(Name)
(Instructors’ name)
(Course)
(Date)
Network Management and Security A telecommunication Management Network, commonly known as TMN, is an infrastructure that provides interfaces for connection between several types of operating systems and telecommunications equipment, so as to manage the telecommunication service and network. This is from Glenn Warnock and Nathoo Amin (215). Also, it enables the functioning of the management information, which is exchanged through these interfaces. On the other hand, 5620 SAM is widely used for developing distributed systems, as it provides the infrastructure for interoperability of several object oriented management applications. With this application, the 5620 enables applications of operating systems to interoperate with the service access manager, allowing it to provide connections, isolate and manage network issues across an Alcatel network (225). With this, users can access management information transparently and independent of the hardware and software platform. This therefore enhances the portability of applications, which are developed across the multiple platforms of management. The principles and concepts of the TMN that can be matched with the features and functions of the 5620 platforms include the specification translation and the interaction translation. Redundancy is also an important feature. It is the automatic transfer of data network to stand by, and protects the network against hardware failure, software failure and connectivity problems. According to Kent Hudley (128), fault tolerance is also significant in the carrier networks so as to provide reliability and maintain the availability of the system, even under the conditions of failure. For this to occur, the 5620 SAM has to use the hardware and software for redundancy. It duplicates both the software and the hardware of the database and the server, to monitor active and back up components to ensure recovery from failure automatically. The 5620 SAM also protects the server from any form of failure in the database or the server software or hardware platform, also from connectivity issues, which isolate the server from the network (Hundley 132). Duplication in the 5620 can be achieved by using the out of band and in band management connections to protect from issues in the connection between the managed network and the server. The open standards and technology platform that support the development of 5620 SAM include the open standards; Simple Object Access Protocol (SOAP) and XML, the J2EE framework of Java, web service interfaces and multi-tier layering. The open standards are usually used widely. Their inclusion in the 5620 SAM supports interoperability with the other systems (Warnock & Nathoo 232). SOAP is usually designed to enable separate distributed computing platforms, which enhance interoperability, which is accomplished by using the same protocols like flexibility, simplicity, platform neutrality, firewall friendliness, as it can get past the firewall, due to using the HTTP protocol and XML based messaging (Warnock & Nathoo 240). The use of open standards enables extendibility and good support. It is also resilient; therefore it is unlikely that future modifications of this infrastructure will have any impact on the applications that use this method. J2EE is a technology, whose aim is to make the design and implementation of enterprise applications simple. With this technology, the low level services are already implemented in that it separates these services from the logic of the application, since they are implemented by other servers (Hundley 145). Additionally, it is well documented and easily understood, standardized and reliable. It is also flexible such that it can be deployed anywhere, with just a few minor changes. Its architecture, which has four tiers namely; client tier, web tier, business tier and enterprise tier, matches well with the architecture of the 5620. The functionality of the multi tier architecture is well defined, separate and can be coded quickly. It is also easy to maintain and used together with several components of vendor products. The scales of changes in the system are usually contained within the components that provide flexibility for expanding (Hundley 147). Furthermore, different components can be extended over multiple processors or replicated for execution on multiple processors. The web services are usually developed when applications export their XML interfaces across the web that allows remote components and web portals to have access to the services. The XML access to the 5620 SAM functionality allows third party vendors to create customized windows into the services of 5620 SAM. Brijendra Singh, in network Security and Management (68) states that most operations of the SAM are structured as reads and writes, to and from a registry and a domain account. Basically, the SAM client calls public SAM routines. These routines then call internal routines, which encapsulate the RPC. On the side of the server, the internal routine does most of the work. The 5620 SAM client uses the component interface, which uses the industry –standard protocols for communication between itself and the server. The client interface provides access to the SAM server and other networks. The client sends request to the server, so as to view and change data objects in the data model and perform operations on the network (Singh 72). The server communicates with the client as follows; first, the OSS (Operating System Software) on the client side creates requests in XML form for processing on the server. The schema files provide the XML interface and definition for data objects, packages the related domain objects together and describe the attributes and methods of the objects. The JML interface also works at this point. The SAM Graphical User Interface (GUI) sends a request to the server EJB session using the Java RMI, the functionality of the auto client uses HTTPS or HTTP for updates communication and file downloads (Hundley 152). The XML and JMS services run on the same physical station as the server, but on different JVM, which reduces the stack size for processing threads and supporting multiple simultaneous connections of the client. The SAM GUI and SAM-O OSS clients use the JMS channel to receive real time information of the network event from the server (Singh 78).

