T 4.38 Failure of components of a network management system or system management system
It is possible for various components in a network management system or a system management system to fail. Some of the problems that this causes are described in the following section.
Failure of managed components
If components managed by a network management system or a system management system fail while the system is in operation, then, depending on the type of management system, this can result in the management information ceasing to be updated automatically. As a rule, for example in the case of network management systems, the system administrator is only informed of the failure of the component. If, for example, the failure of the component is observed or deliberately caused by perpetrators, they can bring their own computer into the system outside the LAN and pass it off as the failed component (IP spoofing). This computer can be used for further attacks whereby it has the rights of an internal computer (such as entering false management information).
Failure of monitoring components
If parts of a management system fail while the system is in operation (also unnoticed), then the system components monitored or managed by these components are no longer connected to the management system. New instructions from the management then cease to be implemented on these computers. The consequence of this is that inconsistent system configurations arise, which can then cause security problems.
Unavailability of the central management station
If the central management station in a network managed by a management system fails, the system can no longer be managed centrally. If the station is unavailable for a long period of time, for example because the hardware cannot be replaced at short notice due to missing maintenance contracts, routine functions such as data backup may no longer be performed. If uncoordinated manual alterations are made to the individually-managed systems, this will lead to inconsistencies and maybe even security problems.
Failure of network switching elements during the transmission of management information
When a management system is used to manage a computer network, it is necessary to exchange so-called management information between the individual components of the management system. The information is transmitted via the local area network. Local area networks usually (depending on the network technique used) consist of several subnetworks which are linked together by network switching elements such as routers. In the process, the network switching elements pass on data from one subnetwork to another. If the switching elements fail, this corresponds to the affected subnetworks being separated physically. It is then no longer possible to exchange management information. Yet there is usually a subnetwork which can still be managed from the management station in use at the time and a subnetwork which can no longer be managed. Depending on how long the switching element cannot be reached, this leads to inconsistencies and security problems.