The Network Manager Component Area provides capabilities in five major functional
areas; fault management, configuration management, accounting management, performance
management, and security management.
| Criteria Number |
Criteria Description |
| 1.0 |
Architectural Characteristics |
| 1.1 |
The Network Manager should be capable of working in small (0-50 nodes), medium (50-150
nodes), and large (over 150 nodes) networks. |
| 1.1.1 |
The NM should be capable of handling the magnitude of management information that
could be generated in a large (i.e., over 150 nodes) network. |
| 1.2 |
The NM should be able to provide a hierarchical view of all devices managed by the NM.
This view should be represented as a hierarchical map that incorporates explodable icons,
which can spawn a sub-map that represents another level of detail. At the lowest level,
icons should represent specific devices from which status information can be accessed. |
| 1.3 |
The NM should allow grouping of devices based on functionality, location, security, or
any other user-defined category, and perform management on those groups. |
| 1.4 |
The NM should support manager-to-manager transmissions of: Access control information.
Devise status change information. Network configuration changes. (Others?). |
| 1.5 |
The NM should provide for functionality which is contained in separate modules which
allows the user to choose those functions required and avoid inclusion of non-required
functions. |
| 1.5.1 |
The user of the NM software should be able to make software configuration changes
(based on changes in the environment) without vendor technical support. |
| 1.6 |
The NM should be capable of distributing its manager/agent processes among multiple
network devices. |
| 1.7 |
The NM should be capable of running on multiple platforms. |
| 2.0 |
System Interface Criteria |
| 2.1 |
The NM should support a graphical representation of the network. Comment: This
requirement deals with the topology (e.g., token ring, star, bus, node, etc.) of any given
level of geography. |
| 2.1.1 |
The NM should support the ability to provide a hierarchical map. |
| 2.1.2 |
The NM should support the ability to represent unmanageable devices in the map. |
| 2.1.3 |
The NM should support the ability to show both physical and logical maps. |
| 2.1.4 |
The NM should support the ability to tailor the icons that represent the network and
network interfaces. |
| 2.2 |
The NM should provide an interface to access the information off of the Directory
Server when one exists. |
| 3.0 |
Security Features |
| 3.1 |
The NM should provide a means to identify and authenticate users via user
identification and passwords. |
| 3.2 |
The NM should provide user access controls. |
| 3.2.1 |
The NM should provide the capability to restrict access to applications. |
| 3.2.2 |
The NM should provide the capability to restrict access to files. |
| 3.2.3 |
The NM should provide the capability to restrict access to queues and other resources. |
| 4.0 |
Implmentation Constraints |
| 4.1 |
If Unix-based, the NM should support current POSIX requirements (FIPS Pub 151). |
| 4.2 |
If Unix-based, the NM product should use the X-windows standard. |
| 4.3 |
If Unix-based, the NM should support the Open Software Foundation (OSF)/MOTIF
graphical user style guide. |
| 5.0 |
Configuration Management |
| 5.1 |
The NM should provide the capability to define new managed object types. The
definition should include attributes, including the range and types of values to which the
attributes can be set. |
| 5.2 |
The NM should provide the capability to set SNMP parameters and process allocation. |
| 5.3 |
The NM should provide the capability to modify the relationships (i.e. roles) of
network resources. |
| 5.4 |
The NM should provide the capability to remotely examine device statistics, threshold
values, and Local Area Network (LAN) connections. |
| 5.5 |
The NM should provide the capability to specify initialization and shutdown procedures
for network devices. |
| 5.6 |
The NM should provide for graceful degradation and restoration of the network. |
| 5.7 |
The NM should provide the capability to verify each user's authorization for
performing either specific or categories of configuration management functions. |
| 5.8 |
The NM should be capable of reporting on configuration status. |
| 5.8.1 |
The NM should provide the capability of agent systems to report configuration changes
to their managers as these changes occur. |
| 5.8.2 |
The NM should provide the capability to poll their agents in order to determine each
agent's (or agent system's) configuration status. |
| 6.0 |
Performance Management |
| 6.1 |
The NM should provide the capability to monitor performance. |
| 6.1.1 |
The NM should provide the capability to monitor the workload of networked devices
(e.g., resource utilization). |
| 6.1.2 |
The NM should provide the capability to generate event reports as utilization
approaches capacity. |
| 6.1.3 |
The NM should provide the capability to report on other (i.e. other than utilization
capacity) events. The report should specify the event type. |
| 6.2 |
The NM should provide the capability to execute performance tests and to collect the
results from those tests inputted to the Diagnostic Testing Function provided under Fault
Management. |
| 6.3 |
The NM should provide the capability of monitoring resource allocations for any
resource on the network. |
| 6.4 |
The NM should provide the capability to set or modify resource attribute values. |
| 6.5 |
The NM should provide the capability to allow NM operators to specify performance
tuning methods. |
| 6.6 |
The NM should provide the capability to generate performance reports based on user
specified criteria. |
| 6.6.1 |
The NM should provide the capability to specify the format of all reports. |
| 6.7 |
The NM should provide the capability to test resource capacity. |
