Skip to content

Meet the Team: solution and industry forecast with the Head of Product

Product is the epicenter of any company, and NordLayer is no exception. Its performance, development, and promise to customers are the staples that help us grow as a service provider. The driving force behind it belongs to the product team led by the Head of Product Andrius Buinovskis

Although his time is always in high demand, he spared us a few moments to answer some questions about the product roadmap and the future of network security. Andrius shares his perspective on evolving threats such as phishing and the rise of ransomware syndicates exploiting human vulnerabilities through social engineering. 

Let’s dive into an insightful interview with Andrius to gain perspectives on projected challenges and how NordLayer is advancing solutions to stay ahead of rapidly evolving cyber threats.

Andrius, as an industry expert, what projections do you see for the future of network security? Will it bring something new, or will the industry continue in the previous years’ direction?

From what we can observe in the market, the future of network security is on a trajectory of rapid advancement, much in line with recent years but accelerated significantly by artificial intelligence (AI). This acceleration will not necessarily introduce wholly new directions but will enhance the speed and sophistication of developments within existing trends. Here are a few projections:

Projections of persistent threats

  1. Phishing attacks (Voice, SMS, email). Phishing remains the cornerstone of cyber threats, continually evolving and targeting countless victims every second. Its persistence and evolution make it a primary concern. As technologies advance, so do the methods of phishing attacks, becoming more sophisticated and harder to detect.

  2. Ransomware and malware. The ease with which bad actors can now access ransomware and malware “as a service” underscores the growing threat landscape. These tools have democratized cyber attacks, making it easier for attackers to launch sophisticated attacks without needing extensive technical know-how.

  3. Misconfigurations and low awareness. In third place, the human element—misconfigurations and a general lack of awareness about potential threats—remains a significant vulnerability. Social engineering exploits these weaknesses, tricking individuals into compromising security through seemingly harmless interactions.

How do these projections relate to cyber threats? What security strategies/practices could best help prevent them?

The tendencies observed in the cyber threat landscape confirm that cyber threats are evolving and becoming more sophisticated and widespread. 

The consistency of fundamental challenges like phishing, ransomware, malware, and human error vulnerabilities underscores the dynamic nature of cyber threats. Integrating AI into security strategies signifies a significant shift, suggesting that while the core types of threats may remain stable, their complexity and the methods to combat them must rapidly evolve.

To effectively counter these threats, a two-way approach is necessary:

  • Reducing misconfigurations and enhancing awareness. The first line of defense is to address the human element. 

    This involves dedicating time and resources to minimize misconfigurations through rigorous system checks and enhancing the cybersecurity awareness of all individuals within an organization. 

    Educating users on the potential threats and how to avoid them can significantly reduce the risk of successful attacks.

  • Adding additional layers of security. Implementing solutions like NordLayer adds an essential layer of security. 

    Products that provide secure network access, data encryption, and threat monitoring can greatly enhance an organization’s defense mechanisms against evolving cyber threats.

While cyber threats continue to grow in sophistication, focusing on foundational security practices—eliminating misconfigurations, raising awareness, and layering security solutions—remains key to preventing them. This approach addresses the current threat landscape and prepares organizations to adapt to future developments in cybersecurity.

How do NordLayer’s plans align with industry trends?

NordLayer’s strategy aligns directly with industry trends while also carving out a unique niche in the cybersecurity landscape. 

It’s critical for us to stay up-to-date on trends and understand where the industry is heading. This knowledge informs our product development, ensuring we’re keeping pace and anticipating future needs.

However, to truly stand out and add value for our clients, we recognize the importance of offering something more—something different

This is where innovations like the NordLynx protocol come into play. NordLynx is a prime example of how we differentiate our offerings. As potentially the fastest protocol available, it underscores our commitment to meet industry standards and set the new ones, providing our clients with superior speed, security, and reliability.

Our plans are twofold: align with industry trends to ensure relevance and forward-thinking, and innovate beyond the expected to deliver unique value propositions like NordLynx. This approach allows us to address current market needs while also setting new benchmarks in cybersecurity excellence.

