The Emergence of Java Web-Based Management
Java Web-based network management promises to change the face of network management in much the same way that the Web changed client/server computing. Java Web-based network management will supplement and extend today's existing platforms and applications. Administrators working from Java-capable browsers anywhere on the corporate intranet will be able to access information and perform the full range of management tasks.
The first generation of Java-enabled network management products, including IBM's pioneering Nways Workgroup Manager for Windows NT, demonstrates the potential of Java Web-based network management over the corporate intranet. Using Java technology, Nways Workgroup Manager for Windows NT presents real-time and historical information and provides device status in real time for campus networks. Today, IBM's Nways Java Web-based network management is capable of managing small to mid-sized networks. IBM intends to expand to the campus through its AIX-based Nways Campus Manager network management offerings and, ultimately, across the entire enterprise.
A Winning Combination
Java and the Web make a natural combination for network management. Reduced to its essentials, network management consists of collecting and correlating information from varied network devices, notifying administrators, and enabling timely proactive interaction with the network. The widespread acceptance of the Internet and the corporate intranet have demonstrated how effective these electronic channels are for distributing information. Java, which already brings dynamic information to Web browsing and the intranet, enables administrators to access and work with network management information dynamically as just with any other type of information on the corporate intranet.
In contrast, some management tools, including tools from IBM, offer Web access over the intranet using passive HTML, CGI, JavaScript, VRML, and HTTP. These tools, however, provide access only to static network information. They do not allow administrators to easily view dynamic information or perform real-time management functions through the browser. With Java, network administrators using a simple, Java-capable browser can access real-time information from managed network devices easily and quickly.
Similarly, Java Web-based network management gives other people within the organization, such as planners and financial analysts, ready access to information otherwise locked in traditional management systems. This information includes statistical data, usage statistics, and billing/accounting information. Through a Java-capable Web browser, this valuable information is available for planning, cost analysis, and cost allocation in addition to network management.
Java Web-based management applications enjoy all the benefits of Java itself. The applications are portable and highly distributable over the network. Since Java applications run on the client machine, the load is reduced on the management application server, increasing the scalability of Java Web-based management solutions. Based on an object-oriented language, IBM's Java Management Applications are highly extensible and robust, making it easy to add new managed resources and devices and new management functionality.
Web-based access ensures that network administrators can access management applications over the intranet from any Java-capable browser and will be able to perform full management functions. No longer are administrators tied to large, costly, specialized network consoles. This will allow organizations more flexibility in the deployment of network administrators and ultimately reduce the cost of network management through better utilization of the administrators and reduced reliance of specialized consoles. For example,
if an administrator is responsible for all the routers at a given location, then you can define a page for that administrator that has a
hotlink to the Nways Workgroup Manager for Windows NT page representing each one of the routers.
As an open, standards-based approach, Java Web-based management will allow organizations to leverage their existing investments in hardware and platforms and associated training while they benefit from freedom of choice in their management platform and workstation operating system decisions in the future. This will enable organizations to reduce both hardware and administrative network operations costs.
Meeting the Network Management Challenge
Until Java Web-based network management, managing corporate networks presented several difficult and costly challenges. Often administrators had to use a different, specialized console for each management application. As a result, organizations had to invest in costly hardware and management platforms. Administrators required extensive training in the use of each specialized management tool, and they could not easily perform other management chores without additional training. As corporate networks grow, the number of administrators required and their deployment becomes a serious problem.
Java Web-based management, as it has been implemented by IBM, meets these challenges, delivering the following benefits in the process:
- Reduced need for large, central management servers and specialized consoles. By downloading functionality to the administrator's Java-capable browser, the client workstation running a simple, Java-capable browser is able to take over a portion of processing chores previously performed exclusively by the management server and specialized consoles.
- Reduced training. Java-capable browsers provide a simple, consistent user interface to all management applications, allowing administrators to quickly transfer their knowledge of network management from one application to another.
- Flexible, efficient deployment of administrators. With the ability to access management applications and data from any client machine on the network running a Java-capable browser, administrators can be deployed where it is most advantageous. They are not tied to a particular management console.
- Leveraging of management information. Through the use of Java-capable browsers, others within the organization have access to network management information for such purposes as planning, business analysis, and cost allocation.
In short, Java Web-based management helps organizations reduce the cost of network ownership while improving the efficiency and effectiveness of network administrators.
