Goodbye SNMP? Hello, WS-Management

Laoping writes "News.com has a story about a new Web services management specification designed to simplify network administration across a wide range of devices. A bunch of a big tech companies developed it together (Microsoft, Intel, AMD, Dell and Sun). Microsoft will build support for WS-Management into an update to Windows Server, which is due late next year, and in the version of its Microsoft Operations Manager management software due in 2006. The .PDF release, that makes it clear that it is meant to be a Simple Network Management Protocol killer. Now I am all for a replacement for SNMP, but is this the way go?"

wonder

[COMON$]

hmmm, I wonder if this will catch on as quickly as IPv6 has.....

Re:wonder

[NicolaiBSD]

There's no real incentive to move to IPv6, at least not in the western world, as there's plenty of IPv4 address space left. Apart from that there's also the perceived complexity of IPv6 (long hex numbers, so it must be more complicated than shorter decimal numbers).

If you've worked with SNMP, you know that it is a technically solid solution - low on resources, fast. However, SNMP _is_ complex. Finding OIDs in large MIBs, secure configuration, interpreting data are mostly difficult.

I give a technically sound, industry standard and less complex alternative for SNMP a good chance for quick adoptation.

Re:wonder

[dirvish]

Complex, and inherently insecure.

Re:wonder

[gmack]

I disagree.. the specification itself is so complex it's very rare to find someone who implemented it from scratch. That's why whenever there is a SNMP security avisory it tends to affect many vendors.

Why is it that every there's something new....

The moron submitting the summary says "goodbye [long established and well entrenched technology]". SNMP has been around for a very, very long time. No matter how much better this is, it will not replace SNMP any time soon.

Read the article about the 32-bit MCUs a few stories down for yet another example.

this page but without going blind

click

connect the dots

[Doc+Ruby]

Maybe it will be OK, if it uses persistent HTTP connections, which allow several requests and replies before terminating the transaction. Otherwise the ancient HTTP/1.0 message model is too limited to map all the messaging topology to the spectrum of object management requirements.

Re:connect the dots

[abigor]

Did I miss something? I didn't see any mention of HTTP 1.0, which is obsolete. 1.1 is what's far and away in the most common usage, and it allows pipelined requests.

That said, SOAP isn't necessarily confined to HTTP transport, though of course in all practical reality it is, for now. But there's no tight binding there.

Anyway, what does the transport have to do with the "spectrum of object management requirements"? Or am I just not understanding your statement?

Re:connect the dots

[abigor]

Yeah, that's what I thought. And HTTP 1.0 is obsolete. 1.1 has pipelined requests, which takes care of your concern, I believe, although I'm not at all sure it's an issue. What transaction are you talking about? Application transactions would be controlled at a higher level than the transport layer. Or do you mean the HTTP session?

In web services land, HTTP is just one type of transport. SOAP is decoupled from the transport, so I think your concern is unfounded. Can you give me an example of how HTTP will "constrain the features" of a web service call?

My company's app that I write code for every day is controlled via XMLRPC (kind of like SOAP without the steroids) over HTTP. Python has native support for it via xmlrpclib - very nice stuff to work with, I must say.

Anyhow, this stuff is here to stay. It's not new technology - fundamentally, it's just RPCs made using XML and HTTP. Pretty basic stuff, but very flexible and open. And already in widespread usage - Amazon and Google both offer nice sets of web services. So your curmudgeonly characterisation of them as "buzzword compliance" seems unfounded.

Re:connect the dots

[Black-Man]

I agree with the original poster. HTTP/Web Services seems a bad idea as a replacement for SNMP. SNMP is solely the domain of servers... but routers, switches and other network devices. And your laying this additional layer of abstraction onto something that is an extremely critical piece of network management. In other words... just something else that will fail.

I use Web Services too, within the context of Web Logic. There are so many unknowns and reliability issues under the hood. For simple http requests... no issues... but for something so critical, not yet.

Goodbye SNMP? Hardly.