Tell us about your typical workday here at NordLayer.

My workday combines leadership, exploration, and strategic planning to drive NordLayer forward. Thus, the days are primarily centered around meetings, which means that each morning I’m going over my calendar to prepare. This preparation involves clearly understanding the day’s topics and what I aim to achieve in each meeting.

My main focus areas are:

  • Supporting my team’s growth and helping them achieve our goals. This involves guidance, problem-solving, and ensuring everyone has the necessary resources.

  • Engaging in market discovery activities to understand our industry better, identify opportunities, and anticipate challenges.

  • Developing strategies to bring our plans to realization. This means turning insights and objectives into actionable steps and ensuring we move in the right direction.

Andrius, you and your team seem well-positioned to help organizations layer up advanced security solutions. What work experience have you brought? Compared to previous roles, how is NordLayer unique to work at?

I’ve navigated various industries and roles throughout my career, from banking and telecommunications to health insurance, e-commerce, and cybersecurity. I’ve worn many hats, starting as a programmer and eventually moving up to high-level managerial positions, but the common thread has always been my focus on IT.

Its comprehensive approach to cybersecurity sets NordLayer apart from my previous experiences. It feels like a culmination of my diverse background, where every aspect of my past work converges. 

Here at NordLayer, our services aren’t just another product on the market. They’re essential tools that any company, regardless of size, will need to safeguard their data and protect their employees. 

NordLayer stands out because it intersects necessity and simplicity, making it a unique and compelling workplace. It’s not just about responding to the market’s current demands but anticipating future cybersecurity needs, making our work both challenging and incredibly rewarding.

Provide an overview of your product team and its dynamics: structure, roles, and responsibilities.

If we look at the market, it’s typical that the product team stands between business and engineering. However, at NordLayer, the product team is the one that shows the direction and encourages all others to follow.

This team, consisting of product managers and product owners who are well aware of UX/UI trends, market research, and engineering perks, is critical in defining and advocating for our vision. 

The essence of our team dynamics revolves around a strong belief in our products and the ability to make them appealing and useful to our clients and even our team so they feel confident about the product. It’s about creating technically proficient products that resonate well with our users and employees, ensuring that our offerings are attractive and beneficial.

You and your team are responsible for the product and its further development. How do you define which direction to choose?

Choosing the right direction for product development involves a blend of analytical and strategic considerations. Here’s how we approach it:

  1. Historical demand analysis. We start by looking back at what our existing clients have requested. Understanding the needs and feedback of those who already use our services gives us a direct line to what’s working and what could be improved or expanded.

  2. Market projections. We then shift our gaze forward, analyzing market trends and projections. This helps us anticipate where the industry is headed and what needs might arise in the future, ensuring our product remains relevant.

  3. Competitor portfolio analysis. Knowing what’s out there is crucial. We meticulously examine our competitors’ offerings to identify gaps in the market we can fill and to understand how our product can offer unique value.

  4. Current technical and capacity capabilities. It’s essential to match our aspirations with our abilities. We assess our current technical resources and capacity to ensure that our chosen direction is feasible and sustainable with our available resources.

  5. Internal insights and expertise. Finally, we tap into our team’s wealth of knowledge and experience. Leveraging our internal insights and expertise ensures that our decisions are not just data-driven but also infused with the practical wisdom of our seasoned team members.

By integrating these factors, we aim to make informed, strategic decisions that steer our product development in a direction that meets current demands, anticipates future needs, and capitalizes on our unique strengths.

You most recently released Cloud Firewall and Device Posture Monitoring features, a massive improvement in network security offering. So, what’s next? How does NordLayer’s roadmap look for 2024?

For 2024, NordLayer is set on a path of continuous improvement and innovation. Our recent launches, Cloud Firewall and Device Posture Monitoring, significantly enhanced network security. But we’re not stopping there. Our focus for the upcoming year includes two main areas:

NordLayer near-future focus

  1. Enhancing existing services. We’re committed to refining and enhancing our current offerings. This means looking into how we can make our existing services more robust, user-friendly, and effective in addressing the evolving needs of our clients.

