Loading...

Tech Talk Live Blog

The Blind Shall See

Roy Hoover


Visibility – Look at the advertisement for any network monitoring product and you will find visibility as a feature of the product. Dictionary.com defines visibility as “the state or fact of being visible.” They define visible as “that can be seen; perceptible to the eye.”

If you are responsible for operating a network into which you have no visibility, stop reading right here and go fix that. When managing something – anything – you need visibility into it. Network devices usually have some visible indicators on them about what they are doing. Those can be very useful when troubleshooting certain problems. On networks with more than one or two switches in them, you need more information than can be conveyed by LEDs on the box.

You need to see how the SYSTEM is working. Network management tools can collect data from various devices and allow you to see how they interact with each other. Tools like Wireshark allow you to see the data flows down to the last bit. (pun intended) That level of detail is great when you need it, but it is a distraction when you do not.

On the continuum between “no information” and “all the bits,” there are a variety of ways to look at what is happening in your network. A basic network monitoring system might show you the interfaces on your devices and how much data is traversing them and various kinds of errors on the physical interface. Some systems may add additional detail, such as what protocols are used on the connection. Both of these are quite typical of network monitoring products. Sometimes even more detail is needed in order to visualize what is flowing through your network.

That is where systems that will extract URL information, or other upper level protocol details, come into play. Typically, you will find this type of reporting from a URL filtering or firewall product. In many cases, you can run this type of report by user, time period, or other criteria. Some systems even allow encrypted traffic to be decrypted to permit this information to be extracted.

Network managers should not be surprised by any of these monitoring solutions. We use many of them already, even if you do not use all these tools, and vendors have certainly been trying to sell them to us. Though some systems we manage have notably poor monitoring capabilities.

Telephone systems – How many channels do you use in your PRI circuit? How about POTS line utilization? You can probably pay your carrier to do a Busy Hour study to get this information for you, but it generally is not readily available from the equipment that processes these connections. This is a frustration point for me. This may improve over time, but I do not think it will ever get to the level of visibility that we have today on networks. After all, that lack of insight helps carriers sell more service. The telephone manager wants to make sure they have sufficient capacity to handle calls. Without good data, they buy more capacity than they really need, and without usage data to see that the second PRI never gets used, for instance, they just keep paying for it month after month.

Mobile data – Many schools provide MiFi devices to staff or administrators in order to ensure that they will have access to the Internet at all times. These are great solutions, but what visibility do you as the network manager have to them? At the end of the billing cycle you may see a bill that has chunks of data with a timestamp. Perhaps you get access to a carrier portal that allows you to run reports where you get to control the time interval, but you still see no detail on the URLs that were accessed, detailed time of day information, or even any information about the users connecting to the MiFis.

How do you ensure that the device was CIPA compliant when you cannot manage it? How would you even know if it was being used appropriately when you cannot see how it was used? The carrier solution to solve this issue is to use a custom APN. The APN (Access Point Name) would be configured to route all traffic from that MiFi to your network where you can apply your policy to it and monitor it just like you do for traffic originating on your network.

Custom APNs can be a great solution but they add complexity and more stuff for you to manage. IU13 has recently begun using a product called Kajeet for our MiFi devices that offers the visibility and manageability that we desire without adding the complexity of an APN to our network.

Kajeet uses their own APN to force the traffic through their network. They then apply URL filtering and a suite of monitoring and management functions all accessible through their portal. This is the first “visible” and “manageable” MiFi solution I have seen. I think it is a great solution to gain visibility, and manageability into MiFis. My only question is why don’t the carriers offer those features as part of the service they sell?

I suppose that retrofitting monitoring and management functions into existing systems is cost prohibitive. Additionally, when those functions are not your core business, or even worse, when they erode your core business, then they will never see the light of day.

Only when network managers begin demanding visibility features in products and services before purchasing them, will the sellers of those products and services see that visibility is good for them too.

Tech Talk Live Blog Comment Guidelines:

One of our main goals at Tech Talk Live is to build a community. It is our hope that this blog can be a forum for discussion around our content. We see commenting as an integral part of this community. It allows everyone to participate, contribute, connect, and share relevant personal experience that adds value to the conversation. Respect counts. We believe you can disagree without being disagreeable. Please refrain from personal attacks, name calling, libel/defamation, hate speech, discriminatory or obscene/profane language, etc. Comments should keep to the topic at hand, and not be promotional or commercial in nature. Please do not link to personal blog posts, websites, or social media accounts that are irrelevant to the conversation. This is considered self-promotion. We welcome links that help further the conversation and reserve the right to delete those we deem unnecessary. The appearance of external links on this site does not constitute official endorsement on behalf of Tech Talk Live or Lancaster-Lebanon Intermediate Unit 13. You are solely responsible for the content that you post – please use your best judgment. We reserve the right to remove posts that do not follow these guidelines.

Leave a Reply

Your email address will not be published. Required fields are marked *

CONTACT

Tech Talk Live is the only conference of its kind in the region specifically designed for IT pros in education.


techtalklive@iu13.org
1020 New Holland Avenue, Lancaster, PA 17601

(717) 606-1770