A computer network is the backbone of any organization. All the business operations are heavily dependent on the company’s intranet. Because of heavy reliance and growing concerns of cyber security, enterprises need to constantly monitor and maintain their networks. It is the job of a network administrator to ensure all the networking equipment are working correctly. He is responsible for aligning business operations with maintenance operations. He must ensure that a minor failure does not result in serious downtime.
Organizations retain and hire new network administrators to optimize existing systems and increase productivity. The following points describe the best practices and important terms that a network administrator should be aware of. They will also help you become a good network administrator, and business owners can ensure their network admins are up to date with the technology.
How would you detect failure of an interface card at a host or a router?
With network management tools, a router or a host may report to the admin system that one of its interfaces has gone down. To ensure that each NIC (Network Interface Card) in the group functions properly, the tool will probe all the target devices separately. If there are no replies to the consecutive probes (let’s say 5), the network management tool should consider the interface as failed and notify the administrator.
What is a good resource utilization strategy?
Monitoring the source-to-destination traffic patterns can help in identifying the areas of optimization. Like, by monitoring link utilization, the administrator can determine that a LAN segment is overloaded. He can either decide to divert the traffic to a multi LAN segment or request a higher-bandwidth link before the congestion becomes serious.
What is the necessity of monitoring SLAs?
Service Level Agreements (SLAs) are contracts between you and your vendor. It includes specific performance metrics that the vendor promises to deliver with his equipment. These matrices include service availability, throughput, latency, security, and notification requirements. Measuring and managing performance will is a very important task of the network administrator. The network administrator must ensure that the infrastructural network is stable even at peak performances and all the other matrices are satisfied as per vendor specifications.
What are intrusion detection methods and tools?
There are two methods of detecting network intrusion:
Signature-based intrusion detection works by analyzing data that is associated with intrusion attempt, for specific patterns. It compares data with signature patterns (byte combinations) to identify attempts. But they only cover signatures that are already in the search database.
Anomaly-based intrusion detection provides a better protection against the new type of attacks. These methods look for anomalies in the network. For instance, they would detect an anomaly if someone tried to send false parameters with the URL.
Any intrusion detection tool should use a combination of both the methods for the best protection. Some of the latest intrusion detection tools are:
- OSSEC (Open Source Security) is the leading open-source host intrusion detection tool
- Snort is the industry leader in network intrusion detection
- Bro Network Security Monitor
- Sagan, a host-based intrusion detection system
What are ISO defined areas of network management?
Key requirements that a network management system should satisfy:
- Performance management: Monitoring the performance of the communicating entities to ensure the efficiency of the current network
- Security management: Tasks associated with network and server security that includes user authentication, encryption, and intrusion detection to reduce the risks of data breaches.
- Fault management: Includes detection, isolation, and restoration of failed components. Care must be taken to ensure that every single component is working in perfect order.
- Accounting management: Accounting management allows the network manager to specify, and control user and device access to network resources. Though this is not applicable to all the companies, in many organizations, IT department and individual user accounts are charged for the use of network services.
- Configuration management: Concerned with initializing a network, monitoring system configuration information, and adding & updating the interacting components.
What are SMI, SNMP, and MIB?
Structure of Management Information (SMI):
SMI protocol is basically used to standardize the different object attributes like object Identifiers, type, and encoding methods. It provides the basic format and hierarchy of management data but does not describe the objects that can be managed.
Simple Network Management Protocol (SNMP):
It is an application layer, client-server protocol, specifically designed for Network management/monitoring purpose.
Management Information Base (MIB)
MIB is a database for managing entities in the network. It enables representation of device parameters in a standard format.
Demand for network professionals is going strong. They need someone who could implement new networking and communications technologies to give them a competitive advantage. They are looking for someone who is trained and certified as a network administrator to secure and optimize their IT infrastructure. Therefore, it is an ideal time to begin or advance your network administration career by answering these best practices.