Conquering new military network management challenges

Traditional CLI approachThe traditional approach to managingnetwork devices has been to use manualconfiguration interfaces, such as CLIs.However, using unique managementinterfaces for each networking device canresult in a lack of consistency betweendevices as well as a lack of integrationwith other applications. Further, configuringindividual devices by hand, evenaided by a central management console,is not a scalable approach due to lowproductivity levels and the likelihood ofhuman error.One approach to automating networkmanagement activity is to develop CLIscripts for the devices in the network,send textual commands to each individualdevice, and analyze its textual output.Fresh scripts are written and testedas new equipment is added. The libraryof scripts comes to implicitly embody allknowledge of the network. Maintainingthe scripts becomes an ongoing challengeand another opportunity to introducehuman error.To interface ad hoc scripts to consolidatedmanagement servers, such as NetworkManagement Systems or OperationsSupport Systems, requires a “mediationlayer” of adaptations. This is expensiveto develop and maintain. In addition,multi-box transactions are rendereddifficult by the lack of a standardizedscripting model for equipment from multiplevendors and the absence of lockingand other semantics needed to ensureconsistency and correctness of changesacross the network. A preferable methodis to formalize the network architectureand network elements into a completeand cohesive data model that is used byboth the management system and systemadministrators.SNMP poorly suited to configurationmanagementWhile SNMP is well established and workswell for monitoring network devices, it isnot a good solution for configuration management.First, SNMP operates over UserDatagram Protocol (UDP), an unreliabledatagram protocol. Second, SNMP usesa protocol-specific security mechanismrather than a standard method, increasingadministrator workload and complicatingnetwork architecture. Third, becauseUDP limits the maximum message size,large configurations cannot be sent in asingle datagram. Finally, although somevendors provide proprietary mechanisms,SNMP lacks a standard method to allowthe network to revert automatically to aworking configuration in the event of aconfiguration error. For these reasons,SNMP is rarely used in practice for writingconfigurations.IETF and automatedconfiguration managementThe IETF has acknowledged the needfor an improved standard for automatednetwork configuration. Therefore, inDecember 2006 an XML-based protocolcalled NETCONF was finalized (RFCs4741-4744). Equipment vendors and networkoperators are taking advantage ofNETCONF to facilitate scalable deploymentsof networks without the risks ofdisruptive configuration errors. Figure 1shows the structure and layers of theNETCONF protocol.NETCONF offers a number of compellingfeatures that lend themselves wellto the particular requirement of nextgenerationmilitary networks for a managementsolution that is secure, robust,facilitates a high degree of automation,and is standards-based and commerciallysupported.Improved network securityNETCONF is a Remote Procedure Call(RPC)-based protocol that uses XMLencoding for protocol messages andconfiguration data exchanged betweenmanagers and agents. XML requestsand responses are sent over Secure Shell(SSH), a persistent, secure, authenticatedtransport protocol. Encryption ensuresthat the requests and responses are confidentialand tamper-proof. In additionto a secure communication system,NETCONF requires devices to trackclient identities and enforce permissionsassociated with identities. This meansthat devices can be managed over anuntrusted wide area network, a distinctadvantage compared to other approaches.Configuration over a WAN has the furtheradvantage that network management canbe centralized through consolidation ofall management to a single site, but alsodecentralized as multiple sites can sharedevice management work.Single Print OnlyLayerContentOperationsRPCApplicationProtocolFigure 1ExampleConfiguration Data, , , BEEP, SSH, SSL, consoleRobust configuration changesNETCONF increases the robustness ofdynamic networks by providing built-insafeguards to ensure that configurationchanges are made in a valid and consistentmanner across all network devices.As depicted in Figure 2, a configurationchange will be initially written asa candidate and will only be enacted orcommitted if no errors occur. After a configuredinterval, devices automaticallyrevert to their original configuration,unless the change has been confirmed bya second, confirming commit. Administratorscan use this capability to testconfigurations that might potentiallydegrade or disable connectivity. If suchan error occurs, the confirming commitdoes not reach the misconfigured devicesand, after a timeout, the network automaticallyreverts to the original workingconfiguration.Policy-BasedNetwork ManagementNETCONF’s strength in transaction managementalso lends itself to Policy-BasedNetwork Management, an approach thatpromises to push the science of networkadministration to even greater levels ofautomation and efficiency in reacting to

Mil Tech Trends: Embedded net-centric warfaredynamic network conditions, but tendsto trigger frequent configuration changesand complex multi-step transactions. Forexample, NETCONF provides protocolmechanisms for locking configurationsand manipulating configurations in bulk.By locking and working on multipledevices simultaneously, a managementsystem built on NETCONF can implementnetwork-wide policies as logicalmanagement operations.WriteCommitTail-f Systems provides XML-basednetwork management software for enterprise-classand carrier-grade networkingequipment and plays an active role in theIETF Working Group on NETCONF.Tail-f’s ConfD software (see Figure 3)enables equipment suppliers to rapidlyimplement key management interfacesincluding CLI, Web UI, SNMP, andNETCONF with a robust infrastructureto meet rigorous requirements for highavailability and security. ConfD implementsthe same transaction model usedby the NETCONF standard for automatedconfiguration management acrossall management interfaces.CandidateConfigurationStoreDiscardChangesFigure 2LiveConfigurationStoreMaking the connectionMilitary networks are larger and morecomplex than ever before and are becomingincreasingly mission-critical underthe emerging doctrine of network-centricoperations. Enter NETCONF, which supportsautomated configuration managementand provides improved networksecurity, robust configuration changes,and Policy-Based Network Managementto help conquer the challenge.Carl Moberg isvice president ofengineering at Tail-fSystems. Prior tojoining Tail-f, hewas the cofounderand director ofproduct managementat ServiceFactory. Before joiningServiceFactory, he worked at Telia,where he was one of the principalarchitects of the company’s Internetservice platform. He can be reached atcarl.moberg@tail-f.com.Tail-f Systems+46-8-21-37-40www.tail-f.comConfD Core EngineOther DatabaseFigure 3© 2008 OpenSystems Publishing. Not Licensed for distribution. Visit opensystems-publishing.com/reprints for copyright permissions.