For network administrators, the holiday season can be a big distraction rather than a welcome relief. From end-of-year budgeting decisions, to annual network-performance reviews, to reduced staff, it’s no wonder this time of year can be challenging. How about you network administrators out there making a list and checking it twice to avoid letting that second helping of eggnog force you into making the wrong network decisions?
We recently had a great conversation with Charles Thompson, Network Instruments' manager of sales engineering, about network forensics. Network Instruments offers a terrific forensics product called GigaStor that can help you quickly resolve network problems. Thompson provided us with an illuminating top 10 list of network headaches to avoid in the interest of a merry network season, and spoke of how GigaStor tackles each.
1. Trying to troubleshoot sporadic network issues without the right equipment—Often, the most irksome problems appear sporadically, requiring you to either wait for the problem to reappear or spend hours recreating it. With retrospective network-analysis solutions, you can eliminate the need to recreate problems. An analyzer with retrospective network-analysis capabilities can store a long and continuous network capture, letting you perform network analysis retrospectively to quickly isolate and resolve the network problem.
2. Failing to baseline network and application performance—It’s been said that you can’t know where you’re going if you don’t know where you’ve been. The same holds true for network management and capacity planning in the new year. Unless you have an idea of normal and acceptable application and network behavior today, it’s difficult to gauge what's acceptable in the future. Establishing benchmarks and understanding long-term network utilization is key to ensuring effective infrastructure changes.
3. Mistaking a network problem for an application problem—Often, users blame the network when operations are running slow on their computer. To be able to quickly pinpoint network problems, it's critical to analyze and isolate problems pertaining to both the network and application performance.
4. Trusting users to secure their systems and applications—Whether a user is connecting an infected laptop to the network or using unauthorized applications (e.g., P2P, IM), you need to have resources that can identify user activities that can potentially lead to more harmful security breaches.
5. Not taking advantage of critical information already available to you—Do you own a Cisco switch? Chances are that your network is collecting NetFlow data. This information can help you easily track active applications on the network. Aggregate this data into your analyzer so that you can get real-time statistics on application activity and drill down to explore and resolve any problems.
6. Believing new applications just work automatically out of the box—Often, network administrators install an application network-wide without understanding its impact on network performance. Without proper testing of the application or assessing the ability of the network to handle the application, problems can result in the middle of deployment or configuration. Before rolling out a new application, always perform a network site survey, which lets you anticipate how the network will respond and resolve problems before they occur. For example, when deploying VoIP, be sure to have a separate QoS solution to ensure proper performance of the application.
7. Trusting equipment vendors to conform to industry standards—Vendors might claim that their network equipment or software supports an industry standard, when in fact they support only a proprietary version of the standard. As a result, when you try to connect an appliance or software interface that uses the standard, it might not function properly or simply fail. Check to see what standards need to be supported to ensure that your systems will comply.
8. Assuming vendors have fully debugged their network software and equipment—When troubleshooting, if you find that a particular application is the culprit but you still can't resolve the problem, consider checking the release notes and support database for potential or known bugs. It's quite possible that the conflict is a documented bug within the application. Rather than driving around in circles, it’s helpful to stop and ask for help.
9. Failing to implement security policies within your IT department—So many units are tasked with ensuring that security polices are in place across the organization, but what about those within the IT department itself? Make sure you provide your IT staff with the ability to resolve network problems—not add more. Consider using your network analyzer to set up role-based permissions on analysis activity, providing different levels of data access for different levels in the organization. Also, ensure that communication between the analysis probe and console is secure or encrypted; if you don't, your analysis tool could become another point of vulnerability. Make sure you protect company information from your outside IT consulting units by enabling only partial packet captures within your analyzer for those outside entities.
10. Not fully understanding network traffic patterns—Often, administrators will apply analysis tools only after the network is already slow or down. Rather than waiting for problems, you should continuously track performance trends and patterns that might be emerging. Active management lets you spot and limit the impact of performance anomalies and network problems.
To see how GigaStor can help you out, we encourage you to take a look at the Network Instruments Web site for more information.