Significance of JMAPI

JMAPI is a set of extensible objects and methods for the development of seamless system, network, and service management solutions for heterogeneous networks. This core set of application programming interfaces (API) can be used across a diverse array of computing environments involving numerous operating systems, architectures, and network protocols, enabling the development of low maintenance, heterogeneous software from a single source. JMAPI provides the user interface guidelines, Java classes, and specifications for developing seamlessly integrated system, network, and service management applications.
Add a note hereJMAPI provides a universal framework for network management tools that can be accessed over the World Wide Web. Unlike the actual protocol standards SNMP and RMON, which deal directly with communicating with network hardware and software in a uniform way, JMAPI is concerned only with creating a common interface for accessing network information through these and other network protocols. JMAPI provides programming support for the following features and services:
Add a note hereUser Interface Style Guide. Although the APIs do not impose a specific graphical view on the Java applet or application developed with JMAPI, there are style guidelines that can help. The User Interface Style Guide addresses the issue of how to develop Java/Web-based user interfaces that conform to the JMAPI standard for integrated management applications—something not all programmers are familiar with.
Add a note hereAdministrative View Module. Administrative View Module (AVM) is an extension of the Java Abstract Window Toolkit (AWT) for rapidly developing user interfaces (UI) for distributed management applications. It provides a set of components for building sophisticated graphical user interfaces, including image buttons, multicolumn lists, scrolling windows and panels, state button, toolbar, image canvas, convenience dialogs, and busy tool. There are also power components that enable developers to quickly build complex applications. These components include tables; hierarchy browser; and charts, graphs, and meters.
Add a note hereBase Object Interfaces. Base Object Interfaces support the construction of objects that represent distributed resources and services that comprise the enterprise environment. These interfaces can be used to create a very basic object description of a router, hub, or switch, for example. These can be further subclassed to create more specific objects such as a Bay Networks BayStack Access Node router, a 3Com SuperStack II Entry Hub, or a GDC APEX ATM switch.
Add a note hereManaged Container Interfaces. Managed Container Interfaces allow management applications to perform actions on a single group of managed objects, instead of each instance of an object separately. This permits management applications to scale upwards by allowing for multiple instances to be treated as one. For example, all types of routers—from a small 3Com OfficeConnect remote access router to the high-end Cisco 7500 multiprotocol router—can be classified as "routers" for the purpose of performing the same action on all of the devices simultaneously.
Add a note hereManaged Notification Interfaces. Managed Notification Interfaces provide the basic foundation from which more complex event management services can be built more easily. The model provides asynchronous event notification between managed objects or management applications. Event messages can be sent to a specified database or management station.
Add a note hereManaged Data Interfaces. Managed Data Interfaces support mapping classes and instances of the Base Objects to a relational database. These interfaces are implemented on the appropriate subset of the Java Database Connectivity (JDBC) specification. This allows the management system to store all state information about each of the objects across the network in a standardized database format for interaction with other applications. These interfaces also support a number of commercially available relational database engines.
Add a note hereManaged Protocol Interfaces. By itself, SNMP version 1 offers no security. JMAPI's Managed Protocol Interfaces implement classes that provide the infrastructure to perform distributed operations securely. These interfaces are built on existing Java interfaces for both security and distribution, providing methods for the secure transmission of management information across the enterprise network. The security system is based upon the Java Security API.
Add a note hereSNMP Interfaces. SNMP Interfaces extend the Managed Protocol Interfaces to allow extensions of the Base Objects to contain information obtained from existing SNMP agents. SNMP is the most prevalent management protocol—JMAPI is immediately useful for supporting SNMP agents, including those for RMON.
Add a note hereApplet Integration Interfaces. Applet Integration Interfaces allow application developers to seamlessly integrate their Java applets into the Java Management API. Developers can also choose an appropriate level of integration for their applets. These levels include: registered applets, registered management pages, and registered links.
Add a note hereThese components provide the overall structure for creating managed network environment of heterogeneous networks. They do not include specific objects, or protocol and system services specific to each type of device to be managed. This is the responsibility of network equipment vendors.