  2. Advancing network visibility tools. Recognizing the critical importance of visibility within network environments, we’re doubling down on developing tools that offer deeper insights into network activities. Visibility is key to making informed decisions, securing networks, and mitigating both internal and external threats efficiently.

In addition to these focal points, we’re also eyeing expansions into the upmarket with several strategic implementations:

  • Public API for service control. We plan to introduce a public API that allows for the automated control of our services. This move aims to cater to more sophisticated needs, enabling seamless integration and automation for our clients.

  • Other integrations. Recognizing the diverse ecosystem in which our clients operate, we’re working on developing additional integrations. These efforts are intended to ensure NordLayer fits smoothly into our clients’ existing workflows and systems, enhancing security without compromising efficiency.

In essence, NordLayer’s roadmap for 2024 is about deepening the value we provide to our clients through improving existing services and strategic advancements. Our goal is to remain at the forefront of network security, offering solutions that are not just cutting-edge but also tailored to the complex needs of modern organizations.

Thank you.

 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

Microsoft 365 Backup: What it means for SaaS data protection

At the Microsoft Ignite conference back in November 2023, Microsoft announced their release plans for their Microsoft 365 Backup service. Now that they’re in a paid public preview, with general availability being slated for basically now (first quarter, calendar year 2024), I thought “what better time than now?” to share my takeaways and what I believe this milestone means for SaaS data protection now and going forward. Here are three main points I’ll cover:

  • Welcome Microsoft to the backup space; 
  • What Microsoft’s backup service means for the SaaS data protection world; 
  • The Keepit promise.

Welcome to Microsoft into the backup space

First off, let’s give a warm welcome to Microsoft on their entrance to the backup space. As a long-time Microsoft community member, twenty-year Microsoft MVP, and Senior Director of Product Management at an industry-leading data protection vendor, I’d say Microsoft’s entry into the market validates what all the SaaS data protection vendors have long been saying about the strong need for Microsoft 365 data protection.

Ultimately, our mission is to protect critical SaaS data to help companies keep their business-critical data backed up, thereby ensuring continuity and compliance in face of rising ransomware threats. As long-time Microsoft partners — part of the ISV Partner Program — we at Keepit see this as an opportunity to have an even greater impact on the market. How’s that?

Well, we know that an overwhelming percentage of Microsoft’s enterprise customers have no backup. So, naturally, we want to bring that number down to boost cyber resilience of, say, critical infrastructure and critical services, and of course the market in general. So, how does Microsoft releasing their own backup help drive us forward?

Well, for one, it validates what we’ve been doing for more than 20 years. We’re built in the cloud, for the cloud, to protect cloud SaaS data. I guess a bit more practically speaking, another change is that we can now probably drop the top objection we faced from customers over that time: That cloud SaaS data doesn’t need backup.

What does Microsoft 365 Backup change? 

Now, let’s get into point two: What does Microsoft 365 Backup mean for SaaS data backup? Well, all the vendors in this space have long had to challenge the popular notion that data being in the cloud was, by default, automatically and perfectly protected. And many of us have talked at length about Microsoft’s shared responsibility model where Microsoft themselves clearly state that you, the customer, are responsible for backup of information and data, including your devices and accounts and identities.

Microsoft has built an amazing record of service quality and resilience, but their primary focus has been on protecting your data against Microsoft losing it. The Microsoft 365 Backup offering is the start of Microsoft’s journey into protecting your data against other threats, including malicious attacks, mistakes, misbehaving automations, and other misfortunes.

The optimist in me hopes that now, with Microsoft themselves developing their own backup service, we can finally put the shared responsibility model into its proper perspective. Of course you need to back up your Entra ID, M365, and other SaaS application data because clearly you are responsible for your data. Why else would Microsoft release a backup service if you weren’t responsible for it all along?

