Network horror stories expose need for understanding

As a number of horror stories reveal, corporate networks aren't the safe and tightly controlled entities they should be. Here Will Sturgeon exposes just how wrong it can go and asks leading industry figures to light the way towards effective network management.

Have you heard the one about the financial services organisation whose employees had a competition each day for the colleague who could best beat the URL filtering system and access the most inappropriate content on their desktop PC?

Or what about the employee who, over the course of a few weeks transferred huge chunks of data from the corporate network to a home PC and then promptly upon completion of this data heist handed in his notice?

Then there are the thousands of employees who leave their PCs streaming internet radio over the weekend - and those who have webcams streaming all day every day via their instant messaging application.

It gets worse - those examples are just a snapshot of real life scenarios unearthed within large enterprises.

This level of network abuse is far from a rarity. Penetration testers at SecureTest know better than most what employees could do on a network - especially those with an axe to grind. One large financial services company that SecureTest worked for recently sacked a member of staff but failed to revoke the ex-employee's remote access on all systems.

This open door for malicious attack was duly used and a worm caused havoc on the network.

Another sacked employee, this time within the healthcare sector, used a similar vulnerability after his termination to launch a Trojan and wipe files and back-ups from company hard drives.

If this paints the picture that networks are in chaos then in many instances that's not far from the truth. Even if staff aren't flagrantly breaking the rules or acting in a malicious manner, poor policy enforcement or a lack of end-user education can still hamper network performance. You may well have encountered the member of staff who sends 20MB worth of email attachments to 500 desktops as 'photos of last night's Christmas party'. It's not malicious but it sure isn't helpful.

Centennial Software, a provider of asset management services, has looked inside many a corporate network to reveal assets the company never knew it had. One UK government agency, for example, found it owned a vast array of disused technology still plugged into its network, including a mainframe computer that had somehow escaped the IT manager's gaze.

Another government department couldn't explain why there was a rogue 56Kbps modem dialling in to its network from a remote corner of Scotland where the department had no offices or remote staff.

And imagine shelling out for hundreds of new servers and desktops only to discover, on closer inspection, you already owned all that kit, and more, but had simply lost sight of it in the dark corners of your network.

So to avoid such problems, here are some tips for better network management - straight from the experts:

Be proactive

Ian Cummins, European sales director at Network Instruments, said: "Often administrators will only apply analysis tools after the network is already slow or down. Rather than waiting for problems, you should continuously track performance trends and patterns that may be emerging. Active management allows you to spot and limit the impact of performance anomalies and network problems."

Keep it simple

Anton Grashion, security strategist at Juniper Networks, said: "Having centralised control of your network is crucial. You need to have real-time information on the current status of the network, and who is accessing what information. It is important to be able to adapt the policies easily, to make the day-to-day management of the network as simple as possible."

(Continued on page 2...)