Is your network taking on a life of its own?
Meet the complexity challenge
Networking has always been something of a dark art, but you would have thought it would get easier as technologies mature. In fact, technology, along with users’ expectations of it, is making the network manager's jobs more difficult than ever.
Virtualisation and private clouds, combined with unified networking and next-generation data centres, are placing more demands on networks. At the edge, users are becoming increasingly mobile and working from different endpoints, adding to the challenges network managers face.
It doesn’t help that they are doing it manually, says Dennis Kennelly, vice-president of development and chief technical officer for Tivoli NetCool network management at IBM.
Surely some mistake
“You get 80 per cent of your problems when people start to make changes,” he warns. “Your run-of-the-mill administrator is running around with a set of scripts and configuring these boxes. They are highly trained individuals but they make mistakes, and these things are complex.”
The complexity increases as companies move to private clouds, with unified network cores handling everything from virtualised storage through to voice and video. Understanding how those services interact on a shared core is not easy.
At one level, network management is simply network discovery, using SNMP suites to give you a basic network topology.
But network managers need to understand the nature of the services the network provides, rather than simply concentrating on the equipment that is delivering them. Network management tools must start sniffing the packets travelling across the network and understanding the payload.
While handling the challenges at the core of the network, managers must also be aware of what is happening at the edge. And the edge is fraying.
What used to be a solid, well-defined entity is fragmenting. When employees want to use a panoply of endpoint devices, and those devices travel with them on the road, managing the nodes that connect to the network becomes much more difficult.
“The biggest problem now is detecting rogue endpoints”
“Network traffic becomes less of an issue running out to the enterprise desktop, but security becomes more of an issue. The biggest problem now is detecting rogue endpoints,” Kennelly says.
To begin to know which endpoints are legitimate, some form of asset management is advisable. Some companies are turning the whole sorry mess over to third-party cloud providers such as Damovo, which offers an internet-based mobile device management platform.
“You just need the telephone number of someone with a smartphone or tablet device,” says Alex Williams, head of technical support.
“This sends an SMS that loads a small app on the device. Once you have that on the device, you can control it in any way you like.”
This includes blacklisting apps and setting policies and security parameters. Right now, this is integrated into help-desk systems, but not into network or systems management platforms.
Mobility is only one cause of this fraying of the network edge, or "deperimeterisation". The growing need for business partners and branch offices to access enterprise computing resources is also driving the move towards more porous networks.
Steve Nice, technical director at hosting company Forlinux, says access controls at each layer of the network are crucial.
“Ensure that servers are both internally and externally firewalled. A lot of firms don’t do that,” he says.
“Otherwise, once you set your system up, internally you are left wide open.”
Measures such as proper internal firewalling and deep packet inspection enable the network manager to move into policy-based networking. As networks become more complex, this automation will become increasingly important.
“Going back a few years, most networks were sold on a plug-and-play basis, and it was only when you went into the WAN that you saw policy-based networking,” says Jason Peach, head of professional services at Networks First.
“A lot of customers are still stuck in the view that the network is all about plumbing, but it is about making the network more intelligent, to do certain things as needed.”
Policy-based networking is the key to automation, which can help to make networks more manageable.
Script-hugging network managers who like that feeling of control may be reluctant to entrust their network to automated systems, but this will be part of the process as networks become more complex and their jobs gradually change. Are you ready to ride that wave? ®
Sponsored: 2016 Cyberthreat defense report