bluebay2014 - Fotolia
In addition to regular network workloads, 83% of network teams also support security teams with the assorted network security issues that organizations face today.
More network teams spend more time on network security issues than they have in the past, according to the 2019 State of the Network study from Viavi Solutions Inc., a provider of network performance monitoring tools based in San Jose, Calif. More than 600 network and security operations professionals were surveyed, and the majority said their network teams are now a crucial part of security matters.
Bad actors caused more threats and more advanced attacks, the study found, which led to network teams' increased workloads and more time spent thwarting attacks. This meant network teams spent less time on dedicated network issues, such as monitoring end-user experiences, though users still expected teams to maintain ideal network conditions.
Advanced network security issues plague network, security teams
Only 9% of respondents said their network teams spend no time on network security issues. The rest reported their network teams spent up to or over 10 hours on security challenges, which grew significantly over the past year.
Email and browser malware attacks increased by 58%, and threat sophistication and exfiltration -- or extrusion -- attacks on database servers followed closely behind. Other threats included application, distributed denial-of-service and ransomware attacks.
Network teams face various issues when they take on security incidents. And as protections for networks and resources advance, attacks advance, as well. The top network security issues respondents noted were breach investigations after incidents, ensuring proper tool configuration, implementation of preventative measures and post-incident cleanups. Overall, network teams played more hands-on roles with security efforts, the study said.
More than 70% of respondents said the most important data source for network security issues was packet captures or network traffic; this importance increased 23% from Viavi's 2017 study. Network teams require holistic visibility of incidents, and packet captures can show where incident traffic began, as well as potentially affected areas. Other data sources included security device logs and application logs.
Yet network teams can't rely only on dedicated security tools to ensure network and resource safety. As threats grow more advanced, teams may not notice attacks and breaches for significant amounts of time without understanding routine network activity. Teams should understand exactly how their networks function so they can identify suspicious activity more easily.
Troubleshooting issues and technologies that could help
Respondents said their most common troubleshooting challenges were determining causes of problems, measuring latency and delay issues, bug and patch management, end-user experiences, and bandwidth consumption monitoring. These troubles increase as deployments become more complex and as the amount of devices and traffic continues to grow, which can negatively affect network visibility.
New technologies and abstractions may help improve network visibility, though. By 2020, the majority of respondents will likely adopt the following:
- public cloud
- private cloud
- 40 Gigabit Ethernet, or GbE
- software-defined networking, or SDN
- 100 GbE
While adopting these technologies now can benefit organizations in the future -- so they have them before they become necessities or the norm -- respondents also said abstractions such as SDN have yet to significantly benefit troubleshooting capabilities.