Now, aside from that original objection that perhaps can be laid to rest, at this point, not that much has actually changed with Microsoft’s announcement. That said, there sure is a newly awakened interest in data protection because of this release. This is how I see the typical train of thought playing out in response to the news:

  • We clearly need to back up our Microsoft SaaS app data. Why else would Microsoft be offering a backup service themselves?
  • Protecting our data is important because it helps us meet our business continuity and compliance requirements, but
  • To meet those requirements, we need our data available 24/7.

Let’s dive down a bit more into that last point there. How does a business guarantee access to their data no matter what happens, be it mistakes, mishap, or malice (like ransomware)? The answer is true backup.

The Keepit promise: True backup for cyber resilience 

To get to the Keepit promise, we first need to consider what the meaning of backup is. You might come across the term true backup (we use it ourselves from time to time) because ‘backup’ alone has been misused to cover things that it shouldn’t.

The canonical meaning of backup refers to storing instances of your data on an infrastructure separate from your primary data. If something should happen to your production data, your backups won’t be affected since they are separated by a physical or logical air gap.

In cloud computing, a lot of what’s being called backup is actually storing data on the same cloud as the primary data. What this means is that whatever risks you’re exposed to in your production environment would also impact your ‘backup’ data since there’s no separation. For example, an attacker who can penetrate your Entra ID tenant and can pivot into your Azure tenant holds all your Azure-based storage — including, and especially, backups — at risk.

The Keepit promise is to always offer the ultimate in data protection for multi-workload SaaS application data. By building our solution from the ground up for SaaS data protection only, we were able to create an optimized data protection solution in line with best practices like the 321 backup rule. Air gapping, immutability, and a fully redundant independent cloud are all things we’re already offering now in our service. So, it’s more the Keepit reality rather than the promise of adding in things later.

Protecting SaaS data is the Keepit mission and has always been — it’s not a feature we’re tacking on. As specialists in data protection, we provide confidence to thousands of customers that their data is here today and will be here tomorrow via our vendor-independent cloud. We look forward to working with Microsoft now and into the future to continue to lead the way in protecting SaaS data.

As we embark on this new chapter in SaaS data backup, I’d like to leave you with a question: What steps are you taking today to protect your control plane (Entra ID and Power Platform)? If you want to learn a bit more about control plane data protection, read my previous article on why you should back up Entra ID (Azure AD) in the cloud.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

Keepit Partner Network: Growing partnerships to the next level

Leading the way with vendor-independent data protection

When I started in Keepit in July 2023, I knew that I was joining a very special company. Not only does the company have a great product, but it also has a great partner ecosystem and the two are key to having an impact on the market.

At the heart of data protection specialist Keepit’s success lies indeed a resilient and purpose-built cloud infrastructure — and also many long-lasting partner relationships.

The company’s platform, exclusively owned and operated independently from other cloud vendors, signifies a revolutionary shift in data protection strategies. Serving as the ultimate safeguard against potential data loss resulting from security incidents or unforeseen events, Keepit ensures that its partners empower clients to maintain control over their critical SaaS data.

And it’s not just a few workloads that we cover: Keepit’s unique easy-to-use platform ensures business-critical SaaS data from multiple SaaS applications, like Microsoft 365, Entra ID (Azure AD), Salesforce (and others) is kept immutable, accessible, and compliant with even the strictest of requirements. Learn more about Keepit’s security and compliance.

Keepit’s impressive scaling secures $40 million from HSBC Innovation Banking

On Jan. 9, 2024, Keepit announced that HSBC Innovation Banking has provided Keepit with a $40 million refinancing package together with The Export and Investment Fund of Denmark (IEFO). The fresh capital is earmarked to sustain the impressive growth trajectory and substantial expansion strategy of Keepit.

Keepit CEO and co-founder, Morten Felsvang, shares that the funding “is an infusion of confidence in our capabilities on all levels. And it means that we can continue our growth strategy at full throttle.”

