Why is that we can get the budget (albeit it after a struggle) to spend tens or hundreds of thousands of pounds on new network infrastructure, and can’t get that little bit extra to buy the software to manage it?
It’s like buying a car—would you really want to buy one with no fuel gauge and speedometer just to save a hundred quid? No, because you know it would just cause so much hassle after, when you couldn’t see what was going on, and you’d run out of petrol miles from anywhere. The car would still run, but it’d be a right pain to drive.
Same with network management—what’s the point of having a flashy new network if you can’t see how it’s operating? How do you keep your software levels up to date? How do you know when links are reaching capacity? And how do you know you’ve got a problem—except when it’s too late.
So why is network management all too often seen as a nice to have rather than an essential? Maybe you’re lucky and your company has a network management strategy that does understand how important it is, but there are an awful lot of us out there that seem to be hitting our heads off a brick wall trying to manage these networks.
But what really bugs me is when we fight tooth and nail to get the network management software, configure all our network devices to send reports to it, get it up and working like a dream,—and then don’t use it!
Be honest, how many syslog messages do you get every day from your network? Even if your management software filters them, categorises them, and sends you nice reports, do you actually read them? Every day? Honestly?
Which is why it gave me a nice warm glow (no, really) when I heard about someone who really got his money’s worth from his network management system when his network got hacked recently.
The hacker managed to log into this company’s Internet-facing router, and made some configuration changes to let him access its network. What the bad guy didn’t realise was that any time a config change was made, the network management software detected it and reported the change. A lot of software does this. A lot of us don’t do anything with that information.
On this occasion though, the system was set to send an email reporting the change. Someone actually read it, saw what the change was, and fixed the problem. The company network wasn’t compromised.
Okay, maybe the security on the Internet router wasn’t as good as it might have been, otherwise the hacker wouldn’t have been able to get in. But how many of us are completely sure that every device on our network is 100 per cent secure?