Technology and Foundations into the Wireless Network - Term Paper Example

MANAGING WIRELESS NETWORKS Insert Insert Since the inception of wireless management, many computers have been connected through the configuration amidst the increased technology in the software and hardware that come with it. The technology came with many problems that keep increasing in daily live. The paper presents wireless problems of connectivity, security, authentication and slow performance. The market is full of wireless management tools whereas the paper narrows down to the analysis of the network problems that arise in wireless network monitoring using the Observer platform. The report presents a literature review of the technology and foundations into the wireless network, management tools, and current problems in real life experiences. The report is so succinct that it offers a real life approach and presents screen shots from Observer during the operation of the system. Used in the study of the wireless management problem is the IEEE 802.11. Analysis of the architecture problems is presented as encountered during the lab session. The resolution, detection and management of architectural problems with the IEEE 802.11a, g, and b are easily and simply achieved using management platforms that are available. Important to note is that, other methods available for detecting, correcting such problems is available and may involve the use of measurement instruments in the laboratory. The wireless environment makes use of the Simple Network Management Protocol (SNMP). The Observer will provide functions such as the management of configuration, performance, accounting, fault and security. Network management is a function inherently dependent on defined standards. SNMP offers client interface, management agent, network management and information management. The activities undertaken in the laboratory included examination of the OBSERVER in use on the network system. The decision to make use of the Observer was because, the other applications do not offer much to the client and are enterprise-oriented. Their functionalities differ, and one would need all the available in market software to be able to analyze the problems inherent in wireless network architecture. The key important reason to using Observer is that it is open source. Observer is also very user friendly since it uses a web user interface in browsers to access and perform all the network monitoring, analysis and administrative functions. Secondly, analysis of the performance and the functions offered by OBSERVER was conducted. This included event management analysis and the ability to offer notifications for any changes that occur on the network. Thirdly, the functionalities of the OBSERVER were customized to check on the enhancement ability. Analysis was performed on the MIB categories and the collection of AP information. The study involved an AP that supports IEEE 802.11, NWN.11EXT-MIB, NWN-experimental-MIB and the NWN-SNMPGEN-MIB. Observer makes use of XML files to the management the SNMP collection of information. Moreover, Observer stores collected data that has an AP format for association and authentication. Observer also enables storage of other data formats like SNMP data collection, HTTP data, windows management instrumentation data collection, JMX, JDBC and XML data collection. Data collection from various sources and data types allows for a wider range of data analysis. Introduction Managing a wireless network is a challenge as requires powerful tools to deal with the ever-changing demand for sophistication. The switch from the wired networks to the wireless networks came with a raft of issues worth monitoring and if possible combating because they are a threat to the existence of a network. The invention and manufacture of the IEEE 802.11 was a great milestone in the hardware part of wireless networks. On the other hand, software has been developed to aid in the management of the configuration. The report below presents the management of wireless networks using the Observer platform. In relation to the real world problems associated with the wireless networks, the paper focuses on the connectivity problem, issues of authentication, factors affecting performance, and security protocols in a wireless network. Literature review Problems of managing wireless networks Problem of managing wireless networks emanated from various angles, for instance, inadequate coverage, failures in authentication, the intermittent connectivity and low-level performance. The problems are likely to have occurred as a result of the nature of wireless medium employed by a given organization, hardware and software errors in addition to poor access point to layout and device misconfiguration among other reasons that stand as a problem to the management of wireless networks in any given organization (OBSERVER, 2014). All the above issues possess great challenge to the administrators of the wireless network for they will have to ensure that there are effectiveness and efficiency in the system operation. This so as to ensure that they minimizes unnecessary expenditure or bring cost of managing wireless network as low as possible add at the same time ensuring that i6t is able to fully satisfy its customers demand at any given time. Among the problems that are encountered the managers of the wireless network will include some of the following issues as explained below. Connectivity Complaints are often launched by the end users of the system this might be because of lack adequate connectivity in certain parts of the building that is using the wireless connection networks. This can be as a result lack of signal in the building that had wireless network connection, change of the environmental condition affecting the coverage capacity of the wireless network. It is in a given building and frequent obstruction that might be caused by class of networks among other factors that might cause inefficiency in the operation of the wireless network in the building. The management of the wireless network will have difficulties trying to locate where the problem is found (OBSERVER, 2014). The management