[cablepHreaK]

SNMP is not going anywhere anytime soon, until the major network players adopt WS-Management (that's if they adopt it at all). Looking at the PDF there are some major players missing, Cisco, Juniper, 3Com, HP, to name a few.

War!

[nuclear305]

"Microsoft will build support for WS-Management into an update to Windows Server"

Clearly this is war! SNMP and M$-Management will battle it out for the top market share...oh wait...

Re:War!

[ADRA]

Well, its leagues better than the Windows Management framework with relied on the rarely used (outside windows) DCE-RPC.

At least there is a 'hope' of interoperability.

but the important question is ...

[Triumph+The+Insult+C]

will it be encumbered by patents? looking at the contributors, my guess is yes

snmp v3 works perfectly fine as it is. let's leave well enough alone

but, this will probably work out well for intel ... i mean, you'll probably need (by the time it comes out) at least a 3.8Ghz P4 and 2G of RAM

Re:but the important question is ...

[networkBoy]

Intel doesn't make RAM so the better statement would be:

you'll need a 3.8GHz P4 and a chipset with a mail co-processor built in.
-nB

Re:but the important question is ...

[justins]

snmp v3 works perfectly fine as it is.

Are you fucking kidding?

but, this will probably work out well for intel ... i mean, you'll probably need (by the time it comes out) at least a 3.8Ghz P4 and 2G of RAM

What an amazingly "Score: 5, Insightful" observation. It's almost enough to make a person believe that Intel doesn't sell more chips for networking and embedded applications than they do desktop CPUs. Which they do.

Re:but the important question is ...

[bluescreen]

"will it be encumbered by patents? looking at the contributors, my guess is yes "

Insightful? To me insightful would require actually having read the specification.
If you look at the spec, you'll see the answer to this question.

"Microsoft, Intel, AMD, Dell, and Sun (collectively, the "Co-Developers") each agree upon request to grant you a license, provided you agree to be bound by such license, under royalty-free and otherwise reasonable, non-discriminatory terms and conditions to their respective patent claims that would necessarily be infringed by an implementation of the Specification and solely to the extent necessary to comply with the Specification."

Cisco? Nortel?

[Linegod]

If I don't see Cisco and/or Nortel on the list, it's not going to replace SNMP anytime soon. Correction: _ever_.

.

What about WBEM?

[bnavarro]

I thought that the open replacement for SNMP was WBEM. Microsoft, in fact, has already implimented this, basically, as WMI, or Windows Management Instrumentation.

Anyone know why this is suddenly being pushed, and not WBEM?

Re:What about WBEM?

[Jah-Wren+Ryel]

Anyone know why this is suddenly being pushed, and not WBEM?

Because it sounds too much like a radio station.

Announcer: (in professional DJ as God voice) Listen in as the slashdot effects RAHWKS DOWN YOUR ROUTERS...
with DOUBLE-U BEE EEEE EHM!!!

Interesting to see...

[IGTeRR0r]

It's interesting to see such diverse companies developing a standard such as this: I can see Microsoft, Intel, and AMD working on something like this, possibly Dell, but why Sun Microsystems?

Re:Goodbye SNMP? Hardly.

[Alan+Cox]

Also on the folks churning out billions of tiny little devices. If you've only got 16K of RAM TCP is hard work let along management services while UDP is doable properly on a microcontroller.

but... but...

The real power of snmp is what you can achieve through scripting it - queries and updates etc.

That becomes nigh-on impossible with this WS-Management craziness.

Typical Microsoft - always thinking there is some pleb click-clicking away.

Imagine you have to change some rmon threshold on 400+ devices, or integrate this with the corporate asset database.
Now you get the picture.

Ever heard of CIM?

[ansonyumo]

CIM is a fine, object-oriented replacement for SNMP, is mature and has XML-based communications over HTTP.

http://www.dmtf.org/standards/cim/

Microsoft already has a CIMOM implementation in its WMI service, although it uses DCOM to implement RPCs. Sun also has a CIMOM implementation for Solaris.

