Liar, liar, pings on fire: Getting the truth out of your network

by Leon Adato, Head Geek, SolarWinds

In general, IT professionals don't tend to be existentialists. Make a claim like, “There is no one truth,” and we'll bring to bear enough data, expertise, and inductive reasoning to quickly scupper the subjectivity of any matter. The world of IT, after all, rests on binary logic: there are no in-betweens, nor can we afford there to be.

IT’s truth is this: bad input equals bad output. If you don't receive the entire truth about your network’s performance, your datacentre’s server configuration, or the applications your users are running, you can only make suboptimal decisions. In today's increasingly outsourced IT environment, that truth eludes IT professionals with greater ease than ever before. And let's not forget that many of the untruths that IT professionals face are propagated intentionally, by unscrupulous vendors, agenda-driven executives, and employees addicted to their Facebook news feeds.

What can IT pros do to stop getting lied to? Not much. But we can stop these lies putting our networks and infrastructure at risk by bringing them into the light.

The problem of unknown unknowns

The more IT infrastructure an organisation outsources, the less its IT teams will know about how that infrastructure operates. And IT is migrating to the cloud at a phenomenal rate: SolarWinds’ recent survey found that 53 percent of Australian businesses will have half or more of their IT footprint in the cloud within three to five years. These black box as-a-service environments make it almost impossible for us to ascertain even the basics of what's going on, let alone assess what might be causing performance issues or creating potential risks. Add to that the increasing complexity of hybrid platforms and the (sometimes literal) explosion of mobile device endpoints, and IT professionals face far more obstructions to learning the truth about who's doing what on the network than ever before.

This makes lies, both intentional and by omission, even more dangerous to the integrity of the corporate network. How can you stop malware attacks if employees don't tell you about the USBs they're using on their workstations? What do you do when your latency starts spiking higher than an Olympic volleyball player, but your service provider insists the problem is at your end? Without a single reliable source of truth, we as IT professionals find ourselves powerless to solve the issues that we’re meant to fix.

The obvious response? Trust the data. However, the information that we get about our networks is often too arcane or voluminous to quickly and easily decipher, particularly when facing off against an irate manager or stubborn service provider. To find the truth and act on it, we need monitoring platforms that are at once comprehensive and simple to use.

Shine a light on the network

For a monitoring tool to be comprehensive, it must encompass the full range of networked entities that the IT team is responsible for. That often means taking an agnostic approach to handling these entities: SolarWinds Network Performance Monitor, for example, deals in elements that can be anything from a node to a volume to a CPU. That makes it far easier for IT pros to scale and adjust their scope of monitoring to match organisational changes, giving them an all-seeing eye (like Sauron’s, but less benevolent when facing security breaches), of the network at any time. Monitoring solutions should also provide depth as well as breadth: the ability to probe and drill down into element performance will help IT pros ferret out the root causes when an issue occurs. So too will the ability to monitor connections to external sources and identify the breakage points when an outage occurs.

However, even the most comprehensive monitoring platform will prove ineffective if IT pros don't find it simple to use. Intuitive user interfaces and entity groupings play a role in this, of course, but what IT teams really need is software that has the same priorities as them. In the case of Network Performance Monitor, the SolarWinds developers included a feature called Quality of Experience, which uses packet sensors that recognise traffic from more than 1,200 applications.

This sounds pretty unfriendly, except that these applications include Facebook, AWS, and a host of other common perpetrators of shadow-IT misdemeanors. If you suspect that employee social media use is jeopardising security, or that an IaaS provider isn’t being entirely honest about their service levels, you can simply target that sort of traffic and gain immediate data about what's really going on. That sort of evidence can quickly bring employees’ and service providers’ mendacity to light, putting them on notice that IT can't be tricked that easily.

And that really goes to the heart of how IT pros can get to the truth of their networks: by keeping the people interacting with them honest. Once operators and users know that IT can and will shine a light into the black box of their activities, they'll much more likely be up front in the future, and more understanding of why IT pros do the things we do. Our job, after all, is to support organisations, not constantly put ourselves in positions of conflict with them. When armed with a single platform of truth, IT pros can put the absurdist claims to one side and actually get the job done.

Tags cloud securitycloud computingIT professionalsSolarWindsPing

Show Comments