SNMP and Java

Add a note hereAlthough not a protocol, the Java Management API (JMAPI) includes a mapping to SNMP, enabling SNMP-enabled devices to be managed by JMAPI-compliant applications. JMAPI itself is only a framework for management systems. The protocol or standard supported can actually be anything, even RMON, as long as JMAPI includes the appropriate mappings. Sun has indicated that future mappings could include Common Object Request Broker Architecture (CORBA) and Common Management Information Protocol (CMIP).

Add a note hereOne vendor offering an implementation of Java classes for SNMP Version 1 is Advent Network Management, Inc. The company's Advent Java SNMP Package helps programmers develop SNMP applets and applications. With the package, developers can focus on using the Web and Java with the Advent Web NMS framework, and produce the best applications and solutions, instead of dealing with multiple proprietary platform vendor APIs and multiple operating system versions.

Add a note hereThe Advent Java SNMP Package is a group of Java class files that provide Java programmers a simple API for developing network management applets and applications that use SNMP version 1. Many different architectures are supported, such that SNMP can be used in the Web browser, on the server, or even on managed elements that have a Java Virtual Machine. Applets developed using this package can be loaded from the network or from local disks and run in any Java-enabled browser.

Add a note hereJava applets that are loaded from the network are usually restricted by browsers from connecting to any system other than the applet host. The Advent Java SNMP Package provides special support for applets loaded remotely via the network that run in browsers that have socket and file access restrictions. Via a Java program called the SNMP Applet Server (SAS) on the applet host (Web Server), applets can communicate with SNMP managed devices, and save and retrieve files on the applet host.

Add a note hereDevelopers can also use the Advent NetMonitor SNMP Applet Builder, which uses the SNMP Package libraries to communicate with SNMP agents. Advent NetMonitor lets developers visually build these applets without writing code. They can then use Java to add their own event handling code and components.

Add a note hereThe company also offers a Management Information Base (MIB) Browser Applet (Figure 1). MIB Browsers allow the user to view and operate on data available through an SNMP agent on a managed device, such as a router. To get a better view of the data available on the SNMP agent, a MIB file is usually provided with the managed device. This MIB file contains a description of the object hierarchy on the managed device, as well as the syntax and access privileges for each variable in the MIB.

Figure 1: Shown here is the primary window of the MIB browser applet. (Although the screen is taken from Windows 95, it looks similar in Netscape and on other Java-enabled browsers.) The applet includes fields for community, SNMP agent name or address (Host), value used for a set request, the current Node OID that is being operated upon, a chooser for the current MIB module, a list of children of the current node, and a text area to view query results. The operations allowed with the MIB browser are available through the series of buttons at the bottom of the applet's main window.

Add a note hereFigure 1: Shown here is the primary window of the MIB browser applet. (Although the screen is taken from Windows 95, it looks similar in Netscape and on other Java-enabled browsers.) The applet includes fields for community, SNMP agent name or address (Host), value used for a set request, the current Node OID that is being operated upon, a chooser for the current MIB module, a list of children of the current node, and a text area to view query results. The operations allowed with the MIB browser are available through the series of buttons at the bottom of the applet's main window.
Add a note hereThe Advent MIB Browser applet provides the capability to load and view multiple MIB modules, and traverse the MIB tree to look at the definitions for each node in the MIB tree. It allows the use of SNMP's get, getnext, and set requests to a particular variable in the MIB of an SNMP managed device. It also enables multiple real-time graphs of data on the managed device to be viewed as it changes over time. It also allows the user to view SNMP tables.

Add a note hereThe major NMS platform providers are planning to support Java. IBM subsidiary, Tivoli Systems, for example, plans to evolve its TME 10 framework into a Java-based architecture by mid-1998. The architecture will support JMAPI for enabling Java management applications to take advantage of the platform's back-end functions, such as event and alarm correlation and data management. Computer Associates plans to add the ability to control its Unicenter TNG management functions from a Web browser as well as the ability for Java applications to invoke its functions. Unicenter TNG is the company's object-oriented enterprise management framework.


Network management applications

Many interconnect vendors are using Java for building network management applications that can be accessed through Web browsers. Through hypertext-linked home pages set up by the vendor, network managers can use their Java-enabled Web browsers to launch various network management applications. Routers, switches, hubs, multiplexers, CSU/DSUs—virtually any network device—can be configured, monitored, and troubleshooted in real-time from any location. Applications that provide trend analysis and network reports, access to the vendor's technical support, and on-line documentation are also integrated through the Web browser so that configuration changes and network planning can be accomplished using real data instead of guesswork.