Partners prove invaluable to Keepit’s growth and success

The Keepit Partner Network (KPN) highlights the company’s dedication to its channel ecosystem. Tailored for resellers, managed service providers, and distributors, this program elevates partner engagement with its tiered structure, ensuring customized support for diverse partner needs.

KPN is designed to propel partners toward unparalleled success within data protection together with Keepit. The recognition of Keepit with its addition as a scaler in the Canalys “Global Managed Backup and Disaster Recovery Leadership Matrix 2023” report underscores the program’s rapid growth and our outstanding performance. 

 

And in support of that commitment to growth, we’re setting our sights on crossing over into the coveted Canalys “Champions” category on our impressive journey by adopting a partner-only model. 

 

Keepit’s Partner Network emerges not just as a program but as a strategic cooperation for the future. Partners get the chance to be a hero for customers by offering them award-winning, next-level SaaS data protection that’s transparent in cost and incredibly easy to set up, onboard, and use. 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

23.12.9 Voyager released

Changes compared to 23.12.8

New Features

  • Added support for Dark Mode to the Comet Server web interface

Bug Fixes

  • Fixed an issue preventing files from being backed up when stored in a OneDrive folder on MacOS
  • Fixed an issue in new Microsoft 365 SharePoint incremental backups referencing an invalid location in older snapshot formats
  • Fixed an issue with the Comet Server failing to start after deleting a tenant

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Comet
We are a team of dedicated professionals committed to developing reliable and secure backup solutions for MSP’s, Businesses and IT professionals. With over 10 years of experience in the industry, we understand the importance of having a reliable backup solution in place to protect your valuable data. That’s why we’ve developed a comprehensive suite of backup solutions that are easy to use, scalable and highly secure.

Apply network management protocols to your organization for better results

To address this issue, first understand that, in the digitization we are experiencing, there are multiple resources and devices that coexist in the same network and that require a set of rules, formats, policies and standards to be able to recognize each other, exchange data and, if possible, identify if there is a problem to communicate, regardless of the difference in design, hardware or infrastructure, using the same language to send and receive information. This is what we call network protocols (network protocols), which we can classify as: 

    • Network communication protocols for communication between network devices, whether in file transfer between computers or over the Internet, up to text message exchange and communication between routers and external devices or the Internet of Things (IoT). For example: Bluetooth, FTP, TCP/IP and HTTP.
    • Network security protocols to implement security in network communications so that unauthorized users cannot access data transferred over a network, whether through passwords, authentication, or data encryption. For example: HTTPS, SSL, SSH and SFTP.
    • Network administration protocols that allow network management and maintenance to be implemented by defining the procedures necessary to operate a network. These protocols are responsible for ensuring that each device is connected to others and to the network itself, as well as monitoring the stability of these connections. They are also resources for troubleshooting and assessing network connection quality.

Content:

Importance and Context in Network Management

Network management ranges from initial configuration to permanent monitoring of resources and devices, in order to ensure connectivity, security and proper maintenance of the network. This efficient communication and data flow have an impact on the business to achieve its objectives in stable, reliable, safe, efficient environments, better user experience and, consequently, the best experience of partners and customers.
Something important is the knowledge of the network context (topology and design), since there is an impact on its scalability, security and complexity. Through network diagrams, maps and documentation to visualize and understand the topology and design of the network, it is possible to perform analyses to identify potential bottlenecks, vulnerabilities and inefficiencies where action must be taken to correct or optimize it.
Another important aspect is the shared resources not only in the network but in increasingly widespread infrastructures in the cloud, in Edge Computing and even in the Internet of Things that demand monitoring of the state of the network, network configuration and diagnosis to promote efficiency, establish priorities and also anticipate or solve connection problems in the network and on the internet.
We’ll talk about the benefits of Network Management later.

