What is a computer network?
A computer network includes a group of computers and other devices physically interconnected or interconnected via radio waves in order to exchange information.
Thanks to a corporate computer network, employees can share data and applications, secure these data and applications and can communicate and access to Internet.
How to handle a computer network ?To manage a computer network supposes to know this network perfectly, this in order to optimize the network and prioritize business flows.
- To know the network: when flow monitoring boxes are installed, the real use of the computer network is revealed and often astonishing. It is common to have unknown or forgotten business applications piling up. But above all, volumes are usually badly spread. Internet, messaging and files exchange represent more than 90% of flows. Business applications and technical flows such as DNS or SNMP are suffocating under this 90%;
- To optimize the network: most voluminous or most talkative flows can be optimized in order to be more rapidly transmitted. One must know that optimization varies from one application to another and sometimes from one enterprise to another, each having a special use of its applications. Thus, various optimization processes exist and work together: compression, cache, protocole optimization, etc… Still, even if optimization delays network saturation, saturation will eventually come and then it is prioritization of the flows that will assure end-users a satisfactory experience;
- To prioritize the flows of network: once inventory of applications present on network is done, applications can be classified in 3 or 4 priority levels and each application can be assigned some performance and Quality of Service objectives. Most bulky applications are generally labelled with low priority. Thus, some bandwidth is freed for key flows. It is even more relevant to identify business Internet flows (i.e. all SaaS applications) among gross Internet flows (from videos to travel ads through social networks and web messaging). Prioritization is used only when computer network is overloaded, it is then that this solution is really useful.
Application and network performanceThe way information is exchanged between the different entities composing a computer network, determines the efficiency of the network. Indeed, if exchanges take too long, end-users will be unhappy and this may be risky for the enterprise. Thus, it is essential to optimize and manage the performance of your network to make it satisfactory.
Application and network performance
The way information is exchanged between the various entities forming a computer network determines how the network performs. Indeed, if exchanges of flows take too long, end-users might be unhappy and this can endanger the enterprise in the future. So it is essential to optimize and control the performance of your network for it to be satisfactory.
Flow compressionTo increase network performance, it is also possible to implement the compression of the network flows. Being more compact, flows will consume less resources and will allow more performance and better capacities.
Flow prioritizationTo identify all flows crossing on the network in order to define special objectives (priority and bandwidth), to render flows going through the network, compatible with decided targets. The best functioning of the production will then be guaranteed, even in the case of network congestion because business flows will be prioritized. QoS is dynamic, the calculation of bandwidth and priorities is done real time.
Flow accelerationOriginally, network protocols have been created for LAN and not for WAN. Protocols were not optimized for WAN constraints, especially when it came to transit time. Acceleration is a solution to this problem. For instance, CIFS Common Internet File System, are optimized by reducing the time of transfer onto the network by applying a cache solution locally and/or by anticipating end-users requests.
QoSQoS, is the acronym of Quality of Service. It is the name for the management and flow control of a computer network. An enterprise computer network is shared between several applications at the same time. QoS intervenes for the applications to work at their best together within the network. So QoS is a solution aiming to measure and control in real time network flows transiting on customer’s infrastructure. Watching flows allows to measure them and alter them in order to improve application performance and end-user experience. QoS tools may be interfaced with tools of alarming, monitoring, reporting and this, in order to get a global visibility of the network and to get measure indicators.
QoEQuality of Experience, acronym QoE means quality of end-user experience. QoE concerns all types of service: QoE measures objectively the quality of service sensed by an end-user when he/she phones someone, uses an application, watches a video or downloads a web page for instance. Malfunctioning of the service leads to a decrease in satisfaction from users. Users might then abandon the service. Hence, it is essential to measure the quality of experience in order to control service performance. QoE is the measure of response time and the measure of conformity between what the user asked for and what is displayed on the screen. Whatever the number and types of network crossed by the delivered information, what counts is to obtain a qualitative measure and not a technical one. Metrics obtained allow to detect proactively any deterioration of service level. Technical corrective actions may them be implemented in order to restore performance on customer’s infrastructure.
What is the use of network security?
To assure the security of a network, it is important to get protected against potential attacks. Such attacks aim to fragilize the security of network information, so one must rely on a security service able to increase the security of data process and data exchange, linked to a range of security mecanisms. These mecanisms are meant to detect, warn and fight against attacks on the computer network.
FirewallsA firewall is a system permitting to protect a network by implementing parts of the security policy. Firewalls act as an intermediary between the local network and external networks. Pre-defined rules of a firewall system allow, stop or reject some connections with a filtering process. A Firewall is a crucial piece of equipment. It guarantees the security of the computer networks.
AntivirusAntivirus is used to detect, neutralize and eliminate malwares. The antivirus software screens all stored files on the computer, the computer’s RAM, connected removable media, and even data transiting on networks the computer is connected to.
Anti-spamAnti-spam softwares, as the name implies, is meant to protect its user from spams (spam being an unsollicited email).
IDS / IPSIntrusion Detection and Protection Systems (IDS / IPS) detect or stop intrusions on computer network; intrusions such as denial of service. They also detect wealenesses and stop threats on the network infrastructure (unpatched systems).
