The network is an integral part of any organization today. Most enterprises rely heavily on the local area network (LAN) or wide area network (WAN) for daily operations and access to applications and services. As a result, reducing any network downtime and resolving issues affecting network performance quickly is critical. Troubleshooting the familiar help desk calls of “the network is slow” or “I can’t access…” or my personal favorite, “the internet is down”, (which is technically nearly impossible), need to be done fast. So how does an IT manager achieve this? I would suggest it starts with a very good understanding of your network.
Similar to the defense in depth security principle, does traffic management also require a layered approach, with multiple devices or solutions? Arguably, maybe not. More often than not, network administrators want to access a single network management portal that can provide all the information about the traffic on their network. There are a variety of things that need to be available to troubleshoot network problems on such a platform. Let’s highlight a couple of them and explain why they are so important.
Intelligent Real-Time Monitoring of Network Traffic
Being able to see what traffic is traversing your WAN in real time is absolutely critical to understanding your network and subsequently, troubleshooting network issues. Especially when it pertains to issues with bandwidth utilization or issues affecting application usage across a network. Being able to view real-time traffic statistics on a router, firewalls, switches or even running packet captures has been available for several years, but there are many drawbacks with using these methods to troubleshoot network issues. Some of these include:
- Having to log into several devices to access these real-time traffic logs, which makes it more difficult to correlate the different logs into a single logical stream.
- In many cases one has to run packet captures over a period of time and then analyze the resulting log file in a packet analyzer application. Meaning one isn’t actually looking at real-time traffic.
- Running and analyzing the results of log files requires an advanced skill set and is a very time consuming process.
- Lack of insight past the network layer, meaning lack of application and user level information.
What enterprise administrators need from a WAN solution in today’s geographically dispersed networks is real-time monitoring and interactive analytics that can provide insight into all inbound and outbound traffic on the network, in an easy to understand way. Additionally, efficient network troubleshooting in today’s IT environment should involve more than IP addresses and port numbers. Administrators need to easily identify the source or destination of traffic anomalies without having to track or crawl through other systems or databases to pinpoint where a particular bit of traffic is going to or coming from. Integration with popular directory databases such as Microsoft Active Directory is becoming a must have for network devices, and complete real-time traffic monitoring across all users and applications provides the foundation needed to truly understand what runs on your network and is invaluable when it comes to troubleshooting network problems.
Network Utilization Baselines
We know what happens when there is an issue on the network. It’s usually reported by the end user or highlighted by an alert from a monitoring system. It’s important to have a method of measuring and rating the performance of a network under usual circumstances, normal and peak network throughputs and utilization, as well as application usage. This kind of in depth network analysis that enables you to view historic traffic patterns from several months or years back can be extremely useful to identify network bandwidth issues, discover vulnerabilities and other WAN-related problems.
In addition, application level baselines can help to determine what type of applications run on your network, drill down to high bandwidth applications and determine which applications are business critical, which require prioritization over applications that are not strategic to the business. Baselining network and application usage also helps to forecast and determine present and future upgrade requirements, as well as assist in decision making on projects that involve or effect current network performance. If for example, a network manager does not have insight into normal network utilization on their WAN links available, it makes it more difficult to determine if a company-wide project to deploy virtual desktop infrastructure (VDI) to all sites across those WAN links would require a link upgrade or not. Or even how much of an upgrade would be sufficient, if indeed an upgrade is needed. Having insight into all such data in an easy to view way makes understanding and subsequently controlling your network that much easier.