We Are Different
Luna.tech takes the time to truly understand what drives your business. We develop information systems that support the financial, administrative, and technical goals of your company. Your technology investment should be a profit center and not just a necessary cost.
- Server Install and Maintenance
- Network Design
- Cisco Networking
- Remote Access
What is Network Management?
Network management is the process of monitoring and controlling a computer network to ensure all of its resources—both hardware and software—are in good shape and are being used productively.
This process is overseen by a person—a network administrator, network manager, or MSP—who uses protocols, systems, devices, and applications to ensure the network can keep up with business demands and user expectations.
The challenge in network management is that networks are becoming more and more complex. There are more devices on networks to manage than ever before (thanks in part to a massive IoT boom), and they’re not all created equal. Even similar devices on the network—say a switch and a switch—can be drastically different if they’re manufactured by different vendors.
What’s a network?
A network is a collection of connected devices—like computers, mobile devices, servers, routers, switches, bridges, firewalls, access points, and more—that can communicate with one another through the transfer of data.
Here are some important devices that make up an average network:
- Clients: A client is an application or whole system that connects to a server. In a client-server network model, a client sends a request—think sending an email—to a server, and once the server fulfills a client’s request, the connection is terminated.
- Servers: A server is a device designed to accept and respond to requests made by another computer over the internet or a local network. A server helps manage network resources like sending email, managing print jobs, or hosting a website.
- Switches: A switch is a physical or virtual device that connects all of the devices on a network to each other. A switch enables network devices to talk to each other by sending incoming data from input ports to output ports that will take it to its intended destination on the network—it determines where to send each incoming message by looking at the physical device address, otherwise called the MAC address.
- Routers: A router is a physical or virtual device that connects computer networks. A router analyzes a data packet’s destination IP address, determines the best way to reach that destination, and then forwards it there. It sounds similar to a switch, but Cisco has a way to remember the difference: “Switches create a network. Routers connect networks.”
- Firewalls: A firewall is, by definition, a router—its primary function is still routing, but with additional security rules. These rules help a firewall permit or block data packets coming and going from the network.
- Access points: An access point is a wireless network device that connects endpoint devices to a local area network. An access point can extend the wireless coverage of an existing network, which increases the number of users that can connect to it and changes the way users are able to connect to the network.
Network management is a huge responsibility. To better understand what the job entails, it’s helpful to break things down into five key areas encompassed by the FCAPS acronym: fault management, configuration management, administration, performance management, and security management.
The “Big 5” network management functions
A fault—more commonly called an issue or an error—is an event that shows a problem in the network. Common faults are things like packet discards, packet errors, or high interface utilization, but the possibilities are essentially endless.
The goal of fault management is to minimize downtime. So the faster a network manager knows about an error in the network, the better.
To fix a fault before it escalates and interferes with client uptime, there are four important steps a network manager needs to follow:
- Detect the problem.
- Isolate the problem and determine what’s causing it.
- Troubleshoot and resolve the problem.
- Document the process that was used to resolve the problem.
For MSPs, step 4 is extremely important. With multiple techs troubleshooting issues, documenting previous faults and how they were resolved can help streamline resolution in the future. This way, your team isn’t wasting time trying to solve the same faults repeatedly with no reference point.
For a network and its devices to do what they’re supposed to, they need to be configured or told what to do.
The goal of configuration management is to monitor and document network and device configurations. This requires a network manager to set, maintain, organize, and update configuration information for both the network and its devices.
Network configurations include:
- Router and switch configuration, which specifies the network’s correct IP addresses, route settings, and more.
- Host configuration, which connects a host device (like a computer or laptop) to the network by logging network settings like IP address, device routing tables, and DNS server configuration.
- Software configuration, which gives appropriate credentials to network-based software—like Auvik, for example—so it can access the network and monitor network traffic.
Network device configurations include operating system version, firmware version, serial numbers, IP address, routing configuration, switch VLAN configuration, and more.
