Current Filter: Network>>>>>Feature>

   

With so much focus on SDN and network feature virtualisation, many network designs and implementations are missing elements that are essential for both reliability and resiliency. At the most basic level, every network element needs to be easily accessible by the network admin team who are responsible for updates, configuration changes and inspection, yet many lack these tools, and this in turn hampers modern network administration practice.

In a recent survey by SolarWinds nearly 90 per cent of respondents said that their end-users were negatively affected by performance or availability issues with their business critical technology in the past 12 months; nearly a quarter reported that such issues occurred six times or more. Even though network equipment and designs have become more robust, with high end core switches claiming an MTBF in excess of 500,000 hours, the equivalent of 57 years, the reliability of networks is still not absolute. An older survey by AlgoSec, suggested that a major cause of failure was unscheduled out-of-process changes to systems, resulting in an outage, a data breach, or an audit failure, so say 77 per cent of respondents.

Yet it seems that unscheduled out-of-process changes are becoming more likely as organisations start to adapt their network to cope with demands from different user groups, including test and development and integration with new cloud services, or as a response to security issues and the ongoing process of patching network devices. In June of this year for example, Cisco released 16 patches to fix security issues across several of its products. However, Cisco is not alone and each month hundreds of individual updates, patches, and security advisories that in turn, often prompt configuration changes, are released for firewalls, routers, switches, WAP, IDS/IPS and ancillary devices.

That these updates are available is great news for functionality and security, yet managing this process is difficult, especially in organisations that have grown their networks in both reach and diversity while, in many cases, freezing headcount. This may well explain why as a recent survey by Acronis suggests that human error may well be the cause of 60 per cent of outages. While environmental factors such as overheating, leaking pipes, and unauthorised tampering, may well add a few more percentage points.

There seems to be no way of removing these factors, but it is also the case that networks need to be architected to accommodate this reality. To give an analogy, most critical network elements have dual redundant power supplies because power supplies fail. More progressive organisations going through upgrade cycles are specifying similar anticipatory technology. For example, remote out of band management offering connectivity to each network element, combined with hardware based logging and audit of configuration changes, delivers connectivity and a potential rollback capability.

With network admins aware that the single most common quick fix for a faulty network element is a power cycle, auto remediation technologies that can control PDU's are strongly recommended, while remote racks can benefit from units equipped with Cellular failover.

Yet if human error and unscheduled out-of-process changes are among the causes of downtime, then having more systems in place that make it easier and more auditable concerning who does what to network elements should be a critical part of every refresh cycle. Modern, smart out-of-band technologies, along with improvements in the network management software offered by vendors are addressing this issue at a technology level. However, for networks to deliver the resilience organisations now demand, the change has to come through senior executives recognising that preparing for failure is the only way to mitigate and ultimately prevent their occurrence.