In a perfect world, network management would be a breeze. On your first day of managing a new network, you’d find tons of documentation on the IT infrastructure waiting for you. Login credentials would be securely recorded and ready for review.
Sadly, we don’t live in a perfect world. That’s why managing a new network can be tough—especially if you’re joining a brand new IT team or taking on a new client and aren’t sure what’s been done before.
Network management involves setting up the network, administering it, and maintaining it by constantly troubleshooting the network and ensuring it runs smoothly and efficiently. Learning how to manage a network involves using various tools and technologies. As networks grow, it becomes increasingly important to follow networking trends that help you find that right network management tools to streamline processes and lessen the burden on the administrator.
In this article, we’ll go over foundational network management topics like network layers, different network types (LAN, PAN, WLAN, WAN, VPN), and best practices in network design. We’ll also delve into the roles of network switches, the importance of redundancy strategies, and then do a step-by-step walk-through of how to management a network.
But first, let’s start with the basics.
What is network management?
Network management is the ongoing monitoring, administration, and maintenance of any networked system of computers. That said, networks have grown beyond the desktop computer, now encompassing all manner of end devices—mobile devices, laptops, printers—and the hardware that facilitates their interaction. From design to implementation, access control, troubleshooting, to replacing equipment, to managing the end user experience, network management is a very broad set of roles and responsibilities.
How do networks work?
Generally there are seven “layers” that describe the separate ways communications take place across a network. These seven layers act as a visual map to understand what’s going on in a networking system.
What to go deeper? You may like this article: What is the OSI Model?
Different types of networks
Depending on your needs, including purpose, cost, availability, and scalability, networks come in many different arrangements. Some of most common configurations of networks include:
- Local Area Network (LAN). A LAN is a proprietary computer network that enables designated users to have exclusive access to the same system connection at a common location, always within an area of less than a mile and most often within the same building.
- Personal Area Network (PAN). A personal area network (PAN) is a short-range network topology designed for peripheral devices (usually 30ft) used by an individual. The purpose of these types of networks is to transmit data between devices without being necessarily connected to the internet.
- Wireless Local Area Network (WLAN). Similar to a LAN, connected devices on these configurations communicate over wireless (such as Wi-Fi) protocols, rather than physical connections.
- Wide Area Network (WAN). A private network over a much larger area, A WAN, or SD-WAN, allows LANs and other types of networks in different geographical regions to communicate and transmit data.
- Virtual Private Network (VPN). A virtual private network (VPN) offers users an encrypted connection between two devices that effectively hides data packets while using the internet.
These are just a few examples. Want to know more about MANs, POLANs, or SANs?
Here’s an article that provides more information: 11 Types of Networks: Understanding the Differences
Your Guide to Selling Managed Network Services
Get templates for network assessment reports, presentations, pricing & more—designed just for MSPs.
Network design best practices
Where do I Start?
Network design is the practice of planning and designing a communications network. Network design includes things like network analysis, IP addressing, hardware selection, and implementation planning. In simple networks, like those found in most homes and small offices, network design is a straightforward process. In large enterprise networks, the network design process is often very complex and involves multiple stakeholders.
No matter what approach to design you take, there are three main components to consider. While the specifics of your network design will vary based on size and complexity, this general framework can help you make the right decisions.
1. Identify the requirements
Before you begin any network design project, begin by gathering information and developing clear business and technical requirements. Without clearly defined targets, the rest of the design falls apart. Business requirements help define what you need to do. You should work closely with stakeholders when identifying business requirements.
Once you’ve detailed the business requirements, it’s time to move on to the technical/functional requirements. Example requirements include bandwidth to prevent network congestion, security requirements, network capacity, and uptime SLAs (service level agreements). When you create your requirements, don’t overlook constraints. For example, business requirements will have a budget constraint. Technical requirements may have constraints such as the need to continue supporting legacy apps.