Add a note hereOne such network management framework—NetDirector@Web from Newbridge Networks—integrates core services such as discovery, topology, and event management offered by open platforms, such as HP OpenView and IBM NetView, and provides distributed network directory services that can be exploited by applications for policy-based management. Specific Web-based applications are bundled with NetDirector, Newbridge Networks' enterprise management solution that integrates with HP OpenView on Solaris, HP-UX, and Windows NT platforms. The NetDirector Home Page provides a directory for the network, hyperlinking all of the company's VIVID family devices to simplify network navigation. The home page reflects the status of all discovered VIVID devices to show, at a glance, the health of the devices and other useful information such as firmware version and events. The network manager can manage the network from home or on the road by hot linking to the devices. The home page also provides a method for the administrator to specify management policies, such as upgrading firmware and software across multiple devices throughout the network, or defining network behavior in the event of a broadcast storm.

Add a note hereBecause of Java's real-time capabilities, changes in the network status are reflected immediately, without requiring the network manager to reload Web pages. In addition, Java applets are loaded dynamically from NetDirector@Web servers so that the user does not have to pre-install or continually update the network management software on the system being used to manage the network.

Add a note hereAmong the Java-based applications that run under the NetDirector@Web framework is VitalStat, a network diagnostic and analysis tool. VitalStat analyzes baseline response times and other performance characteristics. When deviations are detected, VitalStat diagnoses the problem, attempts to isolate whether the cause is application, server, or network related, and recommends or initiates appropriate corrective actions. VitalStat has a Java-powered Web interface and provides anytime, anywhere management access via a standard Web browser. VitalStat uses intelligent agents that run in the network elements. As a result, it can follow the same path an end-user station uses to access a server in order to detect and diagnose problems. This enables more accurate problem determination for intelligent reporting back to the network administrator. While policies can be configured centrally and reports viewed from the VitalStat graphical user interface, the actual event detection, analysis and response can be addressed seamlessly by the agents themselves without requiring user intervention. Figures 1 to 4 illustrate some of the reports available.

Add a note hereFigure 1: Vital Stat shows the number of errors for selected servers at each node by time in minutes after the event.

Figure 1: Vital Stat shows the number of errors for selected servers at each node by time in minutes after the event. Add a note hereFigure 2: VitalStat shows percent utilization for selected servers at each node. This information can be used for performance baselining.

Figure 2: VitalStat shows percent utilization for selected servers at each node. This information can be used for performance baselining. Add a note hereFigure 3: VitalStat uses SNMP's RMON standard to identify a server's top talkers by MAC address in terms of kilobytes sent.

Figure 3: VitalStat uses SNMP's RMON standard to identify a server's top talkers by MAC address in terms of kilobytes sent.

Figure 4: VitalStat identifies how the traffic of a selected server is distributed by protocol. Among the protocols identified are IP, IPX, TCP, and UDP.

Add a note hereFigure 4: VitalStat identifies how the traffic of a selected server is distributed by protocol. Among the protocols identified are IP, IPX, TCP, and UDP.
Add a note hereNetDirector@Web uses several levels of security to control access to the network. The first level of security is a firewall. As NetDirector@Web is targeted for management of an intranet within a firewall, the firewall prevents unauthorized users outside the intranet from accessing the network.

Add a note hereIn addition, administrators can define a list of allowed users/hosts that have access to various management functions. This type of security provides greater control than offered by SNMP community strings. Telnet, FTP, and Web connections are secured through host access security and by user name and password authentication. Only the "root" user with a valid password is given access to certain administrative functions. Java provides still another level of security: it limits the operating system and resources that the application can access. Java also has virus protection to prevent viruses from attaching themselves to the applications.


