Tuesday, August 26, 2008

5 Ways to improve your network without breaking the bank

In reality, there are far more than 5 ways to easily improve your network's security and reliability, without spending hardly any money at all. I've just briefly gone over the most blatant 5 that make the biggest difference for next to no expenditure. Sure, a few office supplies might need to be sacrificed for the good of the many, and you will have to change the way you approach some problems, but read this list with an open mind. You might find it more efficient than the things you've been doing.

5) Take care of your networking cables
Nothing will kill packets with more random violence than an ethernet cable that hasn't been taken care of. Whether the culprit is a loose end, bent wires from folding it back on itself, or accidentally cutting it when you were removing plastic zip ties, the end result is that your quality degrades and packets get dropped. This can be prevented by recrimping the ends when necessary, or replacing the whole cable if need be.

4) Set your wireless power level
You probably don't work in an area that covers 100,000 square feet of space, which means that lots of the wireless signal you're sending out is being wasted. More troubling, it's much easier for the casual war driver to pick them up from the parking lot (or adjacent floors). There's just no need. Most APs support adjusting the power output from the radio. Lower the signal until you can't get it in the farthest reaches of your office, then bump it back up until you can get it again. It won't defeat someone dedicated who uses a pringles can, but it's better than nothing. Also, make sure you use WPA.

3) Optimize DNS
If I were to wildly make up numbers, I'd say that 60% of weird network errors can actually be traced back to DNS, particularly if your infrastructure has multiple DNS servers which are all manually edited then updated. It's easy to fatfinger a line in the config file, or forget to update all the servers but one, or to leave out a reverse DNS entry for a host, and with the right (or wrong) host configurations, each of these can cause seemingly random havoc on unsuspecting users. "Why is it taking to long to ssh into BoxA?". It might be a network issue, it could be a server problem, or, in my case, the reverse DNS entry COULD have an extra : in it. Solve these kinds of problems by scripting DNS changes. Do less by hand and eliminate accidental screw ups. That way you can concentrate on all the bad things which you do on purpose. This entire process of automating changes and then documenting them is called "Change Management". Look into it, it's a Good Thing(tm)

2) Monitor Bandwidth
If you've got managed switches, there's no excuse to be wasting those expensive configuration and reporting abilities. Pretty much every networking device and almost every network host has the ability to be monitored using SNMP. To ignore this potential source of pretty graphs is foolish. Get MRTG, or even better, Cacti, and get to work. Knowledge is power, and learning that what should be a small filesync is actually backing up a user's entire iPod directory, every night, helps you in many ways. Learning discretion by not hitting them with a foam bat, for one.

1) For the love of God, document!
If it's something that you could concievibly have to do again, and it took you longer than 10 seconds to figure out, document it. Document it someplace that makes sense. Put enough detail in that you can recreate your actions, or better yet, someone else can recreate your actions. The last thing you want is to get a promotion to a corner office and then have some peon come bothering you about network configurations while you should be lighting cigars with $100 bills. Document properly and this won't happen. I promise.

Thanks for listening. There are many, many simple ways of improving your network. Post some of your favorites below. If you liked the article, make sure to Digg it