Troubleshooting as a Design Consideration

Previous chapters touched upon the concept of troubleshooting as a design consideration, but it certainly warrants additional space. Many designers omit this crucial step in developing their designs.

Consider a fairly simple need in the operation of a network—change windows and outages. These concepts address the fact that changes will be needed in the network in order to meet evolving business needs. However, these changes may conflict with uptime requirements of another business application.

The network architect can plan for these issues with a thorough under-standing of the business and a well-planned outage schedule. Perhaps the backup system requires connectivity to the mainframe in order to operate. The designer can use this information to isolate this system from the rest of the installation. When the mainframe technicians schedule an IPL (Initial Program Load), the backup system and the network can be repaired and upgraded as well—users cannot access the down system, making this a logical window for troubleshooting. Using this tactic, the entire network can be mapped to provide the best upgrade schedule with the minimum overlap.

Internet Network Design

No computing book today would be complete without a section on the Internet. Perhaps no other single event has so quickly combined the technical and nontechnical worlds, and as presented in Chapter 11and embellished here, perhaps nothing is more important to the successful use of the Internet than security.

The importance of linking business needs to the technology available has been presented throughout this text. This is especially true for the Internet, although unique issues arise when planning for this medium.

The scope of Internet connectivity in companies today ranges from basic e-mail services through multi-homed, e-commerce solutions. Each of these connections requires different levels of security, access, performance, and technical skill to operate successfully.

Designers typically focus on the security aspects of Internet connectivity, and while this is a significant area of concern, it is an incomplete attitude. Installing a firewall does not encompass a security solution.

A recent successful hacking event, an event made possible by a ZDNet publication using a specially established network, made use of a minor CGI (Common Gateway Interface) bug and knowledge of Unix to completely bypass the company’s firewall and the front-end access lists. The attack was really performed at the application layer—the routers and firewalls were not attacked or disabled in order to grant the hacker access to the server. This attack resulted in only a modified home page on a Web server; however, in other installations, the damage could have easily included corrupted database files and the loss of market share resulting from the bad publicity. The issue, as a Cisco employee states, is not whether you’re paranoid, but rather whether you’re paranoid enough. It is easy to take this attitude to an extreme—the reality is that attacks on corporate data can occur even without access to the Internet. Consider the impact on the company when the CFO’s notebook containing all the financial data and strategic plans for the corporation is stolen. It happens.

For the network designer, it is impractical to think that the network can provide all the security necessary for a corporation, including its Internet connectivity. Too many additional factors must work together in order to achieve security. However, the network design can work to augment an overall security plan. Consider the following factors in your designs:

•  Every security mechanism must be auditable by a third party.

•  Access lists can provide a good front-line defense, but attention should also be given to network performance.

•  Firewalls and bastion hosts certainly help to provide data security, but they must be well understood by administrators.

•  Depending on the reference cited, up to 90 percent of attacks originate from inside the network, effectively bypassing most firewall installations.

•  Auditing is perhaps the single most important function of a network security solution.

•  Designers and administrators should attack their own networks with the knowledge of management. It is even better to have cooperative tests with another organization or with a third party.

•  Network administrators must stay informed on the latest patches, programs, and attack methodologies.

•  Designers must secure SNMP on every device in the network.

In addition to the network processes, designers should work with administration and other departments to provide the best security solution. This will frequently include scanning for viruses, controlling passwords, and using diskless workstations and encryption.

Companies frequently rush to deploy new services for customers that may compromise the best security models. One of these services is the self-service kiosk, a terminal that is available to customers in a business office or remote location. These devices frequently compare with automated teller machines, although their functionality is often much greater. They can pose a substantial security threat when placed on the same network as the corporate workers—an event that occurs regularly. Most companies rely on physical security to protect their computer systems—it should be difficult to walk into an organization and start entering data on a networked computer. Consider the impact of a hacker using a locally connected machine to launch an attack or placing a protocol analyzer on the segment—passwords and other data could easily be compromised. Another risk is the potential for questionable material to be loaded onto the kiosk machine—an adult Web site, for example. The public relations impact of this prank alone could be very damaging to the company.

The kiosk concept makes such attacks even simpler. Many companies have rushed to deploy these solutions and have used the standard workstation software image (software configuration loaded to all machines in the enterprise)—the one with the populated hosts file—in deployment. As noted previously, some companies have even placed these stations on the same network segment as regular production traffic with no security whatsoever.

Fortunately, the majority of readers already realize just how dangerous this design can be. It thus becomes the job of the designer to understand the business needs and then educate the business on the risks that it is facing.

Wireless Network Design

Anumber of wireless solutions are available to the network designer, including those based on the 802.11 standard. These solutions range from infrared links with handheld devices and notebooks all the way to OC-3-capable laser and microwave solutions.

At the low end, the network designer typically does not consider infrared links and other low-bandwidth solutions as part of the design. Usually, these services are deployed at the workgroup level.

At mid-tier, the network designer may use wireless solutions that include PCS (personal communications system—similar to but different than cellular), cellular, and radio. The network architect will frequently need to provide connectivity and security in these installations. In many corporations, these solutions are deployed in isolated networks that do not involve the production network. However, administrators are well advised to get involved early in these projects—ultimately these networks may connect to the primary network.