised to watch developments carefully, armed with scepticism about silver bullet technologies. Don't abandon what you have; rather, buy and use what works and is complementary to your installed base. Harmonious marriages with other technologies are the key to success, tempered with discretion for using the right tool for the job.
Dr. Jeffrey Case can be reached via the Internet at firstname.lastname@example.org