Feeds

Is your network taking on a life of its own?

Meet the complexity challenge

Internet Security Threat Report 2014

Networking has always been something of a dark art, but you would have thought it would get easier as technologies mature. In fact, technology, along with users’ expectations of it, is making the network manager's jobs more difficult than ever.

Virtualisation and private clouds, combined with unified networking and next-generation data centres, are placing more demands on networks. At the edge, users are becoming increasingly mobile and working from different endpoints, adding to the challenges network managers face.

It doesn’t help that they are doing it manually, says Dennis Kennelly, vice-president of development and chief technical officer for Tivoli NetCool network management at IBM.

Surely some mistake

“You get 80 per cent of your problems when people start to make changes,” he warns. “Your run-of-the-mill administrator is running around with a set of scripts and configuring these boxes. They are highly trained individuals but they make mistakes, and these things are complex.”

The complexity increases as companies move to private clouds, with unified network cores handling everything from virtualised storage through to voice and video. Understanding how those services interact on a shared core is not easy.

At one level, network management is simply network discovery, using SNMP suites to give you a basic network topology.

But network managers need to understand the nature of the services the network provides, rather than simply concentrating on the equipment that is delivering them. Network management tools must start sniffing the packets travelling across the network and understanding the payload.

Frayed edges

While handling the challenges at the core of the network, managers must also be aware of what is happening at the edge. And the edge is fraying.

What used to be a solid, well-defined entity is fragmenting. When employees want to use a panoply of endpoint devices, and those devices travel with them on the road, managing the nodes that connect to the network becomes much more difficult.

“The biggest problem now is detecting rogue endpoints”

“Network traffic becomes less of an issue running out to the enterprise desktop, but security becomes more of an issue. The biggest problem now is detecting rogue endpoints,” Kennelly says.

To begin to know which endpoints are legitimate, some form of asset management is advisable. Some companies are turning the whole sorry mess over to third-party cloud providers such as Damovo, which offers an internet-based mobile device management platform.

“You just need the telephone number of someone with a smartphone or tablet device,” says Alex Williams, head of technical support.

“This sends an SMS that loads a small app on the device. Once you have that on the device, you can control it in any way you like.”

This includes blacklisting apps and setting policies and security parameters. Right now, this is integrated into help-desk systems, but not into network or systems management platforms.

Firewalls everywhere

Mobility is only one cause of this fraying of the network edge, or "deperimeterisation". The growing need for business partners and branch offices to access enterprise computing resources is also driving the move towards more porous networks.

Steve Nice, technical director at hosting company Forlinux, says access controls at each layer of the network are crucial.

“Ensure that servers are both internally and externally firewalled. A lot of firms don’t do that,” he says.

“Otherwise, once you set your system up, internally you are left wide open.”

Measures such as proper internal firewalling and deep packet inspection enable the network manager to move into policy-based networking. As networks become more complex, this automation will become increasingly important.

“Going back a few years, most networks were sold on a plug-and-play basis, and it was only when you went into the WAN that you saw policy-based networking,” says Jason Peach, head of professional services at Networks First.

“A lot of customers are still stuck in the view that the network is all about plumbing, but it is about making the network more intelligent, to do certain things as needed.”

Policy-based networking is the key to automation, which can help to make networks more manageable.

Script-hugging network managers who like that feeling of control may be reluctant to entrust their network to automated systems, but this will be part of the process as networks become more complex and their jobs gradually change. Are you ready to ride that wave? ®

Internet Security Threat Report 2014

More from The Register

next story
Official: European members prefer to fondle Apple iPads
Only 7 of 50 parliamentarians plump for Samsung Galaxy S
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
Space Commanders rebel as Elite:Dangerous kills offline mode
Frontier cops an epic kicking in its own forums ahead of December revival
Intel's LAME DUCK mobile chips gobbled by CASH COW
Chipzilla won't have money-losing mobe unit to kick about anymore
First in line to order a Nexus 6? AT&T has a BRICK for you
Black Screen of Death plagues early Google-mobe batch
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?