Healthcare Depends on Quality Network Management
2010; Association for the Advancement of Medical Instrumentation; Volume: 44; Issue: 6 Linguagem: Inglês
10.2345/0899-8205-44.6.490
ISSN1943-5967
Autores Tópico(s)Quality and Safety in Healthcare
ResumoSound network management practices are critical to most businesses, and even more so in healthcare. Keeping networked resources available at all times is the most fundamental aspect of network management, but, as we'll see, there's a lot going on behind the scenes to make it happen. Network downtime can cost a business financially in lost productivity and performance. For healthcare providers with medical information technology (IT) networks—defined as any IT network that incorporates at least one medical device—downtime can also impact patient care and safety.Network management is further stressed by constant growth and change. New applications will always be added, and old ones will be updated and upgraded. The networks themselves will change as new technology comes along to keep up with the ever increasing bandwidth demand. Networks are not bulletproof: Things will go wrong, resources will fail, and users will make mistakes.These are among the reasons for the new network risk management standard, IEC 80001-1. The standard, approved this fall, defines the roles, responsibilities, and activities that are necessary for risk management of medical IT networks to address safety, effectiveness, and data/system security. It focuses on risk management's means and processes for the entire life cycle of the medical IT network. We'll save the details of IEC 80001-1 for another IT World. In this issue, we'll focus on the other main tenets of what comprises network management. In addition, we'll look into the operation of the Simple Network Management Protocol (SNMP) as a model and a way to learn how this is accomplished.While recognizing that risk management is the overriding factor, there are five other key factors for a well-managed network: fault management, performance management, configuration management, accounting management, and security management. Before we get any further, it's important to mention the amount and effect of human intervention needed by the network manager. As we'll see, network management utilities are not fully automatic or autonomous.Fault management deals with quickly identifying, isolating, and repairing network problems. Many times, it's simply knowing who to reach out to when there's a problem. There are network technologies available that can notify the support staff when network components fail or network managers when server issues arise.Known as performance management, there are also applications that meter network operational parameters to help keep an eye on network health and predict imminent failure. Performance management involves tracking important network metrics such as processor and RAM usage, use of specific applications, disk access, and network traffic. Network status and performance information should be monitored continuously. Ideally, fault and performance monitoring should be proactive in detecting problems. This information can be used to forecast future upgrade requirements as well as troubleshoot network performance problems. However, it's only as proactive as the network manager's response.Tracking this kind of information can affect configuration management as well. Configuration management deals with adjusting network and user configurations to optimize network performance and productivity. Tied to fault management, changing configurations can additionally help to isolate network faults.Accounting management has to do with billing end-users for the applications and network resources they use. Internally, this means tracking use to ensure that you have enough licenses for the number of people using a particular application.One of the most important aspects of network management lies in security management. This means protecting the network from unauthorized internal or external access. You are susceptible to intrusion whenever you have an Internet connection point to your network.Authentication is the most common security measure used. This is simply user identification with a password and an access rights list of what can and cannot be accessed. If you are not given specific rights to a restricted resource, you will not be allowed access. There are also security authentication devices that generate activation codes. Some authentication devices require a personal identification number to gain network access. The device will then generate a random one-time password that allows log in. This process prevents a hacker from learning and using your password to log into the network disguised as you.In addition, there are techniques such as iris recognition. This biometric authentication method uses pattern-recognition techniques based on high-resolution images of an individual's eyes. Once confirmed, access is allowed.Part of security management is preventing viruses and other malware that can invade, deter, or destroy network function. Firewalls and firewall management become important tools for security management to help keep intruders out of your network.All of these aspects of network management are crucial to efficient and effective networks. Active management of the aspects can be a lot of work, especially as the network grows and evolves. However, there is constant development of new products and tools to assist in network management tasks. SNMP is one of the most important of these developments and really started the shift to formalized network management.One of the earliest and still most common of network management utilities is SNMP. It was designed to work within the TCP/IP network operating system. TCP/IP stands for Transmission Control Protocol and Internet Protocol (IP). They were the first two networking protocols defined in the TCP/IP standard. Like many protocol suites, TCP/IP is constructed as a set of layers. Each layer solves a set of tasks involving network communication and the transmission of data. In particular, the layers define the operational scope of the protocols within. (See Figure 1.)SNMP established standards for collecting information and for performing the security, performance, fault, accounting, and