Defense data network management system

Defense Data Network Management System Bruce C. Kim Georgia Tech Research Institute Georgia Institute of Technology Atlanta, Georgia 30332 2

Abstract l'he Defense Data Network Management System is described. The management system provides network management of defense related computer networksfor the armed services within the Continental United States (COWS). l'he architecture is discussed ffom the standpoint of the jlow of diagnostic information and the role of equipment and personnel. The hierarchy of the network management is discussed to give the overall picture of the network management system.

1

The processes in the DDN management system are organized in a hierarchical manner, as illustrated in Figure lI2J. At the top rests the Monitoring Center Equipment, which interacts with the Monitoring Center controllers. The Monitoring Center equipment then interacts with the Packet-Switching Nodes (PSNs) and other "monitored devices" on the network through a special network management protocol. Each monitored device is responsible for monitoring its own status, the status of non-monitored devices and communication lines connected directly to it, and the status on neighboring monitored devices. The non-monitored devices, most notably those on the long-haul Inter-Switch Trunks (ISTs), must then only communicate with their neighboring monitored devices.

Introduction

The Defense Data Network (DDN) is an operational packet-switched network designed to meet the data communications requirements of the Department of Defense (DoD). The DDN is available to subscribers throughout the Continental United States, Western Europe and portions of the Pacific region with near-term plans to expand into the Mediterranean and Panama 1'1. Presently, the DDN consists of four independently-operated subnetworks: MILNET, DSNET 1, DSNET 2, and DSNET 3. Three of these subnetworks (DSNET 1, DSNET 2, and DSNET 3) are for classified users, and are to be integrated into one single-shared subnetwork called the Defense Integrated Secure Network (DISNET). The DDN management system maintains network components and provide reliable service to DDN subscribers. The management system on the DDN is not a separately-standing set of components, but rather a set of processes embedded within the network components, the hardware and software at the Monitoring Centers, the personnel at the Monitoring Centers, and operations management.

Controllers Monitoring Center Equipment Monitored Devices Non-Monitored Devices and Telco Lines Figure 1. The Hierarchy of hardware in the DDN Network Management System.

2.1

The Monitoring Center ControllerInterface

The MC controllers monitor network status through the terminal displays, the Litebox and the Netlog31. The Litebox provides a quick view of the status of all network nodes and lines. The Litebox is an at-a-glance symbolic display that shows the status of all nodes, lines, and/or

375

0742-130W91$1.00 8 1991 IEEE

The System Architecture

hosts on the network. It gives MC personnel a quick, top-level idea of a network's status. The Litebox gets its information from the filtered output of the topology and status processors. The Netlog is a complete record of incoming error and event messages. The Netlog presents network messages to the controllers as they become available. It shows all events on the network with the more critical ones highlighted. The netlog is often printed on hardcopy as well as on a continuous screen.

2.2

The Monitoring Center Equipment

3.1

The Interaction of Personnel

3.2

'

Controllers

Monitoring Center Controllers are the central human support for the day-to-day network management of the DDN. The controllers monitor the network by interfacing with the network equipment, determine the presence of problems, and interact with vendors, management, and subscribers in response to the fault. The Monitoring Center Controller provides the base-level human control of the network. Faults detected by network hardware are presented to Controllers on terminal screens at the Monitoring Center. The Controller is responsible for the initial interpretation and diagnosis of faults. In this process, queries or additional tests may be directed via the MC equipment. In the current implementation, loopback tests on many ISTs require assistance from on-site personnel.

Monitored devices (particularly PSN's)

The primary monitored devices on the network are Packet-Switching Nodes (PSNs), although Terminal Access Components (TACs), Network Access Components (NACs), Protocol Access Devices (PADS), and some gateways connected to the network share the same capabilities. In the process of fault detection, monitored devices may detect faults within themselves, within adjoining non-monitored devices, or within neighboring monitored devices. These faults are recorded and treated in the context of Continuously Tracked State Variables (CTSVs) that indicate the status of all devices where the monitored device tracks faults. Changes in CTSVs are forwarded to a Monitoring Center. In addition, trap events within a monitored device may also be communicated to a Monitoring Center. Other information may also be recorded internally in a monitored device when a fault occurs.

