Remote work makes network visibility more critical than ever

By GIXnews

What, exactly, is on your network? More to the point, where is your network? Ask yourself that now, then compare this to how your network looked a year ago. The answers have almost certainly changed, with most organizations seeing a rapid increase in the number of employees working remotely.

Hardened, policy-managed corporate networks are being exposed via remote VPNs to home network environments and, in some cases, employees’ home computers. This increases network complexity and may introduce new security and performance issues. To keep things running smoothly, having an in-depth view of the devices and events on your network is crucial.

Maintaining network performance with remote workers

When employees work from home, troubleshooting becomes more complex. Even if an employee is using a company-supplied computer, it is operating on an unmanaged network, and is exposed to everything else that happens to be on that network.

Today’s home networks often have multiple computers, smartphones, tablets, smart TVs, game consoles, and even Internet of Things devices like security camera doorbells. In addition to the security risks of putting a company computer on an insecure network, there are IT infrastructure problems that can arise when work-from-home becomes normalized.

A March 19, 2020, Network World article detailed some possible causes of poor network performance. There might be congestion on the last-mile portion of the Internet, especially for workers in rural areas with limited bandwidth. Employees’ default DNS resolvers may be prone to overload.

Corporate VPNs originally configured for small numbers of VPN clients may fail when demand spikes. DHCP may struggle with handing out enough network addresses, or a company might not have enough SSL sockets for all of the web connections now being funneled through the central corporate information security systems.

Many of these issues are eminently solvable, as long as network operators know they exist. However, if a company has been relying on labor-intensive ways to get network visibility, these are unlikely to scale well to meet the new situation.

The old way: subnets, switchports and scanners

Those who have worked in networking for any length of time will be familiar with how network visibility used to be achieved (and still is, in some places). Basic tools like ARP tables, DHCP logs, and SNMP can tell you what’s on your network, what was on your network, and some of the basics about the data flows traversing that network.

For a simple network, where every network device has a single MAC address, these simple tools can work well. But on modern networks this becomes more complicated. A single network card can expose multiple MAC addresses, request multiple IPs, and indeed be responsible for passing traffic for multiple workloads. Virtualization makes dozens of workloads per server mundane, and with containers it’s entirely normal to see hundreds of workloads pushing traffic through a network card on a single server.

If simple network virtualization can complicate a network, then consider the impact of upending hundreds of people from their carefully manicured corporate environment and allowing them to work in a distributed fashion. Suddenly you have devices you need to track that all exist in wildly varying networking setups, connecting from all over the place, from networks you don’t control. When employees work from home, you can’t exactly go around inspecting devices on the network physically.

Slogging through SNMP and sflow/netflow data to figure out who’s on the network and what’s up just doesn’t scale. Half of the devices on a modern network are employee mobile and portable devices, most of which don’t report SNMP data anyway.

Data visualization can be simple and powerful

Like everything networking, network visibility has gone software-defined. Cumulus NetQ is a management tool for Linux with an easy-to-use graphical interface and intuitive visualization of network data.

NetQ can provide directly actionable insights into your network’s health, and what’s on it, at all levels of the stack, from the switchport to the server to the virtual machine to the VPN client and beyond. Network administrators can determine at a glance what’s going on, and whether something has gone wrong.

NetQ provides up to 90 days of real-time configurations and statistics. It also integrates easily with third-party tools like Splunk, Slack, PageDuty, and more, allowing the creation of real-time alerts for broken or misconfigured portions of the network, as well as the ability to immediately roll back configurations to prevent downtime.

Networks grow and change, and your tooling for management must grow and change with them. We’re living through a major shift in the way employees work, extending the boundaries of what was once a tightly controlled environment into many unforeseen places and setups. Old ways of managing and inspecting the network no longer scale. Check out a Cumulus NetQ demo to see just how simple and powerful data visualization can be.

Source:: Cumulus Networks