There are a number of elements to managing networks:
What is Network Management, and why is it needed?
Network Activities
- Log and Event Management
- Network Performance Management
- Network Administration
Log and Event Management
Modern managed Automation networks keep a watchful eye on virtually everything going on across the network. The only question is “Are you listening?” Effective listening requires investment in a few key log and event management tools that make sense of what can be significant amounts of event-based data. An event could be a notification that someone has logged into a device’s management interface or that a firewall has dropped data that falls outside of a policy. Out of the box, these alerts will be stored locally on the device, tagged with the time stamp from the respective device. The issue here is that unless time is synchronised, all the device internal clocks will be different, so identifying what happened first will be virtually impossible. Also, the process of connecting to each device is extremely time-consuming. There is a better way! Implementing a central Network Time Protocol (NTP) Server will synchronise all devices to the same time. Implementing a central logging ‘SYSLOG’ server and pointing all devices to this server will bring all events back to a single point, making the information hugely more valuable and insightful. With events time-synchronised and centrally captured, the second stage is classification, interpretation, and remediation. This requires investment, skills and competence. The investment is in the software that processes and presents the data; this can be anything from a simple event viewer to a complex and feature-rich Security Information and Event Management System (SIEM). The latter is extremely powerful and a central component of a network automation strategy; IT4A believe SIEM is a fundamental component of a large Automation network. Once events are classified and prioritised, skills and competence are required to interpret and, as necessary, remediate the issue.
Network Performance Management
In addition to generating messages when events occur, managed network devices collect information using the Simple Network Management Protocol (SNMP) that describes a multitude of performance characteristics. Whilst product-dependent, this information will include interface errors, packet drops, link utilisation, etc. SNMP management can either be vendor-based or, as SNMP is a standard, non-vendor specific. A SIEM can combine data from various sources to provide greater insight into what is going on within a network. The SIEM is a specialist software environment that requires significant configuration to maximise its benefit.
Administration
Finally, there is the administration element that simplifies and automates some of the more routine activities, such as backup and restore, firmware updates, and multi-device configuration. These tools are generally vendor-specific.
GET IN TOUCH FOR ALL YOUR AUTOMATION NETWORKING, CYBER-SECURITY, & PROTECTIVE MONITORING REQUIREMENTS
Automation networks rely upon five key technology areas:
“I can honestly say that with IT4A working alongside us we assembled the right team and managed to achieve all our goals successfully”
Nuclear Sector, Project Manager