Managing & Monitoring Wireless Networks
When considering network management, it sometimes helps to start with a quick look at the topics defined within the ISO network management model, though as you’ll soon discover, installing and managing wireless networks require special and unique characteristics. The ISO network management model is comprised of these five elements:
- Fault management: This covers topics related to problems, errors or failures, and includes event notifications, alarms and alerts, problem identification, troubleshooting, problem resolution and error or event logging.
- Configuration management: This covers topics related to how a network is set up, addressed and operated, and includes change control and management, inventories of hardware and software, and configuration data.
- Accounting management: This has to do with keeping track of who’s using what kinds of resources for how long and includes asset management, cost controls and chargeback mechanisms. Especially in environments where IT operates as a cost center, wireless networking chargebacks are essential to distributing costs based on usage or resource consumption.
- Performance management: This covers items related to how a network is behaving at any given moment and over time, and includes network capacity planning, availability, response time measurements, error rates, throughput and utilization.
- Security management: This covers elements of network and node security, and includes security policy requirements and implementations, authorization, access controls and audit trails, security event logging and authentication failures. Add the extra urgency that “broadcast access” to wireless networking brings (think about “war driving” if this does not make immediate sense, or how easy it is to drop in on and use wireless networks in public places) and you’ll get quick ideas about how and why security goes double when networks are wireless.
Because the ISO model was developed in the 1980s, ideas about what it means to manage networks have changed since then, but in ways that extend its coverage. All five of its original elements do indeed remain relevant. This means additions to, and enhancements of, the model’s original five subject areas and entirely new topics, as well. The most obvious additions have to include identity management and authentication services, added levels of encryption and protection to enhance security, and patch and update management for maintaining wireless access points and clients, as well as security management purposes. It’s possible to argue that these additions are merely elaborations to configuration management, but because they all have their own sets of associated tools, they’re worth mentioning as separate areas of specialization.
Of course, when it comes to managing wireless networks as opposed to wired networks, there’s a whole class of test equipment and tools that is quite different from those used for wired or optical media. These include various kinds of signal strength meters, plus a whole new class of drivers and capabilities for standard network management monitors, protocol analyzers, and similar diagnostic and testing tools.
Classes of Wireless Management Tools
When it comes to managing wireless networks, there are various categories or classes of tools. At the top of the hierarchy of systems that include network management capabilities, you’ll find general-purpose, enterprise-class tools designed to handle networking gear, manage servers and clients, control network infrastructure and much more. This includes systems like Tivoli’s Enterprise Console, HP OpenView and CA-Unicenter. These don’t really fit into specialized wireless network management tools and tasks per se, but relate more to the kind of management that occurs at the big-picture, end-to-end systems level.
In the middle of a typical management hierarchy, you’ll find various systems designed to provide centralized management and control, specifically over networks in an enterprise or organization. Sometimes such tools are platform-specific—for example, the Microsoft Systems Management Server (SMS) or the Sun Management Center—while others are designed to accommodate Windows, Linux or UNIX and other platforms, as well. Here, for example, Novell’s recent push into Linux along with its historical involvement with NetWare properly equip it to deal with multiple platforms. That’s why the Novell ZENworks and eDirectory products can claim to support Windows, Linux, NetWare and Solaris, all with equal facility. These tools don’t really have a wireless focus; though some have wireless plug-in modules, those really fit at the bottom of the management hierarchy, which is where this story focuses its coverage.
At the bottom of the management hierarchy, known as the element or network management level, you’ll find tools designed for use on individual wireless networks, often as part of whatever wireless access points are in use. This is also where signal strength meters, wireless network analyzers and other wireless networking test equipment and monitoring software really come into play. Although most of the items higher in the network management hierarchy inevitably end up working with these components, because they’ll often acquire alerts, extract usage information and pick up other data from the element level, the real wireless networking tools reside primarily at this level. Of course, this is also where the finest granularity of control and the highest level of detail are available.
Categorizing Wireless Monitoring and Management Tools
When it comes to managing wireless networks, there are two very broad classes of tools with which network administrators must interact:
- Wireless access point consoles and other related wireless installation, set-up and configuration utilities (many of which provide basic monitoring and health characteristics, as well).
- Outright management, monitoring and diagnostic tools and software designed specifically for wireless applications.
Because the consoles and capabilities that relate to the first category (setting up and using wireless network gear) are as varied and many-featured as the hundreds of vendors that offer such gear for sale, I really can’t do justice to this category here. What I can do is point out that management consoles, plus installation and configuration utilities, are inherent to setting up and using any wireless access points (and hence, all wireless networks), so working with these tools, while inevitable, also means learning about their specific management and reporting capabilities on a case-by-case basis. There are simply too many to cover here, so this article concentrates on the second category, which includes a variety of software and tools designed to work with standards-based wireless networks irrespective of the vendors whose access points, interface cards and Internet gateways may be in use. This category is further deconstructed in the next section to explain what kinds of offerings readers will find.
Vendor-Neutral Wireless Monitors and Tools
The items that fit in this category work with nearly all kinds of wireless networks, especially those that permit data that adhere to the RFMON specification to be acquired, interpreted and analyzed. It’s an interesting mix of gear and software that includes:
- Protocol analyzers or sniffers: These are tools that can grab and interpret the shape and health of wireless network traffic at a macro level, as well as look into the content of individual wireless packets at various levels in the protocol stack.
- War-driving tools: Wireless vulnerability scanners that aim to locate, identify and attempt to listen in on (or join up with) wireless networks.
- Vulnerability assessment tools: These are t