Network protocols vs network management protocols

As explained above, network management protocols are part of network protocols. Although they may seem the same, there are differences: network protocols, as a rule, allow data transfer between two or more devices and are not intended to manage or administer such devices, while network administration protocols do not aim at the transfer of information, but the transfer of administrative data (definition of processes, procedures and policies), which allow to manage, monitor and maintain a computer network.
The key issue is to understand the following:

  • Within the same network, network communication protocols will have to coexist with network management protocols.
  • Network management protocols also have an impact on the overall performance of the platforms, so it is essential to know and control them.
  • The adoption of cloud and emerging technologies, such as Edge Computing and the Internet of Things, make it clear that reliable and efficient connectivity is critical.

Deep Network Management Protocols

Network management protocols make it possible to know the status of resources, equipment and devices on the network (routers, computers, servers, sensors, etc.), and provide information on their availability, possible network latency or data loss, failures, among others. The most common network management protocols are: Simple Network Management Protocol (SNMP), Internet Control Message Protocol (ICMP) and Windows Management Instrumentation (WMI), as seen in the diagram below and explained below:

Simple Network Management Protocol (SNMP)

SNMP is a set of protocols for managing and monitoring the network, which are compatible with most devices (switches, workstations, printers, modems and others) and brands (most manufacturers make sure their product includes SNMP support) to detect conditions. SNMP standards include an application layer protocol, a set of data objects, and a methodology for storing, manipulating, and using data objects in a database schema. These protocols are defined by the Internet Architecture Board (Internet Architecture Board, IAB) and have evolved since their first implementation:

  • SNMPv1: first version operating within the structure management information specification and described in RFC 1157
  • SNMPv2: Improved support for efficiency and error handling, described in RFC 1901.
  • SNMPv3: This version improves security and privacy, introduced in RFC 3410.

SNMP Architecture Breakdown: Agents and Administrators

All network management protocols propose an architecture and procedures to retrieve, collect, transfer, store and report management information from the managed elements. It is important to understand this architecture and its procedures to implement a solution based on said protocol.
The SNMP architecture is based on two basic components: Agents and Administrators or Managers, as we presented in the following diagram of a basic schema of the SNMP architecture:
Where:

    • SNMP agents are pieces of software that run on the elements to be managed. They are responsible for collecting information on the device itself. Then, when SNMP administrators request such information through queries, the agent will send the corresponding. SNMP agents can also send the SNMP Manager information that does not correspond to a query but that comes from an event that takes place in the device and that requires to be notified. Then, it is said that the SNMP agent proactively sends a notification TRAP.
    • SNMP Administrators are found as part of a management or monitoring tool and are designed to work as consoles where all the information captured and sent by the SNMP agents is centralized.
  • OIDs (Object Identifier) are the items used to identify the items you want to manage. OIDs follow a format of numbers such as: .1.3.6.1.4.1.9.9.276.1.1.1.1.11. These numbers are retrieved from a hierarchical organization system that allows to identify the device manufacturer, to later identify the device and finally the item. In the following image we see an example of this OID tree outline.
  • MIBs (Management Information Base) are the formats that the data sent from the SNMP agents to the SNMP managers will comply with. In practice, we have a general template with what we need to manage any device and then have individualized MIBs for each device, with their particular parameters and the values that these parameters can reach.

SNMP’s crucial functions are:

  • Fault Validation: for detection, isolation and correction of network problems. With the SNMP trap operation, you may get the problem report from the SNMP agent running on that machine. The network administrator can then decide how, testing it, correcting or isolating that problematic entity. The OpManager SNMP monitor has an alert system that ensures you are notified well in advance of network issues such as faults and performance slowdowns.
  • Performance Metrics Network: performance monitoring is a process for tracking and analyzing network events and activities to make necessary adjustments that improve network performance. With SNMP get and set operations, network administrators can track network performance. OpManager, an SNMP network monitoring tool, comes with powerful and detailed reports to help you analyze key performance metrics such as network availability, response times, throughput, and resource usage, making SNMP Management easier.