IBM's Java Web-Based Management Strategy
IBM's Networking Hardware Division (NHD) is implementing Java-based network management solutions to manage networks consisting of IBM and non-IBM devices. NHD provides adapters and hubs, remote access and router products, high-speed LAN and ATM switching systems, and wide-area frame relay, ATM, and SNA devices. NHD's network management solutions in general and Java Web-based management in particular represent a key element in IBM's efforts to lower I/T ownership cost and reduce the complexity of managing today's networking technologies. These efforts are coordinated with the work of Tivoli, an IBM subsidiary that provides system management applications and platforms for comprehensive integrated network and system management.
The NHD initiative is consistent with IBM's overall approach to Java, object-oriented computing, and network computing. IBM's overall goal is to create an effective network computing infrastructure robust enough to support reliable, high volume, electronic business. To achieve this goal, the strategy is to make Java the industry standard server platform, with its capabilities accessed via standard protocols and the JavaBeans standard component interface. To exploit this server platform, IBM uses Java Web-based clients and servers that can download management application functionality as needed and take over management functions from the central management server.
This downloading, or offloading, of functionality improves scalability by reducing demand for computing resources (storage, memory, processing) on a management server. Offloading these views to clients enables each server to handle many more devices, which reduces the need for more or larger central management servers as the network grows.
NHD's strategy is to provide scalable network management from the workgroup to the extended enterprise through the use of Java. At the low end, NHD introduced Nways Workgroup Manager for Windows NT, which included NHD's first implementation of Java technology. The Workgroup Manager supports networks of 200 network nodes or less. For larger networks, NHD offers its campus solutions, which run on either the Tivoli's TME 10 NetView or the HP OpenView platforms. In the near future, the object is for these campus solutions to provide Java Web-based management. For the enterprise, NHD intends to extend its Java Web-based management to WAN switches, such as broadband and frame relay.
By using pure Java technology as defined by Sun Microsystems, NHD intends to build highly portable Web-based management functions. The resulting downloadable Java applets are not limited to any particular operating system but can run in the client browser or anywhere out in the network, eliminating dependency on specific operating systems or platforms.
Since Java is object-oriented, it is easily extensible for today's dynamic computing environment. By building management functionality as Java objects, NHD could quickly add or extend objects to manage new types of network devices and deliver new functionality. For example, once an application is built for a particular Management Information Base (MIB), it never has to be built again, regardless of what application uses that MIB. In addition, through Java Beans, developers have access to a flexible set of building blocks for future applications.
Nways Java Web-Based Implementation
NHD's Nways Workgroup Manager for Windows NT is IBM's first implementation of Java Web-based management. It follows a three-tier model:
- First tier consist of the Java Management Application clients, which provide the graphical interfaces for users to access the Nways Workgroup Manager functions.
- Second tier includes the Java Management Application server, which provides the main management application logic and the data needed by the Java management clients.
- Third tier provides access to management information from the network or the platform.
The Java Management Application clients are implemented as Java applets. Applets can be launched from the Nways Workgroup topology display on the Windows NT server without requiring a Web browser. Applets can also be launched remotely by loading a Java Management Application on a Web browser. Any Java-capable (Java 1.1) browser can dynamically download the management applet into the browser's virtual machine and present the management interface from within the browser's window.
The applet running on the client offloads the management server as well as providing the user interface. For example, it may handle data validation and translation, including internationalization, which allows users in different countries to access the same management application server for the same managed device but to view the display in their own language. From the browser, administrators can access real-time information about the device and can perform the full range of management functions that they previously performed from specialized consoles, such as changing a configuration or reassigning ports. The clean separation of the Java Management Application client and server responsibilities allows user interfaces to be designed and enhanced over time without affecting the Java Management Application server.
The Java management server is implemented as a Java application responsible for integration with the rest of the management platform, the creation and maintenance of HTML pages used by remote browsers, and the processing of the bulk of the management application logic. The application logic is implemented as a set of objects, called models, that provide interfaces to access and control network devices in a protocol-independent way. For example, an 8210 Nways Multiprotocol Switched Services Server or an ATM port can be represented as a server model.
While the device models are protocol-independent, they rely on instrumentation objects to translate device information for a specific network management protocol. Currently, instrumentation objects have been defined for SNMP, but they can be defined for other protocols as well. It is even possible to embed a Java Management Application server in a managed device itself and to use instrumentation objects to access its management information locally. Isolating platform dependencies allows the flexibility to integrate the Java Management Application server with other management platforms in the future.