2.4

Personnel in the DDN Management

The hub of interaction for the Network Management System is provided by the Monitoring Center Controllers. The controllers are responsible for contacting and interacting with almost all other personnel that must be involved in the correction of a problem. The other personnel include vendors and repair personnel, operations analysts, subscribers, and management.

The Monitoring Center equipment serves as the interface between the controllers and the network for obtaining additional diagnostic information about a particular fault, and for fault corrections that can be executed via the network (rebooting after a power outage, reconfiguration of parameters, etc.). In addition to these direct fault isolation functions, the MC hard disks also serve as a database of network information, recording the status and history of faults within the network, as well as configuration parameters, topology, and other network information. The MC equipment is also responsible for preparing reports for management.

2.3

3

3.3

The Subscriber Support Desk

The Subscriber Support Desk is a new position designed to act as a buffer between the MC Controllers and Subscribers. It is expected that this will allow Controllers to concentrate more fully on the task of fault isolation, and provide subscribers with a dedicated advisor for the resolution of problems. The Subscriber Support Desk interacts with subscribers, assesses problems, and provides advise and information as possible. When a subscriber inquiry indicates the possibility of a network fault, the information is passed to an MC Controller for investigation. The Subscriber Support Desk may also request information regarding network status from an MC Controller, when necessary to address a subscriber inquiry. The "tickets" are used to interface between the MC controller and the subscriber support desk. These tickets are prioritized to repair the most critical poblems first, not the first-come first-serve basis. The managers usually make the decisions to prioritize tickets for critical repair tasks, but the MC controllers prioritize tickets for normal repair tasks.

Non-monitored devices

Non-monitored network components are those that do not communicate directly with the MC. ISTs, local links, and all components on the trunk fall into this category. Information regarding their performance are communicated to the MC via a connected PSN.

316

3.4

the controllers in a timely manner. We must not forget the human interaction in order to have a trouble-free network. There must be an adequate personnel to handle the tasks and also crisis if any. Therefore, the network management system must have top level equipments and management to execute any problems in timely fashion.

The Workstation Automation

AT&T 386 and SUN workstations with windows software have been installed in the DDN monitoring center. The current SUN workstations provide the Remote Data Scope which has the capability to diagnose problems in the network from the monitoring center. Upon a controller's command on the SUN, he can instantaneously find out the status of the network in any part of the country. The current AT&T 386 machines are not totally integrated with the monitoring center. They are connected via Ethernet to be file servers. Two Micro Vax machines are already in place to increase the computing power of the monitoring center.

4

References [l] B. C. Kim and D. W. Browning, "DDN Fault Isolation Functional Description, " Georgia Tech Research Institute, Contract No. DAKFl1-86-D-0015, Atlanta Ga. 1988.

[2] Defense Communications Agency, "Defense Data Network Program Plan," Washington D.C. 1982.

Subscribers

[3] Bolt, Beranek, and Newman, Inc., "DDN Monitoring Center Functional Description," 1986.

Although subscribers are not intended to be a part of the network management process, they often become involved due to degraded network service or faults on the access lines between the subscriber equipment and DDN equipment. The subscriber may provide fault detection by observing degraded service, and reporting the degraded service to the Monitoring Center. The subscriber may sometimes assist in fault diagnosis and correction when the fault is determined to lie within the subscriber's scope of responsibility. Subscribers may also assist in confirming the correction of faults by observing a return to the expected level of service.

5

Management

Management of the DDN falls to two groups: Operations Management and Program Management. Operations management is responsible for overseeing the correct operation of the monitoring center, prioritizing tasks within the trouble shooting process, and managing unusual conditions as needed. Program management does not have direct involvement in the day to day operation of the monitoring center, but is responsible for correction of inherent weaknesses in the management system implementation.

6

Conclusions

The Defense Data Network management system was described. The prime objective of the network management is observability. The equipments and controllers must share the same responsibility to locate and diagnose the fault successfully. The equipments must provide adequate filtering of the network status and processing power to process this massive information to

377