Protect network data
Peter Alderson, security specialist, Barron McCann
Assume the data on your network can be intercepted. It's a reasonable assumption given the number of network sniffing tools freely available on the Internet. Next encrypt the data - it may be intercepted, but can the hacker make sense of it? Choose an industrial-strength encryption algorithm such as the Advanced Encryption Standard (AES). Even using a machine dedicated to cracking encrypted data, AES is claimed to take 149 trillion years to crack.
If you're using user authentication to log-on and gain access to applications, then encryption is a must. Whether you're using a password or your thumbprint, the authentication file is simply a data file on the network; it can be identified and copied for later use. And finally, let's dispense with that old myth that encrypting data cripples your network performance. Today's network encryption devices are fast so you shouldn't notice the difference.
Think about the wider business
Nick Wilding, group marketing director, Business Systems Group
IT professionals should take a step back from the nuts and bolts of managing the technology to consider their company's wider business objectives. Traditionally, IT networks were installed with the technical limitations of their components in mind. This approach has changed, however, with the advent of hardware and software which have attained such levels of sophistication their functionality is practically limitless. In the absence of purely technical restrictions on the way systems are installed and connected, IT managers should instead focus on aligning their strategy to wider business objectives.
Try sitting down with your business managers and ask them to discuss what they would like IT to do for them. The results of the discussion may be surprising and perfectly achievable with the infrastructure you already have in place. Reconfiguring existing equipment, rather than purchasing new kit, should become the order of the day.
John Roese, chief technology officer, Enterasys Networks
Corporate enterprises constantly ignore the capabilities of their existing network. By enabling the feature set they purchased, significant improvements can be made to the performance, security and longevity of the network at no cost to the organisation. For example, companies buy Layer 3 switches and only use them as Layer 2 devices. If the product is run to its full potential using a Layer 3 protocol, such as Open Shortest Path First, you won't have to use Spanning Tree and it will effectively double the amount of available bandwidth.
This provides additional benefits to enterprises, for example, allowing them to realise the value in their cabling plant. Millions of pounds worth of fibre lies dormant providing back-up links in Layer 2 environments. Simply upgrading from a Layer 2 architecture to Layer 3 guarantees that data traffic is carried across the entire infrastructure. Layer 3 architectures will also provide significant increased capability when having to recover from any sort of network failure. If the switch cannot run a Layer 3 protocol, then the use of a virtual Lans can also improve performance and security. Virtual Lans contain broadcast traffic which would otherwise be propagated everywhere.
Cut network costs
Andy Waterhouse, systems engineer, Concord Communications
Never assume that your network has achieved 100% efficiency. Managers must consistently calculate the cost of network inefficiencies and compare this to the cost of management tools. In the current economic climate it is difficult to justify new investments, but the cost of downtime, poor application prioritisation or ineffective bandwidth allocation will far exceed the costs of the tools. Being proactive drives efficiencies and provides tangible return on investment.
It is equally dangerous to assume that your existing infrastructure or deal is the best available. Enterprises running traditional framework software face high costs, complicated installation procedures and inadequate return on investment projections. One US customer saw his Computer Associates Unicenter costs of $1m (£684,000) per year for server and desktop management cut to $60,000 by looking elsewhere.
You may be pleasantly surprised to discover that easier-to-install solutions from smaller providers can centrally manage global networks and run return on investment reports for your business in a fraction of the time and cost of the big boys. There is only one way to deal with unnecessary costs: smother them wherever they exist.
Maximise return on investment through capacity planning and remote management
Laurent Curny, head of marketing strategy and business development, infrastructure integration group, Getronics UK
To make the most of IT investments, it is vital that IT directors have a more holistic approach to their company's infrastructure requirements. They must understand where there is spare capacity in the organisation. This is a tall order when mergers, acquisitions and project-based working practices prevent a clear and broad view of where spare capacity exists.
In many companies, the IT function is often made up of isolated operational silos. Data, telephony and Web development centres often invest independently. If directors are only viewing their IT infrastructure as series of disparate - if interlinked - silos they will not spot where spare resources lie or be able to swiftly adjust or adapt the organisation's technology to meet new business demands.