Fig.1: Illustration of the interaction between the SAM client and server, other networked devices and the database. The 5620 SAM network management system provides a flexible network access, which allows users to interact with the network on a per customer or per service basis, or even at the level of individual devices (Hundley 162). The ability of the 5620 SAM to link services, customers, equipment and faults provide the ability to manage a complex network efficiently, by making routine operations simple and permitting bulk provisioning. The 5620 SAM creates a data model of the network, which includes the relationship between services, equipment and customers. The main and auxiliary servers collect data from the managed devices and collate them for billing, troubleshooting, performance monitoring, alarm reporting and inventory at both the customer and service level (Warnock and Nathoo 258). The main server deploys user commands to the network and performs an independent function like device discovery and backups. SAM-E is responsible for element management, which provides service and network discovery, device commissioning, alarm management, performance metrics display and mediation for the OSS system. Additionally, it also offers the generic network element (GNE) management capabilities, which extend to service topology, common session launch and alarm collection to the premise of the customer equipment, which is attached to the Ethernet switches and Alcatel-Lucent IP router. This is according to Carr Houston, Charles Snyder and Bliss Bailey in The Management of Network Security (122). On the management of equipment by the SAM-E, when a physical equipment is discovered, the database of the 5620 SAM is populated. It is then resynchronized with the database and its content is matched with the content of the physical device database. Thereafter, it is configured when clients send requests to add new equipment or change the existing one. The server then makes the changes to the data model and installs the updates on the relevant nodes. The network configuration is supported for LSP, MLSP and service tunnels, as well as routing protocols like ISIS, RIP and BGP, which are requested by the client and installed to the network (Bailey et al 132). Moreover, new nodes can be discovered automatically through server polls or on user request. If a new equipment or node is discovered, it is added to the data model and set to a state that is managed.

Fig. 2: Illustration of the virtual connections of a network
CE-Customer Edge
PE-Provider Edge
P-Provider Router The customer edge device (CE), provides access of the customer to the network of the service provider, over a data link to one or more provider edges (PE).They are usually operated by the end users. They are used in the 2nd layer, as an Ethernet switch, therefore they do not have to participate in the protocols of routing, but they have to know the VLAN running in the network of the customer. The Provider edge device (PE) is a router that is connected directly to the CE. They are Label Edge Routers (LER) in a MPLS network. The Provider Router (P) is the core network provider. In the MPLS, the routers network provider is LSR.
The dynamic and static labels of switched paths are included, which are used to support services for subscribers. Therefore, the network can be tracked for its billing, performance monitoring, alarms, reporting and inventory. The Multi Protocol Switching (MPLS) alters the routed network to a network that is switched. It also provides efficiency in transport, which is not in a traditional Internet protocol (IP) network that is, routed (Bailey et al 156). Consequently, predetermined paths are established for certain destinations, rather than forwarding packets. It is these paths, the (LSP) label-switched paths, which make the MPLS work. For the static configuration, the static LSPs are not similar to static routes. The Label Switching Routes (LSR) and LSP are configured manually and since no protocols signal the LSP dynamically, the load on the LSR is reduced. However, if changes in the topology are made, then the paths will not adapt to the new network and as a result, the topology changes the black holes of the routing (Bailey et al 167). On the other hand, the dynamic update is a key set back, which should not be overlooked but used whenever feasible. For the dynamic set up, the dynamic LSPs use signaling protocol, which establish themselves and transmit LSP information to other LSRs present in the network. The ingress router can be configured with the LSP information, which is transmitted all through the network, when the signaling protocols are transmitted across the LSR in the network. Since the LSRs need to exchange and process signaling instructions and packets, the dynamic LSPs consume more resources than the static LSPs. Nevertheless, the dynamic LSPs can avoid the black holes on the network, like those of static LSPs. This can be done by identifying the changes in the topology and establishing new LSPs dynamically, to move around the failure. The service management capabilities of the 5620 SAM permit the operations staff of the network to prerequisite Virtual private LAN service (VPLS), which is the layer two multipoint service, Virtual leased line (VLL), layer two point to point service, Virtual Private Routed Network (VPRN), a layer 3 IP multipoint service, Internet Enhanced Service (IES), a direct internet access service from an IP interface for internet connectivity or VLAN services for subscribers (Kent 183). These service networks can then be tracked for billing, performance monitoring, reporting, inventory and alarms. The Network Operations staff can then track the managed data of the network, from the traps of the SNMP, traffic analysis data, billing and SNMP MIB performance data. The data is then rolled up and correlated using the business logic and the data model on the server (Kent 185). The 5620 SAM is a single management platform, which offers element, network, Layer 2 and layer 3 service management. The management system excels at streamlining the service activation, network commissioning, troubleshooting, maintenance, service activation and integration of the Operation Support Systems (OSS), which allows service providers to improve their level of competitiveness. The VPRN considers a provider network, like an IP cloud, where only nodes are part of the VPN description. It is a class of VPN, which allows the connection of several sites in a routed domain over a network managed by the IP/MPLS. All the sites usually look like they are connected to a private router meant for customers only, on the side of the users. However, the service provider can reuse the infrastructure of the IP/MLPS to provide several services at the same time. Each of the VPRN look like an additional routing instance for a service between the several PE’s are exchanged using Multiple Protocol (MP-BGP).

Works Cited
Bailey, Bliss, Houston, Carr H and Snyder, Charles. The Management of Network Security: Technology, Design, and Management Control. Upper Saddle River, N.J: Prentice Hall, 2010. Print.
Hundley, Kent. Alcatel-lucent Scalable Ip Networks Self-Study Guide: Preparing for the Network Routing Specialist I (nrs 1) Certification Exam. Indianapolis, IN: Wiley, 2009. Internet resource.
Singh, Brijendra. Network Security and Management. New Delhi: Prentice-Hall of India, 2009. Print.
Warnock, Glenn, and Amin Nathoo. Alcatel-lucent Network Routing Specialist Ii (nrs Ii) Self- Study Guide: Preparing for the Nrs Ii Certification Exams. Indianapolis, Ind: Wiley, 2011. Internet resource.