Java performance has been an issue that is being addressed. As a language, Java has experienced rapid performance improvements, which continue as the language itself and just-in-time compilers improve. Although only one browser (Sun's HotJava) supports Java 1.1 today, we expect other major vendors to have Java 1.1-compliant browsers shortly.
Security is always an issue when considering Web access. As the application is designed, the Nways Workgroup Manager for Windows NT handles security at a number of levels:
- Local access to the Nways Workgroup Manager and the Java Management Application functions is controlled by Windows NT's own security functions, which include user accounts, passwords, file and directory protection, and registry protection.
- Remote clients access the Nways Workgroup Manager HTML pages and Java code only through a Web server, which provides its own security to a greater or lesser degree depending upon the specific Web server and the security options that administrators choose to implement. For minimal security, Web servers should be configured to control access based on client IP address/hostname and user-id/password challenges.
The Java Management Application also supports HTTPS, the secure version of HTTP that provides Secure Sockets Layer (SSL) protection. This protection includes safeguards against eavesdropping, modification and playback attacks, and impersonation attacks. The Java applet, unlike an ActiveX component (which is not used in Nways), is designed to run only within a restricted area, called the sandbox, where it is isolated from the client platform. The Java applet also is unable to communicate with any other host except that from which it was downloaded. As a result, an applet would not damage the local system or the Java application server. In addition, network management typically takes place behind the firewall to prevent outside clients from sending requests to servers on the inside, adding another level of security.
Java Network Management Future
With the Java world advancing at an astonishing pace, Nways Workgroup Manager for Windows NT represents just the beginning of a comprehensive Java-based network management vision. IBM's strategy encompasses campus environments (Nways Campus Managers) and enterprise wide area networks (Nways Enterprise Manager). Under this strategy, the Enterprise Manager would provide support for the management and configuration of emulated LANs (ELANs), virtual LANs (VLANs), and switched broadband networks, such as ATM and frame relay. Ultimately, all Nways management products would be Java-based, making them portable to any platform running a Java virtual machine (JVM), distributable over the network, and accessible via any Java-compliant Web browser.
While the scope of the management function for the first release of Nways Workgroup Manager for Windows NT focuses on device management, the product architecture provides a solid base for expanding that functionality to embrace higher level management application functions. These include topology, fault, performance, configuration, and operations management.
The IBM strategy is to distribute data collection and as much management application processing as possible. Initially, data collection and processing will be distributed to objects running on servers near network devices. Over time, the data collection and processing can be distributed to any managed device that runs a JVM, resulting in a truly scalable management solution.
This strategy matches industry initiatives to address network and systems management through Java and Web-based approaches. The two most prominent are Web-Based Enterprise Management (WBEM) and the Java Management API (JMAPI). These efforts are still in their infancy, and it is premature to predict how they will fare in the marketplace. Instead of waiting to see which way the wind will blow, we are implementing a solution that meets requirements our customers have today. However, our approach is flexible, and we can and will adopt and adapt our solutions as necessary to continue meeting customer requirements.
Although NHD integrated its first Java Web-based management product with the Nways Workgroup Manager for Windows NT, IBM's standards-based Java object-oriented approach is intended to allow network management objects, their application relationships, and correlated events to be integrated into the overall systems management provided by systems management platforms, such as Tivoli TME 10, to create an end-to-end management solution that is both highly scalable and seamless. As Java and Web-based management strategies are implemented on these platforms, integration alternatives increase, especially through the use of JavaBeans technology, recently introduced in the Java Development Kit 1.1.
Finally, enhancements to the Java toolset offer many future opportunities. Java security enhancements are intended to permit Java Management Application client to safely operate outside the Java sandbox and to become more autonomous from Java Management servers. With JavaBeans, we can create reusable parts, which customers and third-party developers may use in visual application builders. This would not only increase the rate at which we could build management for new devices, it would enable customers and others to use and extend our components, which would further extend the scope of management functionality.
Java Leadership
IBM is committed strategically to Java. It has invested hundreds of millions of dollars in Java development and has more developers engaged in Java development than Sun itself. IBM's network management users are among the first to benefit from this investment through Nways Workgroup Manager for Windows NT with even greater benefits to come.
The bottom line: Nways Java Web-based management is designed to deliver flexibility, scalability, accessibility, openness, and ease-of-use necessary for organizations to optimize the cost of network ownership.