I find it very strange that the WS-Management .PDF doesn't even reference CIM.

Re:Ever heard of CIM?

[Ernesto+Alvarez]

CIM is a fine, object-oriented replacement for SNMP, is mature and has XML-based communications over HTTP.

So what?

I mean, what that moronic thing of replacing everything with this xml-over-http nonsense?

Everyone is crazy doing the same thing, except it is now all on tcp port 80. It is even impossible to apply any kind of policy without lots of application level analysis because every moron in the world is using HTTP to do everything.

SNMP is fine, and if the only thing that those people are trying to do is map SNMP OIDs using fancy representations over tcp/80, they are hardly doing any service to most network administrators out there (myself included).

It's like everyone is crazy. I hope they do not repeat that SOAP thing (which for every practical reason I've seen is just a fancy way of doing RPC)

Bandwidth overhead

[embeejay]

Using webservices for something like this seems like an enormous bandwidth waste to me. Whatever happened to optimization?

Re:Bandwidth overhead

Optimization died a sad, sad death a while ago. The IETF has lost its mind and endorsed huge, complicated, design-by-committee protocols (IPSec, which mandates strong crypto in the kernel; IPv6 has been The Next Big Thing for over a decade and has gone through feature bloat the whole time; XMPP uses half-assed uncompressed XML for its network stack, resulting in overheads greater than 100% in many cases; etc.). The Web (and the W3C) brought with it a dramatic change from "Everything runs over a specially crafted protocol" to "Everything runs over HTTP, usually XML+SOAP". Along with that (though somewhat earlier as well) came "The Network Must Be Human Readable In All Cases", which is frankly stupid (maximum 7/8ths efficiency as the high bit goes out the window; note that TELNET and SMTP, for example, are human readable because they date from an era largely before dedicated clients, as opposed to now).

For some reason, usually while chanting "Moore's Law", CS has voluntarily shed most of the systems concepts that it ever espoused, and along with it most of the thoughts that, maybe, things should be both elegant and efficient. At CMU (with its widely praised CS department), for example, most CS majors are introduced to assembler in the most painful way imaginable - instead of having the beauty of the processor design and architecture explained, they are forced to carry out buffer overflow attacks on provided code and to wade through reams of assembler to reverse engineer compiled code. Not exactly a beautiful introduction to the topic.

It has become acceptable to chew up an ever increasing amount of resources to accomplish nothing that could not be done before. Usually it's coupled with talk of "it's easier", though I can't say I find the appeal of XML as a data exchange format (config files are fine; humans need to read those, sometimes). The effort (time and memory usage) to serialize and deserialize XML is orders of magnitude larger than a container designed for the context [contrast TCP/IP & BLOAT - yes, it's an RFC].

\rant{off}

The 'gotcha'

[Tenebrious1]

To ensure interoperability of devices and to enable any one console to manage any device, there will now be the standard default login "BILL" and password of "MOMONEY" for all devices. Users are not advised to change any passwords otherwise universal control will not be achieved.

I'm not sold

[KidSock]

I don't mean to pooh pooh this idea just because it's somewhat Windows specific but the only real advantage I see to this over snmp is that the delivery modes are more sophisticated and the data can be organized hierarchally. So why not just add builtin event notification to snmp? Otherwise using XML for something that should be a low-cost service seems wrong to me. System monitoring should be as small and SIMPLE as possible to reduce the possibility for exploits as it will likely be running with a high level of anonymous access on almost every workstation, server, and router in the organization. The whole thing smells of XML pixie dust designed to drive up requirements and thus sell servers and new software to go with. If you have a problem with snmp then fix it. Don't reinvent it with techniques that are expensive in clock cyles and exploits.

Re:I'm not sold

[nightfire-unique]

I don't mean to pooh pooh this idea just because it's somewhat Windows specific but the only real advantage I see to this over snmp is that the delivery modes are more sophisticated and the data can be organized hierarchally.