Components of WBM | Web-Based Management

Components for WBM can be written in any language, including HyperText Markup Language (HTML), Common Gateway Interface (CGI) scripts, and Java.
Add a note hereHTML provides a standardized way to create pages of Web-based information and embed hyperlinks that lead the user to other pages. While HTML pages are usually static and textual, they can be made interactive by embedding graphics and active elements, such as Java applets and CGI applications, within the page. HTML is the ideal tool for displaying tables, such as network inventory details and IP address listings.
Add a note hereCGI is not a language: it is a protocol used to access database information. For example, a WBM application may need to display the current number of incomplete work orders. This data could be stored in the database of a proxy workstation. A CGI application written in Java or Perl can be used to query the database and format an HTML page to display the information.
Add a note hereJava is rapidly emerging as an important tool for managing an intranet through a WBM system. Java is an interpretive programming language. Java code is not compiled before run time but is interpreted by a Java Virtual Machine (JVM) at run time. JVMs are available for many processor environments and are included with some Web browsers, such as Netscape Navigator and Microsoft Internet Explorer, enabling these browsers to execute Java code.
Add a note hereWhile Java can be used to build standalone applications and does not have to be scripted for Web-accessible applications, the importance of Java for Web-based management systems is its built-in Web-enabled capabilities. Applets, self-contained Java programs, are sent from the server to a browser-equipped client where they are run locally (Figure 1). Other CGI scripting languages such as Perl, another popular language used for Web-based applications development, run on the server. The back and forth nature of Perl has the drawback of consuming processing resources and network bandwidth, which can inhibit the application's performance.

Figure 1: Java applets work in one direction: server to client.
Add a note here
Add a note hereApplets have browser-imposed security restraints that limit access to network resources and prevent access to local system resources, such as memory and disk. Thus, applets can be run on the receiving machine with minimal risk while ensuring network security.
Add a note hereJava applets, which can be served from both proxy and embedded Web-server WBM implementations, can be used for:
§  Displaying dynamic graphs that interpret network operations
§  Illustrating complex situations, such as interactive views of chassis hubs or modules of a stackable hub
§  Displaying real-time data that are updated from polling and traps
§  Adding graphics, including animation
Add a note hereBecause Java can produce applications that are portable across Unix, Windows, and other environments, a JVM can be embedded in an end device and the device agent can then execute Java code. This capability enables code to be ported across other devices with JVMs. A key facet of this capability is that the code can be distributed dynamically, ported from a management proxy to devices, and ported between devices or components within a device (Figure 2).

Figure 2: An embedded agent with a Java Virtual Machine.
Add a note here
Add a note hereThe use of Java within an embedded agent can increase management capabilities by enforcing policy-based management or security rules. For example, assume that an administrator wants to enable remote network access between 6:00 a.m. and 6:00 p.m. Traditional methods, such as SNMP sets, have been used to enforce such restrictions but at the cost of increasing network traffic and with the difficulty of scaling to handle thousands of devices. While a device-resident agent could perform this function, agent releases are typically infrequent. An embedded agent with a JVM could independently create the scheduling routine and dynamically distribute the policy to restricted devices, bypassing the need for an agent release.


Implementation Strategies | Web-Based Management

Two basic strategies for implementing WBM are evolving: the proxy solution and the embedded approach. While these methodologies are not mutually exclusive, each has its advantages.

Proxy solution
The proxy solution adds a Web-based server to an intermediate station (the proxy), which interconnects with the end devices that it manages (Figure 1). Users access the proxy through a Web browser, using the HyperText Transmission Protocol (HTTP), while the proxy accesses end devices SNMP. Usually, this approach adds a Web server to an existing management product, which optimizes functions such as database access and SNMP polling. This approach maintains the advantages of workstation-based management systems while adding flexible access to intranet data. Since the proxy communicates with all the managed devices, the administrator can view all or portions of the enterprise's networks, servers, and desktops, as well as such logical entities as virtual LANs. Since the proxy-to-device protocol remains SNMP, this approach also works with SNMP-only devices. However, the proxy technique does require a workstation.

Figure 1: The proxy solution for WBM.

Embedded approach
The embedded method actually installs a Web server in the end device. Each device has its own Web address, and the administrator uses a Web browser to visit the managed devices (Figure 2). This approach allows graphical management of individual devices. It is a simpler interface than today's system management tools and offers easier operation with no sacrifice in functionality.

Figure 2: The embedded approach to WBM.