will be forced to increase the density of the network coverage in that particular building and also increase the power setting in that building in order to ensur5e that the building have adequate connectivity of the wireless connectivity. This not only an additional task to the management because it is its responsibility to settle the connectivity problem, but also the management of the wireless network will have to encounter additional expenses in terms of installation and labor cost in order to make sure that it fully satisfy its customers’ demands at any given time. Security Problem in wireless management network as far as a security issue is concerned actually do arise when employees accidentally compromise with the security of the system. They can actually compromise with the security of the wireless network by authorizing unauthorized individual into the system giving room to an external person who is not of the organizational family have access to whatever goes on in the corporate network. As a result of this, Confidentiality of any given organization that uses wireless networks is at a very high risk. This might be because of the poor configuration of wireless access points in an organization and also the management of the wireless networks not authenticating all the devices that are used in the organization. In addition, if all wireless networks are not properly authorized in any given organization that is if the organization the organization applies the default setting system that can be accessed by any other individual (BLAAUW, Gerrit, 1997.). This type of settings can highly exploit by attackers thus crunching the information that is not permissible to any other individual apart from a few authorized personnel in that particular organization. There the management of the wireless network stands greater risk of exposing its confidential information to its competitors thus facing a challenge of being shaken in whatever expertise that they will be offering or even somebody can use the site inappropriately. Among other measures that management need to put in place in order to ensure that security of the system includes the following; Wireless vulnerabilities Wireless networks have got certain basic components such access points that create connection to all organizational networks; this can create an avenue for attack that will definitely result to compromise of the security objectives of confidentiality, availability and integrity. Accidental association When an individual turns on his/her computer that is using a wireless network the network can accidentally connect to the nearby networks without even the user noticing. Therefore, company information can easily be exposed to outsiders, which are the breach of security regulations. Malicious association This is the point when crackers and get access to the company networks can reach active wireless devices. The crackers can use software’s that makes their network card look legit to access company network hence endangering the company information (AMRHEIN, D. & Willenborg, R., 2009). Ad hoc traditional networks These peer-to-peer networks between the existing wireless computers that do not have an access point among them. These networks do have little protection when it comes to security issues. Non- traditional networks These sorts of networks like Bluetooth among other devices are actually prone to cracking and need to be termed as a security risk. Wireless printers also and photocopiers machines ought to ensuring they are secure in order to ensure that the wireless network of an organization is well protected. Among another security, detail will include; network injection and Caffe latte attack. All this issue has to be taken into consideration in order to ensure maximum security of the wireless network in any given organization. Authentication problems Management of wires network has adverse problems in relation to authentication. As per information technology professionals, number of complaints is linked to the inability of the users to authenticate themselves to the wireless network. This might be as a result of lack of certificates or the certificates that are being used by the clients are expired, therefore, the management will actually encounter a difficult time in trying to cope up with its clients. Therefore, the management of wireless network will have to ensure that it helps its customers or clients to acquire valid certificate to boost their business transaction and simplify their operation. In addition, the management will also have to engage itself in diagnosing performance problems as far as wireless network is concerned and make sure that it is mandated to help clients to recover from the said authentication problem (CLEMENTS, Paul, et al., 2003). This is not only an additional task to the management but also the management will incur extra expenditure in order to ensure that it provides its clients with a valid certificate. In so doing to ensure that, it has properly eradicated the authentication problem in management of or wireless network. Performance This encompasses sections where a customer observes and even launches a complaint about a continuous drop in performance level. This could be because of congestion and interference for microwave oven or phones not corded among other factors that will jeopardize the performance of any given organization. In addition, Wireless interference has a greater impact on network performance and therefore giving management a hard time controlling in order to meet the set standards as far as performance are concerned. Furthermore Due to the variability and dependency on environmental factors or conditions, obtaining and effectively incorporating wireless interference into network management remains as a challenge to the management in addition, there is limited wireless spectrum and there is greater effects of wireless interference. Because of this, wireless users encounter many problems for instance lack of coverage, intermittent connectivity, low-quality performance and more so reliability (GRAY, D. DeWitt and J., 1992). The management of wireless networks lacks adequate tools to