troubleshooting procedures, implementation guides, and the original white papers on all aspects of data networking technology. Knowledge bases can also exist in customized form for specific technology areas. These knowledge bases may be highly lucrative products for non-open system architectures.

Content 2.4 Network Management Tools 2.4.3 Performance measurement and reporting tools Cisco has developed numerous tools to manage and model network traffic flows. Each of the following management tools has a distinct purpose. The following sections examine each of the tools shown in Figures .CiscoWorks is the Cisco flagship network management product line. It delivers device level monitoring, configuration, and fault management tools. The CiscoView device management software provides dynamic status, statistics, and configuration information for switched products. The CiscoView Software graphically displays a physical view of Cisco devices, allowing network managers to monitor remote devices without actually physically checking them. This tool provides monitoring functions and offers basic troubleshooting. The CiscoView Software can be integrated with the following network management platforms:

Sun Microsystems SunNet Manager
Hewlett-Packard OpenView
IBM NetView for AIX

The CiscoWorks2000 Product Line offers a set of solutions designed to assist in managing an enterprise network. These solutions focus on three key areas in the network:

local-area network (LAN)
wide-area network (WAN)
service-level management

Although most CiscoWorks2000 offerings can be summarized into these three areas, advanced packages are also available such as CiscoWorks Blue, which is designed for managing a consolidated Systems Network Architecture (SNA) and IP network. Three CiscoWorks Blue packages are available:

CiscoWorks Blue Internetwork Status Monitor (ISM) provides mainframe operators with full visibility of a Cisco router network from a single mainframe console.
CiscoWorks Blue Maps provides dynamic views showing the state of the SNA protocols as they relate to the routed network.
CiscoWorks Blue SNA View provides an easy-to-use Web interface that takes whatever information an end user can provide and quickly highlights the probable cause of an SNA problem.

Another advanced package is the Cisco Netsys Baseliner, which is a simulation based planning and problem solving tool for network managers, analysts, and designers that allows offline test configurations and changes before committing them to a live network. Netsys Baseliner enables a network administrator to do the following:

Test configurations and changes offline before committing them to the live network. Cisco Netsys Baseliner for Windows NT creates a model of the network and checks for more than 100 common yet difficult-to-isolate configuration problems.
Graphically view the network as configured, not as planned or discovered. Baseliner gives the big picture instantly, allowing the user to visually navigate the network and gain a complete understanding of how it works.
Proactively monitor configuration changes. When problems occur, recent configuration changes are often to blame.

With a general move towards fully switched networks and the impetus to include voice traffic within the data network, a greater level of accountability for traffic traveling on Ethernet networks is required than has previously been the case. Additionally, because of the time and possibly financially sensitive nature of Voice over IP (VoIP) traffic and the breaking up of the switched domain into VLANs, it is desirable to monitor and record the statistics and flows of data from individual VLANs or ports in the network to judge the impact of each on performance. The Cisco Network Analysis Module (NAM) allows a network administrator to do all of this and also manipulate the network performance information captured to give real time analysis of network performance and advance warning of bottlenecks or failures within a network. The NAM is a module for a Cisco 6500 series chassis that contains hard drive storage to record information captured from a switched network from a number of Switch Port Analyzer (SPAN) sessions implemented on Cisco switches. The NAM can also be accessed via a Web based browser to give interactive information and reports on network performance and statistics based on the information captured.

Content 2.4 Network Management Tools 2.4.4 Event and fault management tools Event management
A protocol analyzer decodes the various protocol layers in a recorded frame and presents them as readable abbreviations or summaries, detailing which layer is involved such as physical, data link, and so forth. In addition, it displays what function each byte or set of bytes serves. Most protocol analyzers can filter traffic that meets certain criteria so that, for example, all traffic to and from a particular device can be captured. Time-stamped capturing of data: Time-stamped capturing of data will perform the following tasks:

Presents protocol layers in an easily readable form.
Generates frames and transmits them onto the network.
Incorporates an "expert" system, in which the analyzer uses a set of rules. These rules are combined with information about the network configuration and operation and are used to diagnose, solve, or offer potential solutions to network problems.

An example of a protocol inspector is the Fluke Optiview. Fault management tools include Pair testers and Frequency based certification testers. Pair testers – This category of tester is distinguished from a continuity tester by its ability to detect a split pair. A split pair is the simplest problem related to frequency that plagues network cable, and should be a minimum entry point for a network cable tester. If a cable passes the split pair test, it has a good chance of passing a basic Category 5 certification test. Frequency based field certification testers (cable analyzers) – The first generation of field certification testers usually offered selections for Category 5 cable types with a maximum frequency rating of 10 or 20 MHz. The second generation of field certification testers became available in late 1995, and offered 100 MHz testing. This generation of tester is capable of certifying Category 5 cable, but not Category 5e cable (both 100 MHz). The third generation of field certification testers became available in late 1997, and offered testing to Category 6 speeds or higher. The fourth generation of field certification testers is expected around 2003. It is likely to rival the accuracy of lab quality equipment, and with frequency ranges that include the proposed Category 7 (600 MHz) cable. Unfortunately, the size of the tester has been increasing with each new generation. A lot of additional electronics are required to perform the growing suite of tests at ever-greater accuracy levels.

Content 2.4 Network Management Tools 2.4.5 Policy management tools The Need for Policy-Based Security
Complex security technologies are necessary to protect highly available mission critical networks from corruption and intrusion. Of particular interest in the past few years is protecting geographically dispersed enterprise networks, which use a combination of public and private WAN lines to connect remote and branch offices to major centers. Intranets, extranets, Internet connections, WANs, and LANs each have unique security requirements. Many companies wish to extend their mission-critical applications to remote offices by way of an intranet, or communicate directly with industry partners, suppliers, and key customers through extranets. These technologies enable organizations to securely conduct business in today's open environments. Yet with all the advanced capabilities of today's applications, it is surprising to find