Feeds

Is your network taking on a life of its own?

Meet the complexity challenge

3 Big data security analytics techniques

Networking has always been something of a dark art, but you would have thought it would get easier as technologies mature. In fact, technology, along with users’ expectations of it, is making the network manager's jobs more difficult than ever.

Virtualisation and private clouds, combined with unified networking and next-generation data centres, are placing more demands on networks. At the edge, users are becoming increasingly mobile and working from different endpoints, adding to the challenges network managers face.

It doesn’t help that they are doing it manually, says Dennis Kennelly, vice-president of development and chief technical officer for Tivoli NetCool network management at IBM.

Surely some mistake

“You get 80 per cent of your problems when people start to make changes,” he warns. “Your run-of-the-mill administrator is running around with a set of scripts and configuring these boxes. They are highly trained individuals but they make mistakes, and these things are complex.”

The complexity increases as companies move to private clouds, with unified network cores handling everything from virtualised storage through to voice and video. Understanding how those services interact on a shared core is not easy.

At one level, network management is simply network discovery, using SNMP suites to give you a basic network topology.

But network managers need to understand the nature of the services the network provides, rather than simply concentrating on the equipment that is delivering them. Network management tools must start sniffing the packets travelling across the network and understanding the payload.

Frayed edges

While handling the challenges at the core of the network, managers must also be aware of what is happening at the edge. And the edge is fraying.

What used to be a solid, well-defined entity is fragmenting. When employees want to use a panoply of endpoint devices, and those devices travel with them on the road, managing the nodes that connect to the network becomes much more difficult.

“The biggest problem now is detecting rogue endpoints”

“Network traffic becomes less of an issue running out to the enterprise desktop, but security becomes more of an issue. The biggest problem now is detecting rogue endpoints,” Kennelly says.

To begin to know which endpoints are legitimate, some form of asset management is advisable. Some companies are turning the whole sorry mess over to third-party cloud providers such as Damovo, which offers an internet-based mobile device management platform.

“You just need the telephone number of someone with a smartphone or tablet device,” says Alex Williams, head of technical support.

“This sends an SMS that loads a small app on the device. Once you have that on the device, you can control it in any way you like.”

This includes blacklisting apps and setting policies and security parameters. Right now, this is integrated into help-desk systems, but not into network or systems management platforms.

Firewalls everywhere

Mobility is only one cause of this fraying of the network edge, or "deperimeterisation". The growing need for business partners and branch offices to access enterprise computing resources is also driving the move towards more porous networks.

Steve Nice, technical director at hosting company Forlinux, says access controls at each layer of the network are crucial.

“Ensure that servers are both internally and externally firewalled. A lot of firms don’t do that,” he says.

“Otherwise, once you set your system up, internally you are left wide open.”

Measures such as proper internal firewalling and deep packet inspection enable the network manager to move into policy-based networking. As networks become more complex, this automation will become increasingly important.

“Going back a few years, most networks were sold on a plug-and-play basis, and it was only when you went into the WAN that you saw policy-based networking,” says Jason Peach, head of professional services at Networks First.

“A lot of customers are still stuck in the view that the network is all about plumbing, but it is about making the network more intelligent, to do certain things as needed.”

Policy-based networking is the key to automation, which can help to make networks more manageable.

Script-hugging network managers who like that feeling of control may be reluctant to entrust their network to automated systems, but this will be part of the process as networks become more complex and their jobs gradually change. Are you ready to ride that wave? ®

SANS - Survey on application security programs

More from The Register

next story
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Report: Apple seeking to raise iPhone 6 price by a HUNDRED BUCKS
'Well, that 5c experiment didn't go so well – let's try the other direction'
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
Feast your PUNY eyes on highest resolution phone display EVER
Too much pixel dust for your strained eyeballs to handle
Hearthstone: Heroes of Warcraft – A jolly little war for lunchtime
Free-to-play WoW turn-based game when you have 20 minutes to kill
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.