Blog   »   Go Office Network Healthy

By administrator Site Admin at 2:03 pm

You wouldn't enter a marathon race with a flu, cold or pneumonia, would you? You only need healthy, well exercised legs for a race, right?

Seem like questions unrelated to your business, but are they?

Your Office Network is like an organism. It lacks feelings, but apart from that, it needs healthy and strong backbone to operate, it requires good (muscle) structure and ability to process information (food) properly, in order to perform well and achieve the goals you place in front of it (action). It needs a good, strong logic (heart) with no obstacles in order to do all this in timely manner. From time to time, it needs a "doctor" but like in life, it's better to have a "personal trainer" at all times than to go to the doctor frequently.

When translated to "computer language", we could state that the following conditions need to be met in order to have a well organized, transparent IT / network operating in your office:

Your office network deployment needs to be carefully planned out, properly documented to the finest detail.
This is achieved by understanding your application needs, stating your needs in plain language to your system administrator / implementer.

This is also referred to as "full documentation".
Your network implementer (person or a company) needs to document every need in plain language and also in language other implementers will understand. For instance, if your need is "to remotely access web mail on a system located in my office, in a secure manner", implementer will need to document this, but also his instructions / findings in a manner similar or equal to "SSL, port 443 needs to be forwarded all the way to OWA portal hosting server in the office".
Administrative accounts and passwords need to be documented properly and completely. What they are used for, what is the userID, what's the password, who has and who needs access to this data and why.

Your office administrator needs to keep a copy of this document in a safe place and access to it needs to be controlled on a "as needed" basis. You can keep this document on your Intranet portal as well, as long as you have per-user defined access to your portal.

This is very important. Your network, even though it may consist of nothing more than a single router and few PCs on your wired and/or wireless network - your network is relatively complex, and this complexity needs to be documented properly and understood to some point by office users / understood completely by your administrator(s).

All devices on your network share the resources on such network and they will at some point compete for these resources. You either need to understand the challenges of this setup or have what's called compensating controls for this problem. We have discussed and pictured some of these scenarios and have documented few network map examples on this page:

We will try do define some, very basic but core components of your network and as the list grows, this will hopefully help you, the business owner - understand how complex your network actually is.
Your network will, depending on its complexity. number of devices and services, consist of the following resources, equally important in order for your network to function properly:

1. Internet Access, consisting of
- Internet Service Provider (ISP)
- Internet-facing router (usually provided by your ISP)
- Acceptable speed and quality of Internet access
- Your ability to manage the Internet-facing router and (if applicable) modem/gateway

2. Internal Network

- Managed or non-managed network devices such as switches and internal routers (if applicable)
- Proper cabling, no loose connections, no cut cables, no cross-connected cabling anywhere in the office
- network-attached devices, such as scanners, printers, various terminals and full understanding of the way they are connected and what services they require to operate properly


3. Wireless Network (optional)
This is where it can get complicated. It is important to understand that various "guest networks" connected to your ISP will inevitably slow down your own office users and services when they need resources, and this guest network must be properly shaped, and it should have the lowest importance defined on your QOS device. This wireless network needs to be properly set up, "firewalled off" from your main network and protected from intrusion. There are few basic ways to make sure these controls are in place - feel free to visit our blog periodically for articles on how to achieve this.

4. Network Health monitoring and management
It is important to understand that competition for resources on your network is not transparent to users and it may, and more likely will - affect them in various ways. If you have "fast internet", whatever that may be, but for instance have users who are constantly sharing files via the Internet (DropBox or similar service, sharing via Skype, Rapid Share etc)... your network management hardware may experience issues when assigning resources to your office systems. Routers offering managed QOS may be required.
If you have a VoIP system in your office, you will have to have a device offering solid QOS management on the core of your network - managing absolutely all of the Internet traffic.

You must have the ability to periodically check the quality of your network setup, rather than to have to hire someone to do it for you as this may get expensive, even with a T&M only approach.
It is extremely important that you do not have any rogue or manually configured devices on your network, unless (the latter ones) are not properly configured and this is fully documented.
Another item that needs to be kept close to your heart is awareness of how important the AntiVirus protection is not only for protection of your data but also protection of your network and Internet access speeds and quality. Having an AntiVirus solution on your network is a discussion for a different topic, but let's mention here that a single virus can "tack" your network devices and even publish (unwanted) data on the Internet, slowing down all of the devices on your network to a screeching halt.

5. Internal Network services
Depending on your network's complexity, it will more than likely have a device on your internal network in charge of the following services:
- DHCP service - in plain English - this is service that assigns IP addresses to your systems and network devices(this is usually a server, but on smaller networks could be your router)
- DNS (usually a server - Domain Controller or, on smaller networks - your router)
- WINS (this is more or less not used on newer networks)
- QOS device (in most cases, this will be either your router (Cisco or similar) or a server called ISA)

6. External Network services
- Registrar and access to your registrar (place or website used to register your domain name)
- Web Site Hosting (this could also be a server on your internal network, but having this service outside of your network is highly desirable)
- External DNS management (could be your registrar as well) - a place where you manage your domain's "A", "MX" records etc.
- Backup DNS, backup MX etc (optional) - this is usually a service offered by a third party provider (SRBN is one of those), and it helps you secure your e-mails and makes sure they are delivered even if your network goes down for some reason

7. Network Policies and enforcement of policies
If you are struggling for bandwidth, have the services that demand prioritization and have strict network access policies, you need to make sure these policies are enforced and there are no "above the law" users. Don't forget that your network is not only used by your office users but also by those who are accessing all of it or only some aspects of it remotely.
A good Internet access policy is relatively easy to create and may represent a difference between having sufficient Internet access speeds with services that cost as little as 100$ per month... or being faced with a situation where you simply cannot get enough throughput with your ISP regardless of how beefy your Internet connection is.

8. Other
Your network can be more complex than what is described above, and this all depends on your needs, availability of multiple ISPs (if applicable), and number of systems you have on your network.

Once you have a network that is well-documented, flow that is understandable and compensating controls in place for when things go wrong, you are ready to enjoy the true transparency of IT services. The more time you spend on planning and preparing - the less time and money you'll have to spend on maintenance, support calls etc.
Your network is only as good as the weakest link on the network itself, and that weakest link is always... you're guessing - human. Once you have what we refer to as "solid network", it needs to be managed, devices backed up, backup schedules made in accordance with schedules of other network attached devices and so on and so forth.

SRBN can help you with all aspects discussed here and much, much more. Give us a call or send an e-mail for more info by clicking on "contacts" above.