Network Monitoring: A Review
In every network especially in telecommunication, the backbone layer is the key factor in deciding whether or not the entire network can perform and function in a normal manner. As the network grows more complex, and the service becomes more diversified, more challenges arise at the backbone layer. These include maintaining the network flexibility, reliability, convenience in administration and maintenance, and security.
Network security is simply a process or action adopted to detect and prevent unauthorized usage of your computer. In other words, it is a technique in the form of software, which safeguards the primary networking infrastructure from illegal access, malfunction, misuse, destruction, alteration, or improper disclosure. This in turn provides a safe platform for computers, programs, and users to carry out their allowable significant functions within a protected environment.
Security is crucial to any network. On the day you’re attacked, it doesn’t matter how your network is configured, or how many security software and devices installed. The only way to stay ahead of new attacks is through detection and response. In the real world, this translates to alarm systems and guards. On the telecommunication or any network, this means active network monitoring.
Network monitoring provides immediate feedback on the effectiveness of the network’s security – in real time. Monitoring is the window into a network’s security. When a network is in the process of building security, monitoring is the first thing you need to do.
Security is not a technology problem, it is a people problem. There is no security product that acts magically, imbuing a network with the property of “secure.” If you can monitor your network carefully enough, you can catch a hacker regardless of what vulnerability has been exploited to gain access. With this, you can respond quickly and effectively, and repel the attacker before any damage is done.
Monitoring should be the first step in any network security plan. It’s something that a network administrator can do today that provides immediate value. Policy analysis and vulnerability assessments take time, and don’t actually improve a network’s security until they’re acted upon. Installing security products improves security, but only if they are installed correctly, and in the right places. Monitoring ensures that security products are providing the type of security they were intended to provide.
In this light, several literatures have been authored to gather as much as information on the importance of monitoring in any network security activities. It is a fact that all networks are subjected to security threats that might affect the business performance.
The paper entitled “PerformA Unveils a New Era in Network Management Efficiency” published at Telecommunications; Jul2007, Vol. 41 Issue 7, p16-17, 2p, discussed the move of Vodafone Company to launch PerformA to improve the satisfaction level of its subscribers. It cites that PerformA has the capacity to monitor the entire network through a simple performance monitoring system. Further, it reveals that PerformA’s inbuilt Trend Analysis System promotes convenience in the analysis of service usage, quality levels and network trends.
A similar stance in education industry was taken by the article entitled “Monitoring tool reduces complexity” published at Communications News; Jan2005, Vol. 42 Issue 1, p24-26, 2p. The paper discussed the importance of diagnostic and/or monitoring tools in managing the data network established at John Hopkins Bloomberg School of Public Health in Bloomberg, Maryland. Equally overwhelming has been the complexity and cost of most network-management applications. One of the priorities of the information systems department has been to document and put in place tools provide the data needed to ensure the proper operation of the network. Monitoring and network-management tools typically capture statistics from interfaces, links and protocols, draw maps and graphs, and send real-time alerts about fault conditions. The Bloomberg School of Public Health, however, needed a tool that would be more proactive. After comparing different tools for overall ease-of-use, and monitoring abilities, the school installed Netcordia’s NetMRI. According to Kevin Stone, senior network administrator at the school, NetMRI correlates the statistics, and applies rules of logic for troubleshooting at the system-level functional areas, such as root bridge placement in virtual Local Area Networks (LAN), security setting in wireless LAN, and routing protocol stability.
Furthermore, the paper entitled “Essential network monitoring for the SMB, Part I: What to look for and where to find it” and “Essential network monitoring for the SMB, Part 2: The tools” by Randy Franklin Smith published at Windows IT Security, Nov2005 and Dec2005, discussed the server monitoring, the applications that run on them, and the network devices that can give alerts when problems arise, giving a chance to fix them before users can notice. By monitoring the network and keeping a historical record, it can draw data that provides accurate information to users who might have an exaggerated notion of how often a particular problem has occured. Just as important, network monitoring lets you know exactly what is happening on the network, as well as who is accessing it and when. There are two types of monitoring - in the article cited, the author refers to the former as operations monitoring, and the latter as security monitoring. In this two-part series, the author identifies the various devices and systems that should be monitored in an SMB (server message block) for both security and operations purposes. In part I, Smith identify the most common data-monitoring sources, including Windows event logs, Syslog, and SNMP. Part 2 shows how to build a barebones network-monitoring solution by using free or inexpensive tools. The author introduces three nifty tools that can be added to one’s network-monitoring arsenal: Log Parser - a free tool from Microsoft; Tail - a cool UNIX utility, and Kiwi Syslog Daemon - a utility that comes in a free edition, and in a more powerful, but still inexpensive edition.
Setting up an effective and comprehensive monitoring process takes some work, but the investment is worthwhile. There’s nothing worse than learning about a problem from your users and, upon reviewing your logs, realizing that the system was exhibiting warnings 3 days earlier. The business and legislative worlds are setting much higher expectations with regard to information security and accountability. Security breaches might occur, but you and your company will fare much better if you’ve been doing your due diligence. There’s no substitute for effective monitoring. (Smith, R.F., 2005) |
