Learn to love your network again

Before securing or managing their networks companies must first learn what their network actually looks like. It may seem obvious but after years of change IT managers really might not recognise their own networks. Will Sturgeon explains.

At first this may sound a ludicrous suggestion but do you really know what your company's network looks like? In fact, do you even know where it is - or where it begins and ends?

After years of evolution through the ordered chaos of new technology roll-outs, as well as mergers, acquisitions and the need to marry disparate and dispersed offices and workforces, many businesses are unlikely to have the clearest picture of what their network looks like.

Throw in mergers, acquisitions and the need to marry disparate and dispersed offices and workforces and the network

And if that is the case, what chance do these same businesses stand of securing or managing that network?

Phil Young, head of IT at Amtrak, said: "The issue facing CIOs around network visualisation is not the understanding of the company's core systems and applications but that ever-changing picture of peripheral devices being added to the network such as printers, PDAs and remote hubs. Even though policies may be in place and 'network sniffer' applications running these changes can sometimes be overlooked and provide breaches in security."

Simon Perry, senior VP security at CA, believes that while many companies are rightly concerned with the task of securing their networks, too many rush in without first establishing what their networks actually look like and by doing so reduce the effectiveness of any security measures they put in place.

He said: "One of the most fundamental gaps is simply the asset inventory and then understanding not just how many of what you've got and what's on it but what business purpose those machines serve and that drives the prioritisation of your vulnerability management."

And according to Greg Day, technical solutions architect at McAfee, getting up to speed on understanding a large network is no overnight job.

To illustrate the point, Day cites one company he has worked with which has around 100,000 nodes - or end points - connecting to the network.

He said: "It has taken them the best part of a year to go through and say, 'I recognise these, these are all my routers, these are all my switches, these are all my corporate PCs, these are all my laptops, these are all my printers, this is all my IP telephony.'"

The end result of such a process is having a strong foundation on which to manage the network going forward, given you cannot effectively manage anything you do not know you have.

Day said: "It takes a long time to get to that point where you can go, 'Right, an IP address has appeared, it's telling me it's a Windows XP system but I don't recognise the asset tag, I think I should get rid of it.' But I think there is just about as much paranoia about unplugging something which could be genuine and critical as there is about something which could be bogus and therefore potentially malicious."

That dilemma highlights one of the biggest headaches around effective network management.

If you are starting from a point where the network looks like a stranger in your enterprise, it is incredibly difficult to know what should - and more importantly what shouldn't - be there.

Paul Broome, CTO at 192.com, says: "Networks change so rapidly I think it's worth auditing them every month to evaluate what's changed."

It's a bold claim and obviously monthly auditing is only possible once inventory and asset management are up to date and the process has been streamlined to ensure the only changes being measured are those which have occurred during the previous month. To go through a 12-month process, as outlined above, every month would obviously be impossible.

However, Broome says even approaching this task in an efficient way creates a juggling act between managing the introduction of new servers and services and supporting the day-to-day productivity of the organisation.

He said: "Good network management can't be done if you have never set up a routing table or sworn at the stupidity of some implementations."

Some technology implementations also have a nasty habit of coming in 'under the radar' of the IT department, adding to the complexity of this issue. According to CA's Perry wireless is one such example of a 'grey net' asset brought in by employees acting without the say-so of IT.

Perry said: "I've been sat visiting a company and I've had them tell me they're not running wireless and yet I'm sat there looking at a connection and I can see their network.

"One of the biggest problems with wireless is knowing whether you have any."

And if understanding their own network weren't challenge enough, many modern organisations also have to work out where their network sits in relation to third-party networks and assets, according to Luke Mellors, CIO of Expotel.

He said: "The biggest difficulties that stand between the head of IT and an accurate picture of the effectiveness of their network is this lack of finite information about the network and the convoluted connectivity that now supports business continuity and applications.

"Very few businesses operate isolated connectivity environments. When you also consider that in almost all instances networking and connectivity has outsourced components and there is a point where the internal management of networks ends and the outsourced responsibilities of service providers begins, it is no wonder it so difficult to get an accurate picture."

James Governor, analyst at Red Monk, says the issue has become one of far more fundamental evolution than simply having more and increasingly complex IT assets and real estate to take stock of. Governor argues it is also cultural. In the world of web 2.0 and social networking, he says the word 'network' now has very different implications.

He said: "The last 10, 15, 20 years have been about building out a network of infrastructure and the transition we currently are seeing is a focus on a network of people."

He added: "It's about people, not infrastructure" - and people need ubiquitous access, often on a device- or location-agnostic basis. People need to consume information as and when they need it and increasingly carry with them the expectation they will be able to do that. Most importantly they need to interact across complex networks of both the social and infrastructure-based kind.

Governor said: "There is going to be a fundamentally different set of skills in terms of managing networks. Especially because so much that has been done is about locking down and control and what we're actually seeing now is that your capability is based on the degree to which you don't completely try to lock down and control."