Many organizations will probably end up using both proxy-based and embedded Web server capabilities. Large organizations will need the enterprise-wide monitoring and management capabilities that are available only with the proxy solution. The proxy solution can also manage SNMP-only devices. In conjunction with proxy-based servers, large corporations could also benefit from embedded Web servers because of their simple setup requirements and their ability to manage new devices.
The embedded Web server approach is especially well suited for managing small branch offices. These networks are relatively simple and typically do not require powerful management systems or need enterprise-wide views. Users at these remote locations usually are not familiar with device-control and network procedures. Embedded Web servers allow these users to become operational quickly with minimal instruction. Although the plug-and-play nature of Web-based devices simplifies installation and minimizes troubleshooting, they do not necessarily limit device-level capabilities.
A Web browser can communicate directly with networked devices using HTTP. The most common reasons for connecting directly to individual network devices include configuration and reconfiguration, simple status monitoring, and implementing specific corrective actions. For small networks, this approach alone might be a sufficient management solution; for larger networks, this approach will typically supplement more global tools in a variety of circumstances, including the final stages of problem resolution.To support large-scale management, however, devices will have to continue collecting and providing remote monitoring (RMON) and multilayer topology data. Critical network devices will need these capabilities to support network systems applications.
Managing an enterprise network requires the collection and correlation of voluminous amounts of data. This type of processing is still required in order to understand and manage the network. As the era of Web-based management unfolds, more of this processing can be distributed through Java. This network processing must include such functions as correlation and presentation of network statistics, automatic baselining capabilities, and a single common point for launching all network management activities.
The technology behind these advanced management functions is the intelligent agent—software embedded in network devices that collect both RMON and RMON2 data and multilayer topology information. RMON and RMON2 data provide a detailed view of the characteristics of traffic flowing through the network, while multilayer topology information provides the management application with detailed knowledge of the physical and logical relationships between networked devices. The multilayer topology capability is important for managing a switched network, while RMON is critical to the monitoring and troubleshooting of client/server traffic.


Applications | Web-Based Management

There are three fundamental applications where Web-based tools can provide a significant benefit: individual device configuration and management, browser access to sophisticated management applications, and corporate IS access to network status data.

Add a note hereDevice configuration
Add a note hereThe capability of configurating and managing individual devices via a Web browser is aimed at managers of small networks who may not have their own network management system. These users want to configure and monitor the devices on their networks as easily as possible, and perhaps even gain some remote device management capabilities as well.
Add a note hereThis can be accomplished by providing the equipment to be configured with an agent that includes a native HTML interface. The manager then enters basic configuration parameters for each device by completing a simple online electronic form. Remote monitoring of simple device statistics is also possible via the browser, using tabular and graphical displays of basic device information and performance.

Add a note hereAdvanced NMS capabilities
Add a note hereWeb-based access to advanced, network-wide management functions is an application targeted at enterprise network support staffs who already use network management systems. Their goal is to monitor the network, understand potential faults and alarms, and provide their users with continuous network availability. Network management solutions working in conjunction with popular platforms like Hewlett-Packard's OpenView, provide the foundation for these networks. Building on this foundation, Web browsers provide several low-cost options for easily accessing important information. For example, a staff member out on the manufacturing floor troubleshooting a network segment may need to access a particular management application. Through a Web browser running on any PC or laptop in the organization, the user could access the necessary functionality and continue the troubleshooting process, regardless of their location—saving time and effort.

Add a note hereNetwork status data
Add a note hereWeb reporting of network status information for access by IS management and others via the organization's intranet is aimed at those who do not necessarily operate the network nor get involved in extremely technical detail. Instead, their goal is to quickly obtain information about the state of the network, review trends over time, and receive notification of any potential trouble spots.
Add a note hereVarious people within an organization have different needs for different types of information. The Web can be used for distributing this type of information to people who do not have ready access to traditional management systems. Members of the finance group, for instance, may need usage accounting information, while database users may need to determine system status or submit an online trouble ticket and follow it through to resolution.
Add a note hereThe convenience of Web management is very appealing. A Web-based management tool is easier to use than the command-line interfaces of Unix systems. It is geographically independent and can be used from any notebook, desktop PC, or workstation with a browser to access network information. This also means network planners, designers, and managers do not have to load specialized client software on their portable computers. With a Web browser, they can access the network at any time—in any building, while traveling, or even at home.
Add a note hereWeb-based management offers several other benefits. In being able to access performance data and implement routine management tasks over the Web, companies with global networks do not have to distribute management platforms to every remote site. The Web's ubiquity also has the potential to reduce the cost of managing transmission facilities and services by eliminating the need for proprietary, high-priced equipment offered by carriers.
Related Posts with Thumbnails

Link Exchange