Summary

A network management system can be more than just a tool that reports the health and status of your network. It can be used as a security tool, providing insight into potential security risks before they reach a crisis stage. You should implement an NMS to provide insight into the habits and patterns of your network, which will allow you to better judge and forecast when events may be occurring that need to be examined in more detail.

The five areas for network management that provide us with the information we need are as follows :

• Fault management Allows us to identify and address faults that occur in the network.

• Configuration management Allows us to increase security by ensuring the integrity and function of our device configurations.

• Accounting management Allows us to determine what our users are doing.

• Performance management Allows us to understand the traffic patterns and habits of our network so that we can identify exceptions much quicker and easier.

• Security management This is the goal of this entire book. Security management allows us not only to harden the network devices themselves , but to use those network devices to harden the infrastructure in general.

Although network management is required to effectively run a network of any size , most network management protocols are insecure by design. However, we can use IPSec as an option to secure any TCP/IP-based network protocols, including the network management protocols our NMS uses.