Standardizing Network Management Procedures

While IT now drives everything from national security to the success of a business, there are no established standards to follow as there are for other professions. Here's what one management services provider did to address the problem.
Posted January 17, 2003
By

Drew Robb

Drew Robb


Many professions have agreed upon codes and standardized procedures for their members to follow.

For accountants, there are the Generally Accepted Accounting Procedures (GAAP) published by the Financial Accounting Standards Board, which have dictated the way companies prepare financial statements for the past three decades. Violate GAAP, and a company finds itself defending a shareholder lawsuit.

For medical professionals, there is the "Standard of Care" for different types of patients. Violate that standard and it is malpractice. Follow the standard and, even if the patient dies, it is not malpractice.

Attorneys, athletes, engineers, electricians, plumbers, judges and police officers all have their own codes to guide their conduct.

But while IT now drives everything from national security to the success of a business, there are no similar standards for the profession. Yes, there are dozens of standards bodies defining with minute precision the dimensions of a USB plug or the frequency of an 802.11a wireless LAN. But what defines the basic "Standard of Care" that an administrator needs to follow to ensure a healthy network?

"There's no system in place for network administrators to learn their job," says Jim Lancaster, president of MBD Network Services, LLC a management services provider in Dallas. "Even if they go to MCSE school or CNE school, the vendor just tells them all the things the software is capable of, but does not give them a systematic approach to administer the network."

Creating Checklists

Lancaster began his professional career as an accountant for Arthur Young & Co., now a part of the Big Four accounting firm of Ernst and Young. At Arthur Young, he received the standard approach to training a new accountant. Over a period of several years, he went through a series of checklists and procedures covering each aspect of auditing a firm until had all the skills necessary to audit a full balance sheet.

Later he went to work for Middleton, Burns & Davis, an accounting firm based in Dallas, where he focused on technology, not only for internal use but also helping clients establish their own networks.

Then in 1997, shortly after Lancaster put in a network at a small oil and gas company, the network administrator left without warning. As a result, the controller approached Middleton and asked if it had considered offering outsourced network administration. Middleton agreed to provide the services for that client, and quickly added another half-dozen customers.

Over the next few years, the accounting firm refined and focused its network management product offering, spinning off MBD Network Services as its own company in 1999. Today MBD has about 60 small and medium-sized business clients.

But, as the company grew Lancaster found it necessary to return to his accounting roots and set up a checklist system to standardize product delivery and ensure quality control.

"We distilled the best practices out of our senior engineers and created a checklist," he explains. "This operates as a framework for training young engineers and also is helpful for the more experienced staff since even the best admins forget things."

Back to Basics

The procedures start with the initial network documentation.

"The problem most net admins are confronted with when asked to diagram a network is that a network gives them far more information than they could ever digest, use or organize," says Lancaster.

MBD developed a standard set of documents which apply to all clients, large or small. The network documentation is broken down into two types -- the static configuration of the network and procedural information such as how to set up baseline workstation. The documents are designed to provide the essential -- but not too much -- information so that it is easy to keep current.

"We've tried to strike a balance between completeness and maintainability," he says, "since it is no good if it is out of date."

Then there are checklists that apply to ongoing maintenance actions. While MBD does remotely monitor the client networks and has an online trouble ticket system, it also sends personnel onsite each week to speak to the customers, find out any problems what they may be running into and make any necessary adjustments.

In setting up the maintenance checklists, Lancaster concentrated on the basic items that are most important for MBD's clients -- secure and reliable internet access, e-mail and a centralized place to store data, backed up every night and secure from viruses.

"Ninety percent of small-business users view computers as a necessary evil since they break down and cause problems," he explains. "But if we nail down the basics our clients will be happy."

Following the FCAPS Model

In setting up his procedures, Lancaster follows the FCAPS (Fault, Configuration, Accounting, Performance, Security) model. Originally created by the International Telecommunications Union for the management of telecommunications networks, it also provides a good framework for managing data networks.

The full description is available for download from the ITU for 44 Swiss Franks, but in brief, FCAPS consists of five levels:

  • Fault Management -- This level consists of detecting and correcting any errors. It includes any type of error reporting and logging, testing, root cause analysis, alarm handling and network recovery activities.

  • Configuration Management -- The C level includes network monitoring and control including inventory, adding or removing hardware or software, backup and restore, device configuration and change management.

  • Accounting Management -- Tools at this level provide the information on resource utilization needed by companies which bill customers or business units for use of IT services.

  • Performance Management -- At this level, administrators track the performance of components, devices or services, generate reports, identify and handle bottlenecks, analyze historical data and plan for future needs.

  • Security Management -- The final level consists of anything done to control the level of access to the system and its information including password control, intrusion detection systems, firewalls, anti-virus software, maintaining access logs and limiting physical access.

    Lancaster says that FCAPS provides a good grounding in the basic functions that every network administrator should know and use. But whichever system they use, they must concentrate on the essential items rather than looking for the latest and piece of technology to put in place, especially when dealing with smaller firms.

    "The business problems these companies face were solved by vendors years ago," he says, noting that most clients aren't using even 5% of the features included with Microsoft Word. "Until net admins back away from the 'geek toy of the week' mentality and make existing technology reliable and trouble-free, small businesses will be frustrated."






  • 0 Comments (click to add your comment)
    Comment and Contribute

     


    (Maximum characters: 1200). You have characters left.