To learn more about SNMP, we recommend reading Blog SNMP Monitoring: keys to learn how to use the Simple Network Administration Protocol

Internet Control Message Protocol (ICMP)

This is a network layer protocol used by network devices to diagnose communication problems and perform management queries. This allows ICMP to be used to determine whether or not data reaches the intended destination in a timely manner and its causes, as well as to analyze performance metrics such as latency levels, response time or packet loss. ICMP contemplated messages typically fall into two categories:

  • Error Messages: Used to report an error in packet transmission.
  • Control messages: Used to report on device status.

The architecture that ICMP works with is very flexible, since any device on the network can send, receive or process ICMP messages about errors and necessary controls on network systems informing the original source so that the problem detected is avoided or corrected. The most common types of ICMP menssages are key in fault detection and performance metric calculations:

  • Time-Out: Sent by a router to indicate that a packet has been discarded because it exceeded its time-to-live (TTL) value.
  • Echo Request and Echo Response: Used to test network connectivity and determine round-trip time for packets sent between two devices.
  • Unreachable Destination: Sent by a router to indicate that a packet cannot be delivered to its destination.
  • Redirect: Sent by a router to inform a host that it should send packets to a different router.
  • Parameter issue: Sent by a router to indicate that a packet contains an error in one of its fields.

For example, each router that forwards an IP datagram has to decrease the IP header time-to-live (TTL) field by one unit; if the TTL reaches zero, an ICMP type 11 message (“Time Exceeded”) is sent to the datagram originator.
It should be noted that sometimes it is necessary to analyze the content of the ICMP message to determine the type of error that should be sent to the application responsible for transmitting the IP packet that will ICMP message forwarding.
For more detail, it is recommended to access Pandora Discussion Forums FMS, with tips and experiences of users and colleagues in Network Management using this protocol.

Windows Management Instrumentation (WMI)

With WMI (Windows Management Instrumentation) we will move in the universe composed of computers running a Windows operating system and the applications that depend on this operating system. In fact, WMI proposes a model for us to represent, obtain, store and share management information about Windows-based hardware and software, both local and remote. Also, WMI allows the execution of certain actions. For example, IT developers and administrators can use WMI scripts or applications to automate administrative tasks on remotely located computers, as well as fetch data from WMI in multiple programming languages.

Architecture WMI

WMI architecture is made up of WMI Providers, WMI Infrastructure and Applications, Services or Scripts as exemplified in this diagram:

Where:

  • A WMI provider is a piece responsible for obtaining management information for one or more items.
  • The WMI infrastructure works as an intermediary between the providers and the administration tools. Among its responsibilities are the following:
    • Obtaining in a scheduled way the data generated by the suppliers.
    • Maintaining a repository with all the data obtained in a scheduled manner.
    • Dynamically finding the data requested by administration tools, for which a search will be made in the repository and, if the requested data is not found, a search will be made among the appropriate providers.
  • Administration applications correspond to applications, services or scripts that use and process information about managed items. WMI manages to offer a consistent interface through which you may have applications, services and scripts requesting data and executing the actions proposed by WMI providers about the items that you wish to manage.

CIM usage and WMI Class Breakdown

WMI is based on CIM (Common Information Model), which is a model that uses item-based techniques to describe different parts of a company. It is a very widespread model in Microsoft products; In fact, when Microsoft Office or an Exchange server is installed, for example, the extension of the model corresponding to the product is installed automatically.
Precisely that extension that comes with each product is what is known as WMI CLASS, which describes the item to be managed and everything that can be done with it. This description starts from the attributes that the class handles, such as:

  • Properties: Properties that refer to item features, such as their name, for example.
  • Methods: Actions that refer to the actions that can be performed on the object, such as “hold” in the case of an item that is a service.
  • Associations: They refer to possible associations between items.

Now, once WMI providers use the classes of the items to collect administration information and this information goes to the WMI infrastructure, it is required to organize data in some way. This organization is achieved through logical containers called namespaces, which are defined by administration area and contain the data that comes from related objects.
Namespaces are defined under a hierarchical scheme that recalls the outline that folders follow on a disk. An analogy many authors use to explain data sorting in WMI is to compare WMI to databases, where the classes correspond to the tables, the namespaces to the databases, and the WMI infrastructure to the database handler.
To learn more about WMI, we recommend reading our blog post What is WMI? Windows Management Instrumentation, do you know it?

