S 2.145 Requirements for a network management tool

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: Administrator

In order to be able to provide efficient network management, using a network management tool is helpful. Currently, the market offers a large number of network management products that must all be checked regarding your own individual requirements before a decision regarding the procurement of a specific tool can be made. Here, the security requirements according to S 2.143 Development of a network management concept must first and foremost be met and the following items must be taken into account:

• The product must support the selected network management protocol (see S 2.144 Selection of a suitable network management protocol).
• It must be scalable, i.e. adapting the product to future requirements must be possible.
• It must support all network components present in the local network.
• It must support all network protocols used in the local network.
• It should be designed modularly so that integrating additional functions into the existing network management system later is possible without great effort.
• It should have a graphical user interface (GUI) so that the relevant information can be represented in a clear and comprehensible manner.
• If system management products are used additionally, integration with the network management in one interface should be possible in terms of a "single point of administration".

Along with all these requirements to be checked in general, the functional requirements for a network management system must be defined additionally. The following criteria provide an overview of the options in products currently available, but not all functions have been implemented in all products. Therefore, it must be defined which functions are required and which functions are not required before deciding on a product:

• topological representation of the network (e.g. also the option of integrating background graphics such as construction plans, etc.),
• selectable form of representation for the topology,
• topographical representation of the network (e.g. also the option of integrating background graphics such as construction plans, etc.),
• automatic detection and representation of the network topology and segmentation (automatic discovery),
• indication of the configuration of the active network components on port level,
• indication of the performance on port level,
• graphical visualisation of the active network components,
• interactive tool for the management protocol (e.g. MIB browser),
• simple navigation in the network management tool, e.g. with the help of zoom functions or enlarged sections,
• possible integration of a VLAN manager and graphical representation of the VLANs,
• intuitive use of the tool interface, particularly of the part that can be used to edit the topologic and topographic figures (e.g. with the help of Drag & Drop),
• indication of error and alarm messages though freely definable colours and according to self-defined criteria,
• distributed management option (client/server and manager-of-manager), and
• option for integrating and defining additional MIBs (private MIBs).

Review questions:

• Have the requirements for the network management tool to be used been determined?