Web filteringWith web filtering systems, access to some websites thought dangerous, can be limited. Thus, the computer network is secured. Web filtering may also limit leisure usage of the Internet.
UTMAmong the numerous functions that make up a Unified Threat Management, in addition to the usual firewall, an anti-spam filtering function is present together with an antivirus, an intrusion detection and prevention system (IDS and IPS). A filtering function for application contents is also present (application firewall, web filtering). All these functions are gathered in the same device. The device is usually called an appliance.
How to protect your network ...To protect and secure a computer network, more than one solution exists and different solutions can be combined. To start with, it is essential to implement a security policy. Security policy is managed by the Information Systems Security Manager (ISSM). As a second step, the ISSM can organize data, defining user rights (who may access to what). The ISSM is also in charge of educating users teaching them good practice such as to have a really secured password, to not click on spams, to avoid listed websites, etc… Still, the above actions are not sufficient and the ISSM must also install protection tools (UTM, firewall, anti-virus, anti-spam as well as a web filtering system, all this for best security).
Risks relating to network ...When security of your enterprise network is threathened, your data is exposed and vulnerable. Indeed, your data might be stolen (including confidential data) but worse: it can be altered or rendered unavailable.
Network threatsA computer network might be endangered by external threats. Indeed competitors or pirates with financial or political interest might wish to enter your business network. The network might also be infected by a virus harming network functioning. However threatening does not only come from outside. Network security might well be threatened, by internal means for example, by a visitor or an ill-intentioned employee.
There are many types of computer networks. Each type has advantages and inconveniences however all are not suited for the same use.
Wifi (Wirefless Fidelity), gathers different protocols used for wireless communication through radio waves. These protocols are ruled under the IEEE 802.11 standards group. This type of connection is used on various computing devices such as computers, printers, internet boxes or game consoles. How far the device reaches varies from several tens to several hundreds of metres. Nowadays, nearly all devices can be Wifi connected.
LAN network (Local Area Network), includes a group of computers belonging to the same organization and interconnected through a network in a small area. Local network is thus the most basic form of network and can be composed of several hundreds of computers. There are two types of functioning for LAN networks:
- In a peer to peer environment, that is where each computer plays a similar role;
- In a customer/server environment where a central computer supplies network services to other users.
WAN network (Wide Area Network), is a regional or extended network. This type of computer network is generally composed of several sub-networks (LAN) and covers a large geographical area such as a country or a continent. The type of network links between locations and the technologies used, determine the allowed bandwidth on a WAN. Some routers allow to choose the most adapted route to reach a network node. The most famous and the biggest WAN network is the Internet network.
MultiProtocol Label Switching, MPLS, works by label switched paths. Labels are assigned at the threshold of the network and are then taken off at the exit. This type of switching is used on large computer networks.
A network is called hybrid when MPLS (MultiProtocol Label Switching) and VPN (Virtual Private Network) Internet, are mixed. It is an excellent alternative as this type of network is cheaper thanks to the reasonable cost of VPN. Moreover a hybrid network gives local access to public Internet.
Supervision or network monitoring is a surveillance activity watching network performance. For a network to work at its best a technical assistance such as our NOC (for Network Operation Center) is set up and this service watches the functioning of servers, systems, applications and network equipment. Monitoring employees of the NOC use special softwares of different sophistication levels. These softwares detect incidents on the network in order to solve the problems as quickly as possible. Technical teams are warned of any abnormalities by an alert even before customer realizes the problem. Thus, the supervision system allows you to be proactive and to guarantee an excellent quality of service.
Network steering is complementary to monitoring services. Steering means an assistance that the operation center in charge of network management may provide to its clients when clients notice themselves something abnormal on the enterprise network. Thus, it is not a proactive system but one repairing incidents. The Technical team must then pilot an action plan in order to solve on a long-term basis the problem.
Provisioning is about equiping computer hardware and software with correct programs to ensure they work effectively. For example, in the case of a Virtual Machine (VM), the machine is created, an operating system is installed, monitoring and back up are implemented, and so on until the VM is ready to be used. The whole process is used to determine the provisioning requirements of the VM.
In the context of the cloud, self-provisoning can be an option, whereby users can launch the process themselves, as soon as they have validated their purchase order; the process can then run smoothly.
KPIs (Key Performance Indicators) are used to define factors considered to evaluate the efficiency of the network. Such indicators allow the measurement off the efficiency of some parameters and are used at different levels from analysis to monitoring.
Hosting in Datacenter
The equipment that makes up the information system of a company is hosted in a Datacenter. This location can belong to the enterprise or can be external. Datacenters can be operated by suppliers such as e-Qual. This type of infrastructure must comply with severe constraints related to the datacenter environment and security. Indeed, the equipment and data hosted are sensitive and crucial for their owners. Therefore, some very high levels of security and service must be maintained in a Datacenter. Hence datacenters are extremely well protected against intruders, bad weather and other hostile conditions: video surveillance, access control, security service, fire alarm system and automatic fire extinction, air conditioning, dust control, emergency power supply, all is done to assure data protection.