| 7.0 |
Fault Management |
| 7.1 |
The NM should provide the capability to monitor the events and errors. |
| 7.2 |
The NM should provide the capability to log events and errors, to record reports
within the managed system that generated the event, (e.g., logging) or error, and then
retrieve these reports remotely. |
| 7.3 |
The NM should provide the capability to forecast anticipated faults by allowing the
user to set thresholds, which represent performance limits of networked devices. |
| 7.4 |
The NM should provide the capability to activate diagnostic and testing procedures. |
| 7.5 |
The NM should provide the capability to report results from Diagnostic and Testing
procedures. |
| 7.6 |
The NM should provide the capability to analyze the results of diagnostic testing. |
| 7.7 |
The NM should provide the capability to report failures. |
| 7.8 |
The NM should provide the capability to terminate failures. |
| 7.9 |
The NM should provide Diagnostic Tests. |
| 7.9.1 |
The diagnostic tests should include Connectivity Tests. |
| 7.9.2 |
The diagnostic tests should include Data Saturation Tests. |
| 7.9.3 |
The diagnostic tests should include Data Integrity Tests. |
| 7.9.4 |
The diagnostic tests should include Protocol Integrity Tests. |
| 7.9.5 |
The diagnostic tests should include Connection Saturation Tests. |
| 7.9.6 |
The diagnostic tests should include Response Time Tests. |
| 7.9.7 |
The diagnostic tests should include Imaging Loopback Tests. |
| 7.10 |
The NM should provide the capability to request dumps. |
| 7.10.1 |
The NM should provide the capability to request statistic blocks. |
| 7.10.2 |
The NM should provide the capability to request operational status information of
managed network devices. |
| 7.11 |
The NM should provide the capability to track corrections to fault conditions. |
| 8.0 |
Security Management |
| 8.1 |
The NM should provide the capability to the NM operator (or security officer) to
permit or disallow access to security related parts of the network. |
| 8.2 |
The NM should provide the capability to archive and retrieve security related
information. |
| 8.2.1 |
The NM should provide the capability to create and delete security logs or audit
trails. |
| 8.2.2 |
The NM should provide the capability to read from and write to security logs or audit
trails. |
| 8.2.3 |
The NM should provide the capability to start and suspend logging or auditing
activities. |
| 8.2.4 |
The NM should provide the capability to monitor audit trails or security logs to
identify security violation activity. |
| 8.2.5 |
The NM should provide reporting and notification of violations or attempted
violations. |
| 9.0 |
Accounting Management |
| 9.1 |
The NM should be capable of recording and generating accounting information. |
| 9.1.1 |
The NM should be able to gather information regarding the duration of communications
resource usage. |
| 9.1.2 |
The NM should be able to gather information regarding the number of service data units
used. |
| 9.1.3 |
The NM should be able to gather information regarding the quality of service provided. |
| 9.1.4 |
The NM should be able to gather information regarding the reason for communications
termination. |
| 9.2 |
The NM should provide the capability of specifying accounting information to be
collected. |
| 9.2.1 |
The NM should provide the capability to specify accounting information based on the
definition of a managed object. |
| 9.2.2 |
The NM should provide the flexibility for the inclusion of optional attributes for
accounting (Accounting Management). |
| 9.2.3 |
The NM should provide the flexibility for new attributes to be specified by the NM
operator. |
| 9.3 |
The NM should allow for standard procedures to retrieve accounting information and to
manage the disposition of the accounting information. |
| 9.4 |
The NM should provide the capability for NM operators to select the format the
accounting information is to be presented to users, operators, and administrators. |
| 9.5 |
The NM should support the ability to read accounting limits for communications
resources. |
| 9.5.1 |
The NM should support the ability to set accounting limits for communications
resources. |
| 9.5.2 |
The NM should support the ability to change accounting limits for communications
resources. |
| 9.6 |
The NM should provide the capability to allow the NM operator to define metrics and
accounting information units for accountable resources. |
| 10.0 |
General |
| 10.1 |
The NM should be a COTS or GOTS product. |
| 10.1.1 |
The NM should have been used to satisfy NM requirements for at least one year in a
multiplatform environment. |
| 10.2 |
The NM should have proven performance, reliability, and availability characteristics
(e.g., mean time between failure, response time to user inputs) and the vendor should be
able to provide data supporting characteristic values claimed. |
| 10.3 |
The NM should have user manuals. |
| 10.3.1 |
The NM should have training support. |
| 10.3.2 |
The NM vendor should provide or make available product upgrades, new versions,
updates, patches, bug fixes, and maintenance releases to users, including options for
implementing the changes and associated costs for the various kinds of changes. |
| 10.4 |
The NM should have proven conformance to Human Factors Engineering (HFE) requirements
applicable to an operational command center. (Ref, USAF Human Factors Engineering
Guidelines) |
| 10.5 |
The NM should provide programmatic interfaces to support detailed NM requirements. |
| 10.6 |
The NM should have a proven and demonstrable installed base, where the network manager
products have been installed in DoD or non-DoD applications in which products could be
demonstrated. |
| 10.7 |
The NM should be structured into separate functional priced items to allow users to
choose the desired capabilities of the product base that satisfy their particular
requirements. |