properly, diagnoses, configure, provide and make maximum use of networks, therefore, they often resort to manual trial-and-error. This is performed in order to check and control any other problem that they may be encountered hence making it very hard for management to produce quality work within the required time or meet the organizational set objective within a given period of time. Lab Session Connectivity Feature Description The link service monitor in the Observer gives the status of the link endpoint. Note that the endpoint is on node, which is comprised of the endpoint service. The performance and capabilities of the node are dependent on the availability of configurations to support it. This is achieved by ensuring that one of the conditions provided in the configuration allows the use of the node. In the lab session, the link status was provided as updates and shown on the map as shown in the Demo. To be able to achieve the functionalities as described above configuration of the features supported by OBSERVER link monitoring service including discovery, polling and correlation were done. The service monitors here use SNMP to determine the link status. Configuration The configuration of the Link monitoring service heavily depends on the devices available and the design use in the network. Bearing this in mind, the Observer was configured properly to fit the available configuration within the lab. Among the critical concepts examined, evaluated and configured in the session were the endpoint types (Ping or the SNMP), Poller and correlation (OBSERVER, 2014). Configure EndPoint Types The configurations here involved making use of the wireless network instruments in use. Detection and polling are important features that the lab session sought to analyze because they are frequently and challenging in the real life arena. Either the endpoint can be pingable or the SNMP match. The Observer uses a default file used for configuring the.XML as $OBSERVER_HOME/etc/endpoint-configuration.xml. Using the file, all the devices and endpoints were configured before determining and monitoring connectivity problem (OBSERVER, 2014). Ping EndPoint The feature was used to define a device, which has the pingable capabilities using the SNMP sysOid. This was done to determine enabling of the SNMP initially. .1.3.6.1.4.1.XXXX SNMP Match EndPoint For cases when there were multiple SNMP oids, checking was done to ascertain the status of individual endpoints. During and after polling, match criteria were analyzed to determine connectivity of the two points. Like below configuration was meant to calculate status of the different endpoints using or tags which are the nesting configurations available for use in the Observer software. .1.3.6.1.4.1.YYYY ^1$ Configuring the SNMP The SNMP community name was also configured to suit the host name noting that Observer does not support the use of the default “public” SNMP name for the community. SNMP-Config.xml was made use of to define IP address and community strings for the laboratory devices. Configuring the Poller Configuration for the Link Adapter Without the name of the endpoint, the link adapter will not know whom to communicate. The lab session tested cases where the endpoint had no names and cases where different names were used. The software returned the names as used in the configuration as will be illustrated more and shown by the screen shots from the demo screen (OBSERVER, 2014). link-$2-to-$1 Configuring Foreign Source That never marked the end of the connectivity test because, configuring the connection for the foreign source was important in order to monitor other outside plugins that are available. A detector service indicated availability of an endpoint in cases where there were endpoints and returned no values or a low status in cases where there were no links as illustrated from the screen shots below. Plugins used to detect the endpoints gave light alerts for presence and or absence of nodes. The nodes and their node labels, which matched the patterns, were determined by the configured OBSERVER to be endpoint, and subsequent status updated on the system every time there was a change. Performance/ slow data Observer provides a platform, which has capabilities of looking deeper into the performance, degradation in performance and spotting of issues, which affect service delivery. SNMP is a protocol supported by Observer came in handy in the lab session in management of wireless data communication. From the start of the session, it was made sure that the software provided supported the three protocols of SNMPv1, SNMPv2 and SNMPv3. The last option is a service that incorporates the use of high-security features used for detection, monitoring and giving alerts. The SNMPv2 from the lab session proved to be a good enhancer of capabilities and complexities of performance the platform can offer (OBSERVER, 2014). Some lab machines had already installed Observer software and those without made use of the yum install net-SNMP net-snmp-utils, which were proceeded by edition of the file/etc/snmp/snmpd.conf hence setting the community to be in a position to provide a default view. In addition, the configuration was able to enhance the way the platform monitored file system and the capacity. After configuring the default “public”, it was ensured that the Net-SNMP contains the entire MIB tree. View system view included .1.3.6.1.2.1.1 Owing to the fact that the lab machines have firewall software, configuration of the same was done in order to accommodate for traffic of the SNMP default port, which is the UDP port 161. After informing the Observer the community string of choice, the web user interface admin was configured. It was done by inputting the IP addresses valid for the community. By accessing the node list link Observer makes a choice automatically on the SNMP data, which needs to be collected. The demo has an entity for the generation of graphs and by clicking on it; the Node-Level-performance data will be displayed. Of importance to note from the graphs is that the graph tool makes use of stored data to develop graphs. For threshold trigger events, there was notifications send from