Document your network

Document your network

Over the weekend, I had an interesting experience. Normally, I don’t go into my office then, which is across the street from my apartment. But yesterday the cable guy was coming to try to fix my Internet connection. During the past week my cable modem would suddenly “forget” its connection. It was odd because all the idiot lights were solidly illuminated. There seemed to be no physical event that was associated with the break. After I power cycled the modem my connection would come back up.

I was lucky: I got a very knowledgeable cable guy, and he worked hard to figure out my issue. I will save you a lot of the description here and just tell you that he ended up replacing a video splitter that was causing my connection to drop. Cable Internet is using a shared connection, and my problem could have multiple causes, such as a chatty neighbor or a misbehaving modem down the block. But once we replaced the splitter, I was good to go.

Now I have been in my office for several years, and indeed built it out it from unfinished space when I first moved in. I designed the cable plant and where I wanted my contractor to pull all the wires and terminate them. But that was years ago. I didn’t document any of this, or if I did have misplaced that information. But the cable tech took the time to make up for my oversight, He tracked down my misbehaving video splitter that was buried inside one of my wall plates. And that is one of the morals of this story: always be documenting your infrastructure. It costs you less to do that contemporaneously, when you are building it, then when you have to come back after the fact and try to remember where your key network parts are located or how they are configured.

Part of this story was that I was using an Evenroute IQrouter, an interesting wireless router that can optimize for latency. I was able to bring up this graph that showed me the last several minutes’ connection details so I knew it wasn’t my imagination.

Now my network is puny compared to most companies’, to be sure. But I have been in some larger businesses that don’t do any better job of keeping track of their gear. Oh the wiring closets that I have been in, let me tell you! They look more like spaghetti. For example, here I am in the offices of Checkpoint in Israel in January 2016. Granted, this was in one of their test labs but still it shouldn’t look like this (I am standing next to Ed Covert, a very smart infosec analyst) picture above.  

Compare this with how they should look. This was taken in a demonstration area at Panduit’s offices. Granted, it was set up to show how neat and organized their cabling could be.

Documentation isn’t just about making pretty color-coded cables nice and neat, although you can start there. The problem is when you have to change something, and then you need to keep track when you do. This means being diligent when you add a new piece of gear, or change your IP address range, or add a new series of protocols or applications. So many times you hear about network administrators that opened a particular port and didn’t remember to close it once the reason for the request was satisfied. Or a username which was still active months or years after the user had left the company. I had an email address on Infoworld’s server for years after I no longer wrote for them, and I tried to get it turned off to no avail.

So take the time and document everything. Otherwise you will end up like me, with a $5 part inside one of your walls that is causing you downtime and aggravation.


要查看或添加评论,请登录

David Strom的更多文章

  • Where is our national cybersecurity strategy? All over the place

    Where is our national cybersecurity strategy? All over the place

    where I talk about the goal of the White House’s cyber strategy is to make our digital ecosystem more defensible…

  • Everyone is now a software company

    Everyone is now a software company

    Several years ago I wrote, “everyone is in the software business. All of the interesting business operations are…

    1 条评论
  • Hacking 911 systems: an update

    Hacking 911 systems: an update

    It isn’t often that there is a very short trajectory from an academic research paper to reality, but when it comes to…

  • Simple steps to secure your SMB network

    Simple steps to secure your SMB network

    If you run your own small business network, chances are your security could be better. Consider these two news stories…

  • This campaign isn't like high school

    This campaign isn't like high school

    This week I had a chance to talk to some high school kids in the area. They are part of a business class that is…

  • The different worlds of digital and analog entertainment options

    The different worlds of digital and analog entertainment options

    What do the TV series House of Cards, Moneyball pitcher Chad Bradford, women’s erotica purchases, You Tube Spaces and…

  • What, me worry (about my emails)?

    What, me worry (about my emails)?

    I never thought I would see the day where executives and major public figures would be proud of their techno-luddite…

    1 条评论
  • The debate between privacy and security

    The debate between privacy and security

    It seems as if we are headed for a showdown between privacy and security. I don’t think I have seen a time where there…

    5 条评论
  • When searching for yourself isn’t just for vanity

    When searching for yourself isn’t just for vanity

    How often do you search for yourself or your own business? This isn’t an idle curiosity, and it isn’t just because we…

  • Better cybersecurity training through gaming

    Better cybersecurity training through gaming

    I came across a report entitled Video Games as a Training Tool to Prepare the Next Generation of Cyber Warriors by the…

社区洞察

其他会员也浏览了