To keep track of all this information, it’s best practice for network managers to securely store this information. Then, as configuration parameters change, you want the documentation to immediately update so the information you have is always up to date.
This documentation is a critical part of configuration management. It’s referred to when a network or one of its devices needs to be modified, expanded, or repaired, which helps return the network or device to its pre-outage state quickly and minimizes downtime.
The “A” in FCAPS can mean administration or accounting.
As an MSP, you’re responsible for network administration. This means administering network users with passwords and permissions, backing up software, and more.
Accounting management refers to resource usage and billing—this is important if you’re an MSP who offers internet services, bills on the usage of a WAN link, or monitors public cloud usage.
Performance management is all about the efficiency of the network—both right now and in the future.
Network performance is measured using metrics like throughput, uptime and downtime, error rates, percentage utilization, response time, and latency. This data is primarily collected using SNMP (Simple Network Management Protocol), without which we couldn’t identify devices, monitor network performance, or keep track of changes to the network.
To effectively monitor network performance, a network manager:
- Gathers performance data—manually or automatically.
- Analyzes the data to establish baseline levels.
- Establishes performance thresholds. This step feeds into fault management—when a threshold is exceeded, it means there’s a problem that needs to be taken care of.
Sometimes, data may seem abnormal. To get extra visibility and context into performance metrics, you can dive beyond the performance metadata SNMP provides to get closer to the traffic by leveraging protocols like NetFlow.
By collecting and analyzing NetFlow data on a client device, you’re able to get important information from incoming and outgoing traffic. This can include information like source and destination IP, source and destination port, and Layer 4 protocol. With this information, you can determine if network traffic is legitimate.
This data is important for forecasting the future of the network, otherwise called network capacity planning. If the client is seeing internal bottlenecks while only doing business-critical work, it's likely they’ll have to upgrade their network infrastructure. If they’re using all of their external bandwidth, then they’ll need to increase the capacity provided by their ISP.
The data can also be used to help make the case for network upgrades on the fly. If you discover a network device (or devices) consistently causing performance issues, then it’s likely a sign it needs to be updated or replaced.
Today, there’s no shortage of cybersecurity threats—from DDoS attacks and crypto-jacking to mobile malware, it feels like we’re all one click away from taking down whatever network we’re on. That’s why security is a critical part of network management.
The goal of security management—and the main responsibility of a network manager—is to prevent, detect, and quickly respond to prevent security threats. Since 100% prevention isn’t possible, quick response to security threats is essential.
This is achieved through using different security tools and systems, including:
- Firewalls: A firewall is a device that monitors network traffic and uses a set of security rules to permit or block data packets coming and going from the network.
- Reverse proxy servers: A reverse proxy server masquerades as a web server on the edge of a network, while the real server sits somewhere inside the network. It forwards data to and from the real server, which is only needed if you have a server accessible from the internet.
- Web application firewalls: A web application firewall is a device that sits between the internet and a web application to protect applications from cross-site forgery, cross-site scripting, SQL injection, and more.
- Intrusion detection systems: An intrusion detection system monitors packets and sessions for malicious activity. If activity is discovered, it’s reported.
- Intrusion prevention systems: An intrusion prevention system detects and prevents malicious incidents. It reports any threats to a system admin or a network manager and takes preventative action, like closing access to the network.
- Email scanners: An email scanner protects endpoints from spam and malware attacks by scanning emails for viruses.
- Antivirus software: Antivirus software prevents, detects, and removes software viruses from network devices.
These tools and systems help to authenticate, encrypt, and authorize traffic flowing through the network and ensure it’s supposed to be there.
If traffic is unauthorized, policies can be applied to prevent users from gaining access to sensitive information. And if unauthorized traffic makes its way through, a network manager has a much bigger issue on their hands.
As an MSP, security management can also extend to physical security, as electronic access and surveillance systems are connected to the network.