It is essential that IT is aligned to the business and not the other way round. Implementing a remote managed service and moving away from a "break-fix" mentality is vital. A remote managed service that gives a complete picture in real time will break down the walls that exist between the different parts of the IT function and re-direct and fully utilise the spare capacity that exists.
A move to proactive remote management means that problems are rectified before they have an impact; IT is aligned to the core business; agility is improved; downtime is minimised; and key staff are re-deployed more effectively. This strategy also ensures that in-house IT employees are available to undertake activities which are more focused on bottom-line benefits for the business.
Use a managed service provider
Neil Dipple, IP development manager, NextiraOne
Network management skills are difficult to acquire and costly to retain. To reduce these costs IT directors can transfer responsibility of the non-critical network functions to a third-party managed service provider. The smarter IT directors and managers should now be identifying non-critical network functions that are no different to that of the competition, such as general network management and maintenance. These can be outsourced, allowing the organisation to re-focus skills, money and time on the core business.
A mutually-agreed service level agreement (SLA) is the key to third-party management of all or part of the network, but only after both parties - customer and managed service provider - have assessed the full business requirements. The SLA must be fair to both organisations, and it must be achievable. No reputable service provider enters into a managed service contract with the aim of providing a worse service; so when contracts fail typically both the IT department and the outsourcing company feel aggrieved. The SLA should remove the fear associated with managed network services by clearly documenting both the role of the service provider and the customer.
Draft a network security strategy
Bart Vansevenant, director of European security strategies, Ubizen
Too often when security is discussed, thoughts turn to installing expensive and complex devices such as firewalls and intrusion detection systems. It is certainly important to have such devices installed to provide a secure perimeter. However, such equipment should only be part of an overall security strategy, which is strongly linked to the organisation's business requirements. Secure environments are typically well documented, with a procedure for patching systems, regular monitoring and control of servers, and where security is part of a culture.
A well-managed and maintained environment is invariably more secure than one where systems are only updated at rare intervals. Many vulnerabilities that organisations fall victim to are the result of problems in applications for which the supplier has already released a patch, or because an application has been based on a default server configuration. Good network and server management will often reap greater benefits for security than installing expensive security devices. Ultimately, security is the responsibility of the whole organisation.
Make an inventory of the network
Mabel Brooks, senior product manager, data services, Telewest Business
If a wide area network is not outsourced, there should be central ordering and inventory of all elements that make up the network. A network design should be drawn up showing traffic flows and use of applications across the network. When end-users or IT staff request new items, the design should be revisited to ensure that what has been requested not only satisfies the end-user need but optimises the network infrastructure. If, for example, a new leased circuit is requested between two points due to traffic congestion, and yet most of the traffic is a two-hour, once a day back-up, the time of the back-up could be changed or the route that the back-up data takes could be altered.
Being able to carry out any of the above requires requests to be vetted by someone with an accurate and up-to-date view of the entire network. Often new equipment is ordered locally and the replaced kit not re-used or returned to the supplier to benefit from any buy-back offers.
Understand your network
Alan McGibbon, director, Scalable Networks
The first thing that many companies do when a network performance problem occurs is just throw bandwidth at it. Faster routers and switches are installed in the hope of increasing network performance. However, the underlying problem remains. How often does the classic user complaint "The network is slow" really get investigated? Do IT departments know where the growth intraffic is coming from? Where are the network bottlenecks?
Rigorous analysis of the network should be regularly carried out to answer these questions, especially when budgets are tight. It is only when existing network faults and error logs have been properly investigated can IT staff see whether the network is being used as well as it could be, and what actions can be taken to increase efficiency. The results of such investigations can eliminate the need for upgrades altogether.
Install mixed technology networks
Grant Notman, UK general manager, RAD Data Communications
Two years ago, UK carriers made plans to establish single technology networks, for example by replacing all their Synchronous Digital Hierarchy equipment with new IP equipment. Now the market has crashed, the carriers that are still in business are running out of funds to accomplish their grand plans. Instead, they are left with half migrated networks, or mixed technology solutions. However, these hybrid networks can be put to good use if carriers sell the right parts to companies that need them, instead of trying to sell the same solutions to everyone.
The same principle applies to corporate networks. If network managers concentrate on providing a service to their users, they will find that it is possible to provide high service levels over a mixed network with a careful selection of hardware, rather than using a one-size-fits-all approach.