2. Assess the current state of the network
Whatever the state of the network is, it’s important you know early in the design process. You need to assess the network’s current state before you make any specific design recommendations. At the end of this step, you should understand the network layout, performance, data flows, applications & services on the network, network security, and physical and logical layout.
3. Design your network topology
Once you know your requirements and understand the current state of your network, you can begin blocking out the functional components of your network diagram. During this step, you’ll need to consider both the physical and logical aspects of your network. At the end of this step, you should be able to create a static map of the physical and logical network you’re designing.
Tip: Don’t forget about cloud workloads and cloud networks. Your network design will need to account for on-premises and cloud data flows that require remote management.
What is PPDIO?
One of the most popular network lifecycle models is Cisco’s PPDIOO (Prepare, Plan, Design, Implement, Operate and Optimize) model:
- Prepare. This is where you define high-level requirements and strategy. For example, your deliverables from this phase may include requirements documentation and current state surveys.
- Plan. This stage deals with specific network requirements based on information gathered in the planning stages.
- Design. During the design stage, the information gathered from the previous two stages is used to create a detailed network design.
- Implement. This is where the work gets done to configure and deploy the network infrastructure. There is often testing to validate the design in this phase.
- Operate. This is the portion of the lifecycle where the network is in production use. During this stage, monitoring is an important part of validating that the network is working as designed and being able to quickly address issues when it isn’t.
- Optimize. At some point in most networks’ lifecycle, tweaks and optimizations are needed. This is the stage where those changes are identified. For major changes, the cycle begins again to plan and implement them.
There’s a lot more to know about network design and best practices. Here’s an article to help you go deeper: Network Design and Best Practices
Flat or hierarchical?
There are many different types of network designs, or topographies, that can—like network types—be employed depending on your needs or your budget.
Flat networks are a thing. Flat network design is still in use today, but is primarily reserved for very small networks, or designs looking to minimize cost by using a limited number of routers or switches.
But modern networks are increasingly turning to hierarchical designs. A hierarchical design separates a network into distinct layers, where each layer has a series of functions that define its role in the network. Because of this, a network designer can choose the optimal hardware, software, and features to take on a particular role for that network layer.
Hierarchical designs, while more expensive to implement, offer better network throughput and improved reliability.
Want to learn more? Have a look at our article: What is Hierarchical Network Design?
What are network switches?
Switches are one of the most important elements of a physical, on-premise network. Switches can actually operate at both Layer 2 and Layer 3. The recommendation on whether to use a switch at Layer 2 or Layer 3 depends in part on the size and complexity, and security requirements, of the network you’re managing:
- Is more than one VLAN required for the network?
- Does your network consist of dozens, hundreds, or thousands of users?
- Does your security policy require putting access control rules between devices on different networks, or doing deep packet inspection on traffic between networks?
- How do you plan on managing your network infrastructure?
Just what are Layer 3 switches, and are they poised to replace the common Layer 2 devices? Will Layer 3 switches replace your routers next? This article explains: Will Layer 3 Switches Give Routers the Boot?
What is network redundancy?
Most businesses can’t afford the revenue losses from downtime. That’s just the reality of modern commerce. But beyond that, many industries—including healthcare, education and government agencies—all provide some critical service delivery via websites or portals that the general public now relies on.
As a result, many IT teams work tirelessly to ensure maximum uptime for their networks. But sometimes external events can lead to a loss of connectivity:
- Most often, this occurs when the ISP itself is disrupted.
- A device, like a switch or router, within your network fails.
To hedge against these types of issues, many companies employ a strategy of redundancy: a secondary, fall-back system that can take over the moment disruption occurs. There are many types of redundancy protocols at many different OSI layers, but redundancy mainly focuses on two concerns: fault tolerance and high availability.
Want to learn more about how to design for redundancy? Dive in with this article: Network Redundancy and Why It Matters
10 essential steps of network management
So where do you start when you step into a totally unfamiliar network and are looking to make a stellar first impression?
Following these ten steps on how to manage a network to start off on the right foot.