The SNMP MIB tree is hierarchical. For example, the "version" parameter of NET-SNMP can be found by querying:

ucdavis.version.versionTag

Furthermore, these names have corresponding OID numbers, which are universally unique.

So why not just add builtin event notification to snmp?

What, like SNMP traps?

Come on.. this stuff ain't new. :)

Wow.

[ARRRLovin]

I can totally see this standard easily integrating with the 1000+ network element monitoring and statistics gathering software package that I use right now. /sarcasm

It was a PITA enough just to get all of the devices reporting to the same polling engines. I can't even imagine going through and changing it all to some halfassed XML implementation. If they really want it to be an "SNMP replacement", they should just improve on what's already available. Make it compatible with SNMP but more powerful.

They still have work to do...

[LodCrappo]

This new protocol simply cannot be adopted until it's fully acronymic... I mean come on, SNMP and WBEM and even CIM have been fully acronymous for some time now, and this WS-Management thing still has an entire word spelled out in the name? That won't fly in my shop, no sir.

Not everything from MS is evil

[Fnkmaster]

This looks like it's supported by a number of industry players, and the specification is under a real patent-right-granting, royalty-free license, not like the junk that MS occasionally tries to "innovate" the market with. I'm not saying it will sweep the world or replace all the SNMP devices out there, but I'll give them an A for effort to play nicely on this one.

People are more likely to adopt standards that they can implement without getting sued or shelling out large quantities of money to be allowed to adhere to. Despite the comments about the protocol being heavier than SNMP (TCP based, SOAP envelopes, etc.) I think there are cases where a richer, more extensible XML-based syntax would be nice for this kind of application. Or maybe SNMP is "good enough" that adoption will be limited (hard to say without reading the whole spec and comparing), but I don't think crapping on it just because it's Microsoft is fair, at least during those rare moments when they are playing well with others.

Best take: Tim Bray's "Loyal WS Opposition"

[QuantGuy]

This has probably been covered elsewhere, but I found that Tim Bray's short essay on WS-Overload summed it up better than I could have:

"I'm going to stay out of the way and watch the WS-visionaries and WS-dreamers and WS-evangelists go ahead and WS-build their WS-future. Because I've been wrong before, and maybe they'll come up with something that WS-works and people want to WS-use. And if they do that, I'll stand up and say 'I was WS-wrong.'

Worth a look: http://tbray.org/ongoing/When/200x/2004/09/18/WS-O ppo

Re:Best take: Tim Bray's "Loyal WS Opposition"

[The+Bungi]

The problem with tbray's rant is that no one expects us to deal with the "insane WS stack". That's what frameworks are for. I expect that if I'm using Java, .NET, Python or Perl that I'll have some sort of structural wrapper around the stuff. I'll leave the nitty-gritty to Don Box and friends, who actually get paid to come up with these things.

Besides, the nice thing about standards is that there is so many of them to choose from.

The way it should be!

[Nautica]

rm -rf WS-*

Jabber instead

[hey]

I wonder if you could use XMPP (Jabber) to monitor devices. Each device connects to the server like a person IMing. It can easily send a message when something bad/good happens. You can have a roster (buddy list) of the devices you want to monitor.

Ummm...

[necro2607]

Doesn't this sound like the kind of solution that would be primarily software-based?

Despite that, the only largely software-based companies involved are two VERY proprietary-obsessed companies??

Meanwhile, what can AMD and Intel offer to such a solution? Since when are they involved in building new networking-related systems?

Also, someone else on here brought up the issue of patent-encumbered technology. This will *definitely* be an issue with these vendors/manufacturers, seeing as they'll all be interested merely in their capital gain as opposed to simply contributing to the general technological advancement of the internet/networks in general...

"WS-Management can also be used to manage things like set-top boxes and TiVo-like digital video recorders"

Yup, all containing AMD or Intel CPUs, running an embedded MS/Sun OS... now we see why the CPU manufacturers are involved...

