Unit-VIII: Network management and Security

Internet Network-Management framework

The Internet Network-Management framework is a set of standard protocols and tools used to
manage and monitor networks, including devices such as routers, switches, and servers. The
framework is based on the Simple Network Management Protocol (SNMP), which is used to
collect and organize data about network devices and their performance.

Two important components of the Internet Network-Management framework are the Structure of
Management Information (SMI) and the High-Level Information Base (HIB).

The SMI is a standard that defines the structure and syntax for managing data in network
management systems. It provides a standardized way of organizing and describing data about
network devices and their behavior, such as the configuration settings of a router or the status of
a switch port. This standardization enables different network management systems to exchange
and use data in a consistent and interoperable way.

The HIB is a conceptual structure that describes the types of information that can be managed
using SNMP. It provides a way of organizing and categorizing the different types of data that can
be collected and managed by SNMP, such as information about network interfaces, routing
tables, or system performance.

Together, the SMI and HIB provide a framework for organizing, collecting, and managing data
about network devices and their behavior. This information can be used to monitor and optimize
network performance, troubleshoot issues, and plan for future network growth and expansion

SNMP protocol

The Simple Network Management Protocol (SNMP) is a standard protocol used to manage and

monitor network devices such as routers, switches, servers, and printers. SNMP is part of the

1|Page
Internet Network-Management framework, and it is widely used in both enterprise and service

provider networks.

SNMP is based on a client-server model. A network management system (NMS) acts as the

client, and the network devices being managed act as the servers. The NMS communicates with

the managed devices using SNMP messages, which are sent over the network using User

Datagram Protocol (UDP).

SNMP allows the NMS to collect and monitor various types of data about the managed devices,

such as the device's configuration settings, performance statistics, and error messages. SNMP

defines a hierarchical structure for organizing this data, which is called the Management

Information Base (MIB). The MIB is a tree-like structure that contains objects that can be

accessed and

SNMP is widely used in network management because it is simple, flexible, and widely

supported by network devices and management systems. It provides a powerful and standardized

way to monitor and manage network devices, which is essential for ensuring the reliability and

performance of modern computer networks

Encryption- Basis for Data and Message Security

Encryption is the method of using a mathematical algorithm (cipher) to transform

information/data into an unreadable format (called cipher text). Its purpose is to ensure
privacy by keeping the information hidden from anyone for whom it is not intended, even
those who can see the encrypted data. Or Encryption is the mutation of information in any
form (text, video, and graphics) into a representation unreadable by anyone without a
decryption key. Decryption is the reverse of encryption; it is the method of using algorithm

2|Page
 that transforms encrypted information/data back into a readable format (called plain
text).Encryption and decryption require the use of some secret information, usually referred
to as a key. The key is what you use to "unlock" a message. Depending on the encryption
mechanism used, the same key might be used for both encryption and decryption, while for
other mechanisms, the keys used for encryption and decryption might be different.

Cryptography

Cryptography is the science of writing information in a “hidden” or “secret” form and is an very
old art. Cryptography is necessary when communicating data over any network, particularly the
Internet. It protects the data in transit and also the data stored on the disk. Some terms commonly
used in cryptography are:

Plaintext Ciphertext
Original
Encryption Decryption Plaintext

 Plain text: Plaintext is the original message that is an input, i.e. unencrypted data.
 Cipher text— It is the coded message or the encrypted data.

 Encryption— It is the process of converting plaintext to cipher text, using an encryption

algorithm.
 Decryption— It is the reverse of encryption, i.e. converting cipher text to plaintext, using
a decryption algorithm.

Secret/Symmetric/Private Key Cryptography

In secret key cryptography, a single/shared key is used for both encryption and decryption.
The sender uses the key (or some set of rules) to encrypt the plaintext and sends the
ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the
3|Page
 message and recover the plaintext. Because a single key is used for both functions, secret
key cryptography is also called symmetric encryption. Shared-key techniques suffer from
the problem of key distribution, since shared keys must be securely distributed to each pair
of communicating parties. Secure key distribution becomes cumbersome in large networks.

Public Key Cryptography

Public-key techniques involve a pair of keys; a private key and a public key associated with
each user. Information encrypted by the private key can be decrypted only using the
corresponding public key. The private key, used to encrypt transmitted information by the
user, is kept secret. The public key is used to decrypt information at the receiver and is not
kept secret. Since only the bona fide author of an encrypted message has knowledge of the
private key, a successful decryption using the corresponding public key verifies the identity
of the author and ensures message integrity.

Firewall

A firewall is a network security system that monitors and controls incoming and outgoing
network traffic based on predetermined security rules. The primary goal of a firewall is to protect
a network from unauthorized access and potential cyber-attacks by filtering traffic based on a set
of defined security policies.

Firewalls can be implemented as software or hardware, or as a combination of both. They

typically work by examining data packets as they pass through the network, and applying a set of
rules to determine whether the packets should be allowed through or blocked.

Firewalls can be configured to allow or block traffic based on a variety of criteria, including:

 Source and destination IP addresses

 Source and destination ports
 Protocol type (e.g. TCP, UDP)
 Application type (e.g. HTTP, FTP, SMTP)

4|Page
 Firewalls can be configured to operate in several different modes, including:

 Packet filtering: This mode filters packets based on their source and destination IP addresses,
ports, and protocols. It is the simplest and fastest form of firewall, but it can be less effective at
detecting and blocking more sophisticated attacks.
 Stateful inspection: This mode keeps track of the state of network connections and allows only
authorized traffic to pass through. It is more effective at blocking unauthorized traffic and
detecting attacks, but it can be more resource-intensive than packet filtering.
 Application-layer filtering: This mode filters traffic based on specific application-level protocols,
such as HTTP, FTP, and SMTP. It can be highly effective at detecting and blocking attacks that
use these protocols, but it can be more complex to set up and maintain than other modes.

Firewalls are an essential component of network security and are used in many different types of
networks, including enterprise networks, home networks, and cloud-based networks. They
provide an important layer of protection against cyber threats and help to ensure the privacy and
security of network user

5|Page