the Observer system when threshold values were exceeded. This was possible because the Observer platform software constantly monitors the performance and compares it to the user the value that a user defined as the threshold. When the disk space is about to run out and risk losing precious information the tool will alert the server, and the user will proceed to clean up the disk for the next batch of information. For cases of low-performance rates, it can be obtained from the graphs as shown above. The Observer in its capability automatically detected new devices added to the system and carried on the purpose of monitoring and gathering of company data (OBSERVER, 2014). The event driven feature of the Observer is an important feature that makes it versatile in its use. In using the notification service, the lab session managed to unearth ways through which the Observer can be configured to send emails automatically as notifications. The event management capability included the SNMP traps to Syslog messages to TL/1, and of course, it is extremely easy when adding customized events. The traffic monitoring ability of the Observer helps in troubleshooting slow web pages and helps to position the network devices in a manner that is revenue oriented to avoid incurring losses. The ability to collect data of time series from the protocol designing of HTTP, JMX, SNMP and the WMI. It provided values for high and low thresholding while sending trigger alerts for other complex configurations. The report herein has details of connectivity, performance, authentication and security functionalities of the Observer but it is important to note that the functionalities offered by the software are many and cannot be exhausted in one lab session. Security Observer software allows for identification and monitoring of security threats in the network. Optimizing security of the network, a wireless network administrator should have an Observer software installed and configured properly. The administrator should first identify the threats to a network, come up with a way of doing away with the threats then finally put measures to prevent further attacks from the threats. Most common threats to wireless networks include malicious and accidental network associations, man-in-the-middle attacks, Denial of service attacks and network injections and unauthorized user access of a network (OBSERVER GROUP, 2014). Measure to ensure a secure wireless network using Observer includes: Configuration of Network Firewall Policy Firewall configuration determines the TCP UDP ports that are allowed for certain applications and the ICMP messages. Observer allows setting up of the port type, setting whether the connection from a specific port is inbound or outbound from the Observer server. The traffic for these ports is set as either "stateful" or "keep state". This sets the priority level of the traffic through certain ports. The two types of ports in the network are either UDP or TCP. Important UDP ports that should be configured to allow outbound connection from the Observer server, but not allow inbound connections include DNS port 53, SNMP port 161. SNMP Trap port 162, SNMP inform port 162 and Syslog port 514 should not allow outbound connections, but allow inbound connections to the Observer server. TCP connections that should restrict inbound connections but allow outbound connectivity include SSH port 22, FTP port 21, Telnet port 23, port 25 SMTP, POP3 port 110, IMAP port 143, Client port 1248, MySQL port 3306 HTTP port 8000, HTTP port 8080, HTTP port 8180. TCP port that should allow for inbound connections but not outbound connections include HTTP port 8980 and HTTP port 8443. This setting will allow for secure transfer of data through the ports without the risk of exposing the network to security vulnerabilities (BLAAUW, Gerrit, 1997.). Monitoring SSL Certificates. SSL certificates ensure that web pages transfer data securely over a network. Monitoring of SSL will ensure that the administrator of the network is warned on the expiry of SSL certificates. SSL monitoring is done through configuring Observer to detect and warn the administrator automatically. SSL monitoring is achieved through discovery using Capsd that will detect HTTPS SSL certificates on every node defined in the network and newly discovered nodes. To set automatic detection, the Capsd-configuration.xml in, /etc./openness is edited to include the following definitions: SSL certificate discovery can also be done through the use of Provisiond. To detect service in the network, a manual scan of each node is done using Capsd and automatic scans will be done at intervals of 24 hours. The figure above shows a security chart that details the number of alarms within a specified period. Outages on the network within the last seven days and the number of nodes, interfaces and services that is active within the network. Flap Detections using Observer Flap detection is the identification of irregularities in a network over a certain span of time. An automated detection of network violations and alarm generations allow for the administrator to anticipate and solve network issues in time and prevent some attacks on the network. An automated flap detection is done by editing the vacuumd-configuration.XML files can generate a new event and set up the interval check time (OPEN SOURCE, 2014). The trigger for the flap detection should also be set up in the configuration file. Example of a configuration file New events to detect faults in the network can also be created by including them in the configuration files found at, $OBSERVER_HOME/etc./events/newEvents.xml. Suspect events in the network being monitored by Observer are generated by Discovery process using ICMP pings. These suspect events are they monitored using Provisiond. New suspect are created through the administrator web console at the add interface for scanning. The figure above shows the events taking place in the network within the last hour, and it illustrates the severity, time, node, interface and service of the event. An IP address is typed and added into the list of suspected hosts. Subnets can are scan based on CIDR or subnet