Am I the only one getting sick of hearing about these new "great" proposals made by huge companies when their true intent is blatantly obvious? SNMP *works*, yet for some reason, as usual, some big company has to come along and try and run it over with their new crippleware, claiming it's the New & Improved (tm) version of whatever it was that worked just fine before...

What about JMX

[ghost1911]

Nobody else seemed to mention this yet so I thought I'd point out that Sun seems to be contradicting their latest monitoring framework:

JMX

By going along with this new specification. Network Management, monitoring, and other SNMP-like operations in Java are moving to the JMX or java media extension framework. In Java 5, the VM has JMX hooks built in for monitoring and control. Alas, I have to agree that SNMP is tired and old, but it still is in place in a lot of environments (and in routers, firewalls, and other hardware appliances) and is really easy to interface and use. I doubt this will catch on very quickly...

security considerations.

[fihzy]

How is it possible in this era of security issues that new standards are still being drawn up without security being a requirement?

Why should I or should I not quit SNMP

[thanasakis]

Ok, lets try to summarize why we like SNMP:
-Implementations can fit in a few kb memory footprint. I don't see web services beating that any time soon. (Oh, and not all the devices on the planet are 4Ghz P4's with a gigabyte of ram so it is still important not to be a memory hog on many areas).
-For relatively simple purposes, S(imple)NMP is almost as simple as it gets. Like say, for the monitoring of the temperature of a router, using something like web services would surely be overkill.
-There are many implementations for your favorite unix flavor. Probably best is the excelent net-snmp package. The 5.x version has many new methods of extending the main agent instrumentation through compiled in modules, dynamicaly loadable modules, external (pass) scripts, even embedded perl. Solaris 10 will be using the net-snmp package as part of the standard installation.
-The protocol is extremely efficient so there is little presure on the underlying medium. The PDU's are encoded in BER, so the implementations are abundant and quite standard. And yes, this is very very important because practicaly all versions of agents and toolkits are 100% compatible between them.
-Because the SMI is defined in ASN.1, there is no ambiguity in the structure of the management information. See previous bullet why this is important.
-There are excellent tools like HP OpenView NNM which can really simplify monitoring of even extremely large networks.

Now let's see some of its disadvantages:
-Poor security, corrected in version 3 (somewhat complex) but still most people use version 1 or 2c.
-Setable objects are IMHO a nightmare to use. For those of you who are reloading their router by setting sysUpTime to 0, I may seem dead wrong, but it appears that most people's safe bet would be just to log in to the machine and do the job they want. To generalize that idea, SNMP is unbeatable when it comes to monitoring things, but when it comes to actualy controlling things from away, it loses. Perhaps that is exactly the niche that those web services will complement (not replace!) SNMP.
-Extremely difficult to describe complex data structures using SMI. But then again I may be too impatient.

Lastly, though it will sound bitter, there is no clear evidence that web services or WBEM or whatever will be able to actualy help network administrators do their job better than they do it today.

And remember everyone, there is no big company that can necessarily know your job and your needs better than you, as much as they profess to. So on this matter we must not take the word of those who are trying to sell us the New Management Ubertool but on the contrary try to evaluate it in the real world and figure out if it actualy is usefull or not.

And that's my five cents for tonight.

Re:Goodbye SNMP? Hardly.

[ChilyWily]

I agree completely - however, I do wish to point out that ASN.1 and BER are a pain to code & maintain. XML is definitely an improvement, but I would argue its flexibility is what is going to fracture it. This is not putting down XML or its use, but on the so-called 'partners' who are involved in this 'deal' have an established pattern of adding their own 'extensions' which defeat interoperability and serve to enforce market share and not true integration.

If I were doing this, I would take the strenghts of SNMP (e.g., nice simple interface of get/set/walk etc). and make a HTTP style language for it. Extend the language for specific needs but don't make them optional. Keep the data and its overheads small and clean. And lest I forget, add a proper layer of security that may not have been important when SNMP came along but today is indispensible.

Re:WBEM?