1. Inventory your critical systems
One of the first steps to take when trying to figure out how to manage a network is getting an inventory of the most important systems that make up the network. Depending on your preference or what tools are already at your disposal, you can either manually check your network or install and use software that scans your network for you.
If you opt for the manual approach, start with your core switch and document servers, routers, distribution switches, firewalls, and devices that are connected and used by the network or its users.
2. Map the network
What is network management when you don’t have a visual of the network? You can’t manage what you can’t see, which means you can’t effectively manage a company’s IT systems without first learning the topology that binds them together. In the past, you’d likely spend the first few days or weeks drawing out a network map.
Luckily, modern network topology tools like Auvik make mapping networks quick and easy. You don’t have to trek across server rooms and office floors, clipboard in hand, to figure out which devices are on the network and how they’re connected. All you have to do is deploy Auvik, and you’ll have an accurate map in minutes.
And that’s not all. Auvik will document everything it finds and create easy-to-interpret visual representations of your infrastructure, allowing you to understand its complexities at a simple glance. It also infers connections that aren’t visible, providing insights into the secrets of the network.
3. Figure out how the network is configured
Ideally, the company already has a configuration management solution in place, and you can simply log into it to see how the network devices are configured.
But you may discover there’s no documentation on configurations at all, the documentation is static and out of date, or backups have never been made. There’s an endless number of potentially frustrating scenarios.
In that case, your first step to regaining control is a complete configuration backup. Logging the configs of every device can be a painful, time-consuming exercise, but luckily—just as with network mapping—there are software solutions that can handle it all for you.
A configuration management system—and some network management systems like Auvik—will tell you which configs you have running, monitor those configs over time, and automatically back them up when changes are made. Configuration monitoring allows you to keep track of the changes you make as you get to know the infrastructure—and roll those changes back seamlessly when you press the wrong button (it happens!) and break something.
Bonus points: The person or MSP who comes on board after you will be praising your name for the excellent documentation you’ve created for them.
4. Watch the network perimeter
While much of the focus of managing a network is on what happens within the network, another important part of any network is the perimeter. Remember to watch traffic flows in and out of your network, and do not depend entirely on firewalls and internet filters to keep intrusions out.
Instead, if the network you now manage does not have it already, consider implementing an intrusion detection system (IDS) so that you can keep an eye on the, and avoid any undesirable entries.
5. Patch, patch, patch
Hopefully, your predecessor knew how to manage a network and made every effort to apply software updates regularly to the apps, devices, and management tools. Patches, after all, are the main line of defense against known security vulnerabilities. They also eliminate major bugs that can frustrate admins and users alike.
Lest you find out the hard way that the last person responsible for managing the network did a less-than-stellar job of keeping up to date with software releases, however, downloading and installing the latest updates should be near the top of your agenda.
And patching gives you bang for your buck in terms of both time and money invested. Most often updates are free or included in an annual maintenance agreement, and they’re also usually pretty simple to install. So without using any of your budget, or very much of your time, software updates are a quick and easy way to maximize the efficiency and security early on.
6. Audit licenses, certificates, and compliance standards
Out-of-date licenses or non-compliant systems are configuration issues you’d do well to address sooner rather than later. You don’t want to wait until a device fails to find out that the licensing agreement for it has lapsed, and you don’t have access to vendor support at the time you need it most—your first weeks with a new network.
And that’s not all you have to worry about. The issue could also result in unexpected bills for your company or your client, especially because some software vendors look to extract revenue from customers who use products without valid licenses. Since outdated licenses both make your job harder and put companies at compliance risk, don’t put licensing audits on the back burner.
While we’re on the subject of compliance risk, when managing a network, you’ll want to check on whether the network needs to comply with any compliance standards. Addressing this immediately will help prevent a world of misfortune. There are usually legal ramifications if regulatory standards are not complied with, and you want to ensure data is protected and that you are monitoring the necessary items for the correct length of time.
