Network+ 3.1
Interface status: Speed/Duplex mismatch
A problem that occurs when neighboring devices are using different speed or duplex configurations and results in failed transmissions.
Interface status: Protocol Packet/Byte count
Can measure how, and how much, a interface is being used
SNMP OID
Consists of a series of numbers separated by decimal points. Each variable in the MIB corresponds to the OID.
Interface status: CRCs
Cyclical Redundancy Check. - An error detection code used to detect accidental changes that can affect the integrity of data.
Network Performance Metrics: Latency
Delay between request and the response, packet capture can provide detailed analysis.
Environmental Sensors: Electrical
Device and circuit load
Environmental Sensors: Temperature
Devices need constant cooling
Interface Errors: Runts
Frames that did not meet min 64 bytes - caused by collisions
Interface Errors: Giants
Frames that exceed 1518 bytes
Network Performance Metrics: Bandwidth
Fundamental network resource, details the amount of network use over time
Environmental Sensors: Humidity Level
High humanity promotes condensation Low Humidity promotes static discharges
Interface status: Link State
If the interface is up or down - Could be a problem on the other end of the cable
Interface Errors: Encapsulation Error
Inconsistent configuration between switch where 802.1Q trunking is connected to the old ISL
Interface Errors: CRC errors
Indicates that the checksum generated by the originating LAN station or far-end device does not match the checksum calculated from the data received. - The presence of many of these errors but not many collisions is an indication of excessive noise.
Interface status: Send/receive traffic
Interfaces can have Utilization measured, discard/packed drops measured, etc
Device Performance Metrics: Temperature
Internal sensors, can be an early warning of excessive utilizations or hardware issues
MIBs
Management Information Bases - The data base related to information gathered by SNMP
Device Performance Metrics: CPU usage
Measures performance of the processors, over all performance is based on these values
Baselines
Need to know how the network performs normally to see potential deviations from the norm
Logging Severity Levels
Range from informational, to critical - Severity can be used to filter what alert is seen
Network Performance Metrics: Jitter
Real-time media is sensitive to delay, jitter is the time between frames - Excessive jitter can cause you to miss information, causing "choppy" voice calls
SNMP Traps
SNMP requires constant polling, a SNMP trap can be configured on the monitored device - After a some set number of events, the monitored device will alert the manager device
SNMP Versions
SNMP v1 - Original, structured tables, in the clear SNMP v2 - Data type enhancement, bulk transfer, in the clear SNMP v3 - Message Integrity, authentication, encryption
SNMP
Simple Network Management Protocol - Used to collect system information from a remote computer - Contains a database of data, Management Information Base (MIB) - Database contains OIDs - Poll devices over udp/161
Syslog
Standard for message logging - Usually a central logging receiver, integrated into the SIEM - Each log entry is labeled
Device Performance Metrics: Memory
The operational resource, running out of memory is a fatal event
Uptime and Downtime
Uptime and downtime describes how long a website, computer, or other system has been working (uptime) or not working (downtime). - Need to know availability
Audit Logs
Used to record which user performed an action, as well as what and when - More specific then general traffic logs
Traffic Logs
Viewable traffic information from routers, switches, firewalls, etc - Identify traffic flows and summaries - Can be very detailed, and contain important historical information
Environmental Sensors: Flooding
Water and electrical devices don't get along
NetFlow
a tool used to gather information about data flowing through a network - Will have probe and collector