[SpootFinallyRegister]

maybe i should clarify -- SNMP for a wide range of devices over a less-than-perfect network can be a nightmare. a lot of heavy iron (routers, PIXs, etc) support SNMP, but a lot only support v2 and v1 -- UDP.

when a piece of metal needs to be monitored from something that further than a piece or two of cat5 away, being forced into UDP can make SNMP borderline useless. did the packet drop, or is the network down? hmm.. ill use SNMP to see if its the network. hmmm, negative. did the packet drop, or is ... rinse, repeat.

add the lack of error protection, and SNMP can be very very frustrating. and sure, UDP will make it *most* of the time, but there are a lot of applications for SNMP where most just isnt good enough.

SNMPv3 does largely mitigate the problems by allowing TCP instead of just UDP. but, the reason for not replacing SNMP also holds SNMP back: a lot of the massive instaled base is in big iron, that does not support SNMPv3 over TCP.

basically, the more ive worked with SNMP, the more ive realized that the "S" is the key letter. it is fantastic for some quick chores ona local reliable network, but just plain doesn't scale. there is a vast array of management and monitoring problems that just arent simple enough for SNMP to handle well.

snmp v3...

[bani]

snmp v3 works perfectly fine as it is. let's leave well enough alone

considering most vendors are still using v1 or v2, that should be 'lets leave snmp v3 alone' :)

to be perfectly honest, SNMP is anything but simple. the only thing simple about it is the protocol itself. it then got buried under avalanches of proprietary MIBs, all partially overlapping yet all mutually incompatible. some only partially documented (or not documented at all). not only that, the insistence of vendors using funky proprietary data types (or worse, strings) when existing datatypes would work perfectly fine.

what was needed imo was a MIB guideline and 'retarded implementation' verification. to ensure vendors didn't create obfuscated and spaghettified MIBs.

If it guarantees delivery...

[joejoejoejoe]

If it guarantees delivery it would be much better. SNMP is udp and there is no way to know if the trap was recieved.

I've seen systems that are snmp based, where a cluster is used, and if the system has a fail-over many old traps are read again and alerted on. I think if the sending application can get an acknowledgement from the central app (netiq, netcool, compaq insight manager, tivoli, hp openview, etc) these type of false alerts would go away. When the sender can see the alert as a transaction it eliminates a lot of problems.

-Joe4

Re:Goodbye SNMP? Hardly.

[livetokill]

SNMP? what is SNMP ? Well SNMP is a "big thing" in the networking environment where all the big players develop their applications based on it for example Network Management Systems.

SNMP has evolved from time to improving from one version to another from data retrival to security.
Well its a well establised phenomenom and no one can change it in a day as most of the big fish in this business rely on it to satisfy their appetite.

Lots and lots of work is undergoin specially in SNMPs 3rd version as most of the companies have not established their products with version 3 support.It has proved to be an invaluable entity in my NMS and other NMSs in the market.
Take for exampe those net-snmp guys they have done some tremendous using snmp support(visit:www.net-snmp.org) for more details .
I really think SNMP has still got immense potential to be on the top provided some more research is undertaken.

Too heavyweight

[rips123]

There still seems to be a trend to XML-ize everything that I just don't understand.

If I was to build a cheap DSL modem, switch, IP camera or wireless gateway, I would probably be working with an 8/16 bit processor and limited memory to save money. In such a case, I would want to minimize my code and memory footprint and my CPU requirements.

Now lets look at XML. It is a bloated, complex, textual way of representing information. It requires some sort of a parser to read requests and storage of strings rather than individual bytes for response codes.

This sort of 'advancement' might be good for hardware developers peddling their latest wares with more RAM, flash and CPU grunt than their last release but from a technical and consumer point, I don't see there being huge advantages.

security issue

[radonix]

I think the idea is a good one, however it is prone to a security risk. A website has a domain name, these can easily be remembered and found by using a search engine. Now lets say you have this WS Management software, what good is it if it is run on a domain to control systems, because it could be searched and found out easily, this would mean that blackhat hackers would have an easy time finding out where to access the management software, and then they could proceed to gain access to it through exploitative penetration.