A network disaster recovery plan is a set of policies to help you restore all your organization's network operations after a network disaster. A network disaster can range from performance degradation to complete network outage. While network disasters are often caused by human error, this page will list the common sources of network disasters, and how Network Configuration Manager acts as a network disaster recovery tool and helps solve them.
Organizations often invest a lot of money into acquiring large amounts of bandwidth that is shared by every user on the network. When a single user disproportionately consumes a lot of bandwidth on a typical network, it can affect the entire network. Situations like these lead to other users on the network experience lag, causing performance degradation.
This network disaster recovery can be done by capping bandwidth consumption using access control list (ACL) configlets in Network Configuration Manager. With these configlets, you can use limiters to restrict certain users' bandwidth or choose to block their access to the network entirely.
The network industry has laid out certain industry standards like CIS, SOX, HIPAA, and PCI DSS. Each of these standards have a specific set of rules that your organization must comply with. Violating any of these rules could easily cause a network vulnerability that leads to a network disaster.
Let's take the example of a company using TELNET. TELNET is a communication protocol that the network industry has recommended not to use due to security concerns. All communication that happens via TELNET is unencrypted, which can lead to a data breach. By executing configlets on Network Configuration Manager, you can check whether TELNET has been enabled. If the protocol is enabled, Network Configuration Manager automatically notifies the admin so that the violation can be remediated. Network Configuration Manager also speeds up the remediation process by allowing each compliance rule to be associated with a remediation configlet. The admin can instantly fix violations by executing a remediation configlet.
Network infrastructures are prone to human errors since they are subject to frequent manual changes. Such errors can cause vulnerabilities in the network that lead to network disasters. Shutting down interfaces is one such common error. Users shutting down an interface can render a group of devices inaccessible to everyone on the network.
Moderation of network infrastructure changes can be achieved through role-based access control and change notifications in Network Configuration Manager. With a role-based access control, every user is assigned a role which will define the devices they can access. With Network Configuration Manager you can assign operator or admin roles to users. While admins have access to all devices in the network, operators will have to make a request to the admin each time they try to change a configuration. Once a change is processed, the operator receives a notification of the status of the configuration upload.
Network Configuration Manager also has a rollback mechanism to undo any configuration changes that disrupt network performance. The rollback mechanism helps you maintain business continuity.
While network admins frequently make changes to network devices, it's important that each change is also applied to the startup configuration of the device. If not, this disparity will lead to a startup-running configuration conflict, and the changes will be lost when the device turns off. In cases where these changes are mission-critical or security-related, losses can lead to network disasters.
Network Configuration Manager gives admins a unified look into all the devices that have a startup-running conflict. These conflicts can be remediated by using Network Configuration Manager to sync the startup and running configuration of the devices. Admins can also choose to schedule configuration syncs to occur monthly, weekly, daily, or just once.
A hardware failure can cause as much damage to a network as a misconfiguration. Regularly checking your hardware components is crucial to your network's continual function. End of sale, end of support, and end of life must be checked frequently. Any device that's being used beyond its EOL/EOS has a higher risk of malfunctioning or failing.
Network Configuration Manager can help in network recovery with a repository of device configuration backups. This repository is built over time through scheduled, automated, and manual backups. Whenever there's a network outage due to hardware failure, you can replace the failed device with an identical one, then upload the failed device's configuration from the repository. This will quickly restore all network functions.
An efficient network disaster recovery plan should have the following things in place to ensure efficient recovery for all your network functions:
1. Backup: Take regular network backups using a network disaster recovery system so that you have a repository of trusted versions of device configurations.
2. Role based access control: Assign user roles to make sure no unauthorized changes or configuration uploads are made to your network devices.
3. Change rollback: Implement a rollback mechanism to a trusted version so that you can quickly restore your network when there's a misconfiguration.
4. Compliance: Conduct regular compliance audits to ensure you adhere to industry standards and enhance your network's security.
5. Configlets: Implement the use of configlets (executable configuration templates) to execute configuration tasks in bulk.