By Mike Mullins
In small to midsize companies, the administrator in charge of managing the network is also usually the person responsible for securing the network. As such, the individual disciplines of security management and network management have begun to converge into the broader field of network operations.
Network management tools are abundant and expensive, but more administrators are beginning to realize the value of using these tools to also ramp up security. However, using network management tools for security is a new concept to most vendors.
Most management tools do an excellent job of keeping track of your network interfaces, server processes, and network statistics. But you can get the maximum benefit from network management tools by selecting the right tool and using it to keep your network secure.
Know what you're looking for
When researching network management tools, keep in mind that the best tools have three key features.
Find the right tool
At one point or another, I've used several of the most well-known tools, including HP OpenView, SolarWinds Network Management Toolset, and Cisco Network Management Toolkit. While these are all viable choices, I recommend using Aprisma's SPECTRUM suite of solutions.
SPECTRUM offers a simple OneClick interface that's Web-based and customizable for a variety of users. With SPECTRUM, you can build a normal traffic pattern for your network, deliver a variety of reports on that traffic, and receive notification when something out of the ordinary occurs.
In addition, the information that the SPECTRUM interface delivers is meaningful. It allows you to drill down to the problem and find a quick solution.
For example, a company recently called me in to troubleshoot a performance problem on a network. Using SPECTRUM, I was able to quickly discover that virus activity was consuming most of the bandwidth.
This was a large network, but SPECTRUM was able to identify the MAC address of the infected machine and shut off the switch port. Once SPECTRUM recognized that the traffic pattern wasn't normal, I was able to use the built-in event correlation tool to stop a virus from infecting the entire enterprise and beyond.
In today's corporate environments, budgets and personnel remain highly constrained. If your network management tool doesn't recognize what's normal for your network, it's time to find another tool.
Whatever network management tool you choose for your organization, it must also be able to deliver security management. Select the right dual-use network management tool, and you'll have more time to devote to securing your network.
Mike Mullins has served as a database administrator and assistant network administrator for the U.S. Secret Service. He is a Network Security Administrator for the Defense Information Systems Agency.