In my last blog, I wrote about what network management is and why it is such a large field. It does require a wide range of functions and in order to understand these functions better, people group them into categories, knows as FCAPS. FCAPS is an ISO model and stands for the Fault, Configuration, Accounting, Performance and Security functions that are required to manage a network. Let us explore this model further.
Figure showing network management functions categorized using the FCAPS model.
Reference: J Parker, white paper mentioned below.
F is for Fault
A fault is an event that shows a problem in the network. The aim of fault management is to detect, isolate, correct and log faults that occur in the network. It also includes trend analysis to predict errors so that the network always provides the service it intends to. In order to manage faults, we need a system to monitor the network and raise alarms. A basic alarm management system provides a list of alarms of alarms based on the network topology. Once the alarms are raised or network users face a problem, a ticketing system is required to manage the workload and priorities associated with the faults. An alarm only shows the symptom of a problem, a troubleshooting system is required to gather more information about potential causes that lead to the fault. This includes gathering more information about all devices involved in the path where the fault has occurred. Better fault management can be achieved by proactively keeping track of the network and predicting when a fault can occur. This can be done by injecting tests into the network to find a fault. It can also be done by analyzing historical fault data.
C is for configuration
For the network to do what it is supposed to do, it needs to be told what needs to be done in the first place. This is known as the network configuration function. The goals of network configuration management are to gather and store configurations from network devices (this can be done locally or remotely), to simplify the configuration of the device, to track changes that are made to the configuration, to provision circuits or paths through non-switched networks and to plan for future expansion and scaling. Often the network does not remain static, you may need to add or remove devices. Auto-discovery of network components and network topology building is helpful in such a case. One of the common problems that arises in a large network is managing and configuring IP addresses.
A is for Accounting / Administration
Accounting is also known as billing management. This is mostly for network service providers. The goal is to gather usage data and based on this a bill is generated. For non-billed networks, the A stands for administrative tasks such as user permission management
P is for performance management
Network performance management deals with efficiency of the network. The network performance function, addresses the throughput, percentage utilization, error rates and response times areas. Collecting and analyzing performance data helps in meeting SLAs and to do capacity planning. Like in fault management, one needs to analyze historical performance data to take care of capacity or reliability issues before they affect service requirement. One of the common problems is to monitor bandwidth to understand whether it is utilized prudently. Sometimes one needs to configure policies to give bandwidth priority to certain types of traffic such as VoIP calls. Once this is done VoIP monitoring can help ensure the calls meet the desired quality of service.
S is for Security
Security management involves managing the security of the network. One of its major goals is to manage security threats like hacker attacks, denial of service attacks, viruses and spam. In addition, security management consists of intrusion detection through monitoring traffic on the network, application of policies that limit the traffic or differentiates between different types of traffic and gives them different privileges, blacklisting ports with suspicious traffic and placing honey-pots in the network to attract attackers. Often firewall troubleshooting is required to resolve a security breach or threat.
In conclusion, I found FCAPS to be very useful in understanding various network management functions. However, we need to keep in mind that FCAPS is just a framework that helps us understand better. It does not drive product functionality or user need. These are based on the type and size of the network and the type of business. Many types of user needs may be solved using a single product functionality which may fall under different categories. For example, one of the functionalities is to test the functionality of a certain service. This can be used for troubleshooting. It can also be used for validating provisioning or to take performance measurements. This is exactly the reason why sometimes the same network management product offers functionalities that fall under different FCAPS categories.
Clemm, A. (2007). Network management fundamentals. Indianapolis, IN: Cisco Press.
Parker, J. (2005). FCAPS, TMN, & ITIL: three key ingredients to effective it management. [White paper].