7. Remove or replace obsolete equipment and note dependencies
Over time, network equipment can show the effects of its age—performance starts to slow, vendors stop providing security patches and software updates leaving vulnerabilities in the network, and they lose compatibility with newer devices.
Not only do they become a pain to manage, but they also act as attack vectors that bad actors might use.
While maintaining and replacing old devices should be a priority no matter how long you’ve been managing a network, there’s no better time to eliminate outdated or redundant devices and services than when you first take on a new site.
As you evaluate what devices and equipment may be unnecessary, also take note of what systems are dependent on others. Your network monitoring software may help you visualize these dependencies to help identify them quicker.
8. Review the company’s BYOD policy (or create a new one)
Once you’ve completed steps one through seven, which will help you make an immediate impact and take care of any vulnerabilities left by your predecessor, it’s time to take on policies, processes, and long-term improvements.
You may be thinking this is out of the scope of “first steps,” but if you want to set yourself up for success with a new network from the get-go, it’s worthwhile to invest some time in these tasks early on.
Using the network map, you can identify any personal devices that are connected and determine if a BYOD (bring your own device) policy is necessary. If the company already has one, you can review it and fill in any gaps.
If they don’t have a BYOD policy and there are tons of personal devices on the network, you’ll have to build one. Here are some of the initial questions you should ask when starting from scratch:
- What applications and data should be accessible?
- How sensitive are these applications and data?
- Should corporate data reside on end-user devices?
- Where are the corporate data and applications housed?
You’ll also need to consider some other essential elements to support your BYOD policy, like additional Wi-Fi access points, separate SSIDs, two-factor authentication, and mobile device management. For more tips on creating and implementing a BYOD policy, check out this article from network engineer Kevin Dooley.
9. Optimize your toolbox
If your first weeks with a network are as a network admin with a new company, it’s a great opportunity to take advantage of skills you have, or tools you’re familiar with, your new company may not have known about.
For example, the company may never have made the jump from on-premises monitoring tools to more flexible cloud-based network monitoring. Or, they may have been running an out-of-date file system on the servers because that’s what they thought was best, even though it lacks the advanced features of modern, distributed storage platforms.
Luckily, you can prove your worth and demonstrate that you know how to manage a network by bringing innovative skills and expertise to the table and improving the tools being used.
Of course, you’ll want to be careful not to go overboard. Before replacing existing tools and services, make sure there’s not a specific need for them that newer ones can’t fulfill. And don’t make the mistake of assuming that the software you know best is always best for the job—sometimes it’s worth teaching yourself the systems that are already in place.
10. Review and improve SOPs if they exist
Again, if your first weeks managing a network are as an admin with a new company, your predecessor may have created (and left!) SOPs (standard operating procedures) for you to use.
SOPs are written, step-by-step instructions that describe how to perform a routine activity, like troubleshooting a network traffic spike, backing up configs, or giving a QBR presentation to a team lead. If you’re working with existing SOPs, you can review the steps, tweak them if you know a better or faster way to complete them, or remove old tools suggested for completing the step and replace them with your new tools. If you’re lucky, some of your tools may automate the steps and make the process even more efficient.
If no SOPs exist, and you’ve never created one before, you can start by creating an SOP about how to create an SOP. Then, make notes about each common task you run into, and use those notes to create an SOP. And don’t worry—you can improve your SOPs over time, it doesn’t have to be perfect on the first try.
Whether you’re just learning how to manage a network, or you recently started managing a network that is new to you, these essential steps will let you hit the ground running and allow you to be successful in your role.
How do you manage it all?
Network optimization requires network monitoring tools, and that’s table stakes for maintaining any modern network. Whether it’s on behalf of a client as an MSP networking service, or for your own internal network, IT teams rely on the backup, deep visibility, and quick troubleshooting capabilities that a network management solution like Auvik can provide.
Had inquired previously but our IT situation has changed and we are once again looking for single pane management systems for our network