notations. Scanning is done without pinging them first to see if the nodes exist or not. This figure illustrates a surveillance scan of the nodes, access points and devices that are active in the network. Scanning will identify malicious IP addresses and node in the network. The IP addresses and node are blocked from accessing the network using firewall or IP addresses blocking using the Observer. Authentication Authentication in a network is very important since it sets access rules, user’s privileges and group privileges in a network. Authentication makes sure that unauthorized users do not gain access to a network, or regular users are not given administrative privileges that may lead to network corruption. Observer allows a network to set up new users, grant a certain level of privileges and restriction to them, setting user groups, and it also offers a centralized user authentication. To create access level restrictions in the network, access point information should be collected. Access level restriction is done through the Collectd daemon in Observer that collects data from all monitored device connected to the network. Collectd daemon calls the SnmpCollector program that will then collect SNMP data from devices that support SNMP (GRAY, D. DeWitt and J., 1992). SnmpCollector triggers node collector and Interface information collector that will collect the associated information and then store them into a round robin database (RRD). SnmpCollector will identify the device as either a node, the access point or both. When a device is an access point an RRD, access point file and access control files are generated. This information will be displayed in the Observer user browser. This information is very critical in setting authentication levels of the device in the network. The information is gotten through the following procedures: Initialization of the interface Create a SnmpCollector. Collection of system information and saving it to the round robin database (RRD). Map the device or object ID to the list of object IDs in the management information base. Collection of SNMP information. Saving interface information into the round robin database but first comparing it to data available in the management information base. Save NWN information into a file. The access point information is displayed. Displaying performance data. Authentication or the setting of access or deny access level to AP is achieved through setting the APs security category in the management information base (MIB) (WILLIAM ROSENBLATT, Stephen Mooney and William Trippe, 2001). To authenticate a device the following procedures are to be followed: Collection of access control information and saving it into the access control list file Display of all the access control information on the Observer user interface in the browser Update access control levels from the browser. Reading the updated AP information from the Java Server Pages Store the updated user control information to the access control of list file in the database. Setting read from the file and set the information to the management information base. The figure illustrates the list of all nodes including access points, device and objects. The system administrator of the Observer will deny or grant a new MAC access rights. The administrator is also able to change the access options of an existing MAC address. When changing access options is done, the Setd daemon of the Observer will write back and forward the information about the changes to the access point management information base so that the changes can reflect. Conclusion Observer is a very powerful tool when management the wireless network is an issue. It provides features like polling, constant monitoring correlation and provisions for customizing the use of the tool. These features make the Observer a flexible, reliable and a tool the achieves sophistication. Availability on open source makes it is worth the weight because of its versatility. Comparing it with another software available on sale stores, it is up to the task because the developers do not have the money factor in their mind. By grasping the basics on the operation and use of the Observer, users have one of the most interactive interfaces for use. Reports capability of the tool, email notifications and alerts make it a platform for monitoring large company networks without fail. List of References AMRHEIN, D. & Willenborg, R. 2009. Cloud computing for the enterpris. [online]. [Accessed 9 OCT 2014]. Available from World Wide Web: < HYPERLINK "http://www.ibm.com/developerworks/websphere/techjournal/0906_amrhein/0906_amrhein.html" > BLAAUW, Gerrit. 1997. Computer Architecture – Concepts and Evolution. Massachusetts: Addison-Wesley. CLEMENTS, Paul, et al. 2003. Documenting Software Architectures: Views and Beyond. Boston: Addison-Wesley. GRAY, D. DeWitt and J. 1992. Parallel Database Systems: The Future of High Performance Database Systems. Communications of the ACM. 36(6), pp.85 – 98. HANSEN. 2000. Engineering Systems. [online]. [Accessed 4 OCT 2014]. OPEN SOURCE. 2014. Adventures of open source. [online]. [Accessed 21 OCT 2014]. Available from World Wide Web: < HYPERLINK "http://www.adventuresinoss.com/?cat=8" > OBSERVER. 2014. Installation: yum. [online]. [Accessed 21 OCT 2014]. Available from World Wide Web: < HYPERLINK "http://www.Observer.org/wiki/Installation:Yum" > OBSERVER. 2014. Performance tuning. [online]. [Accessed 22 OCT 2014]. Available from World Wide Web: < HYPERLINK "http://www.Observer.org/wiki/Performance_tuning" > OBSERVER. 2014. QuickStart. [online]. [Accessed 22 OCT 2014]. Available from World Wide Web: < HYPERLINK "http://www.Observer.org/wiki/QuickStart" > OBSERVER GROUP. 2014. Observer management Application platform. [online]. [Accessed 21 OCT 2014]. Available from World Wide Web: < HYPERLINK "http://www.Observer.com/open-Observer-platform/" > TAYLOR, R. Fielding and R. 2002. Principled Design of the Modern Web Architecture. ACM Trans on Internet Technology. 2(2), pp.115 – 150. WILLIAM ROSENBLATT, Stephen Mooney and William Trippe. 2001. Digital Rights Management: Business and Technology. New York: John Wiley & Sons, Inc. Read More