configuration functions associated with network management. Examining SNMP is an excellent way to obtain an overall understanding of network management methods. Network management involves the use of various instruments to balance and optimize the network operation while keeping costs reasonable. SNMP provides the instruments and methods used for managing network device information. It accomplishes this with agents that run on each device to report back to managing systems.In 1988, SNMP version 1 (SNMPv1) was designed for the needs of the average IP implementer. IP networks are defined here as a collection of dissimilar networks joined together with bridges or routers. This initial implementation of the SNMP protocol became standardized in 1990. It operates over IP and the User Datagram Protocol (UDP). SNMPv1 is widely used and is the de facto network management protocol in the Internet community. It is the most common method by which network management applications can query a management agent using a supported management information base (MIB).There are three key components to SNMP:SNMP is typically configured to operate as either an NMS or an agent, but it can perform the functions of both. When a system operates as both, another NMS might require it to query its managed devices and provide a summary of the information learned. Another NMS might ask it to report its locally stored management information since it's also an agent.Managed devices are monitored and controlled with four basic SNMP commands:An MIB is a database of network performance data that is stored by a network agent for a NMS. It is comprised of managed objects (which are data or information pieces) and is uniquely identified by an object identifier (OID). An OID defines one of many specific characteristics of a managed device. OIDs are comprised of one or more “object instances,” which are the data, also called “variables.” For example, a managed object might contain a single object instance, such as an integer value that indicates the total number of input broadcast packets on a particular router interface. In addition, the MIB will know how to respond to standard queries issued by network management protocols.The SNMPv1 SMI (structure of management information) defines the MIB table structure to group the OIDs and their variables. Tables are indexed in rows in a way that allows SNMP to retrieve or alter a row with a Get, GetNext, or Set command.The MIB variables will contain statistics such as the number of packets dropped, packets sent, bytes sent, broadcast packets, multicast packets, CRC errors, runts, giants, fragments, jabbers, and collisions. The data might also list the numbers of packets by size in bytes. The MIB can record historical information such as: the sample period, number of samples, or what items were sampled. Alarms can also be tracked as they are derived from other data—NOT patient alarms; rather, network function alarms. The resultant alarm table portion of the MIB includes the alarm type, interval, and starting and stop thresholds. Information about the managed device will also be listed. This includes the host address and packet information in terms of who has it been communicating with. This is referred to as matrix information, and will have source and destination address pairs, and packets, bytes, and errors for each pair.SNMP commands are transmitted in a protocol data unit (PDU) format. Most SNMP PDUs are constructed as:The portions particular to SNMP PDU's are:There is also a trap PDU that has fields in it to send traps—or predefined status alerts—back to the NMS.The SNMP commands are further defined by specific message formats. There are seven types of messages that use the main PDU structure shown previously:Network management routines provide network administrators with comprehensive network-fault diagnosis, planning, and performance-tuning information. The use of this data is up to the network manager. It's also up to the network manager to configure alerts (set traps) to generally manage the network. The information provided allows the network manager to manage network configuration and to accumulate accounting and security related information. All of this information might contribute to an oversight risk assessment and management procedure as outlined in the IEC 80001-1 standard.In selecting a network management approach, the benefits must be weighed against costs, compatibility issues, and network requirements. SNMP is the most common method that provides for managing information about internetworked systems. An agent runs on each managed device and reports information to different NMSs. For example, if one of your servers is running out of disk space, you will want to know about it before it starts to affect your users.Information can be retrieved from an agent directly by requesting the information using a GET request. Information can also prompt the agent to send information to NMSs via a TRAP or INFORM message.In addition, NMSs can set information and parameters on the agent to change network configuration as needed. As listed in the earlier examples, the types of information that can be shared can be quite varied. It can be everything from basic network settings, statistics, and packet data for network interfaces to monitoring CPU load and disk space.This has been a high-level look at the basic network management components and methods. There is a lot more detail in SNMP not explored here: For example, SMI tables that list compliance and capability statements; the SMI table's MIB nodules that contain definitions of interrelated managed objects, and the detail outlining the difference between the three main versions of SNMP (SNMPv1, SNMPv2 and, especially, SMPv3). If interested, I recommend further investigation.Cisco has excellent information available at www.cisco.com: Search for the Internetworking Technology Handbook, where chapter 56 covers SNMP. There is also good information available from IBM: Go to www.ibm.com/developerworks/aix/library to utilize the technical library. While IBM covers a lot of technical information about its products, it can be useful to learn about how vendors approach and resolve particular network management issues that crop up. Happy hunting!
Referência(s)