Key Insights for Network Management Protocol Analysis:

It is easy to understand that the more complex and heterogeneous the platform you want to manage, the greater its difficulty from three angles:

  • Faults: have fault detection procedures and a scheme for reporting them.
  • Performance: Information about platform performance to understand and optimize its performance.
  • Actions: Many administration protocols include the possibility of executing actions on network devices (updating, changes, setting up alerts, reconfigurations, among others).

It is important to understand which of the three angles each of the protocols tackels and, therefore, what it will allow you to do. A fundamental pillar is Data Organization, which we will explain below.

Effective data organization: a fundamental pillar in network management protocols

A fundamental aspect of Network Management Protocols is the way in which the elements to be managed are defined and identified, making approaches on:

  • What element can I administer with this protocol?
  • Should it just be the hardware or should applications be considered too, for example?
  • What format should be used to handle data? And how is it stored, if so?
  • What are the options you have to access this information?

In that sense, effective data sorting allows the successful information exchange between devices and network resources. In network monitoring, data is required from routers, switches, firewalls, load balancers, and even endpoints, such as servers and workstations. The data obtained is filtered and analyzed to identify possible network problems such as configuration changes or device failures, link interruptions, interface errors, lost packets, latency or response time of applications or services on the network. Data also makes it possible to implement resource planning due to traffic growth or the incorporation of new users or services.

Challenges, Benefits and Key Tasks in Network Management Protocols

For those in charge of operating and managing enterprise networks, it is important to know five common challenges:

  • Mixed environments, in which resources and devices exist in local and remote networks (including Edge Computing and IoT), which makes it necessary to adapt to the demands of hybrid networks.
  • Understand network needs and perform strategic planning, not only in physical environments but also in the cloud.
  • Reinforcing the security and reliability of increasingly dynamic networks, more so when business ecosystems are engaging interconnecting customers, suppliers, and business partners.
  • Achieve observability that gets rid of network blind spots and provide a comprehensive view of IT infrastructure.
  • Establish a network management strategy that can be connected, integrated, and even automated, especially when IT teams are doing more and more tasks in their day-to-day lives.

As we have seen throughout this Blog, understanding how network management protocols work is essential for communication, business continuity and security, which together have a great impact on organizations to:

  • Establish and maintain stable connections between devices on the same network, which in turn results in less latency and a better experience for network users.
  • Manage and combine multiple network connections, even from a single link, which can strengthen the connection and prevent potential failures.
  • Identify and solve errors that affect the network, evaluating the quality of the connection and solving problems (lower latency, communication reestablishment, risk prevention in operations, etc.)
  • Establish strategies to protect the network and the data transmitted through it, relying on encryption, entity authentication (of devices or users), transport security (between one device and another).
  • Implementing performance metrics that ensure quality service levels.

Key Tasks and Benefits in Network Management

Efficient network administration involves device connectivity, access systems, network automation, server connectivity, switch management and network security, so it is recommended to carry out the following tasks:

  • Strategies for Upgrades and Effective Maintenance: One of the big challenges is achieving end-to-end network visibility in an increasingly complex business environment. Most IT professionals have an incomplete understanding of how their network is set up, as new components, hardware, switches, devices, etc. are constantly being added, so it is vital to maintain an up-to-date catalog of your network and provide proper maintenance to guide network management principles and enforce the correct policies. You also have to consider that there are resource changes in your IT team. It is possible that the original administrator who defined the network topology and required protocols may no longer be available, which could result in having to undergo a full network administration review and incur additional costs. This can be avoided by detailed documentation of configurations, security policies, and architectures to ensure that management practices remain reusable over time.
  • Rigorous Performance Monitoring: Network management demands performance monitoring (e.g. with a dashboard with performance indicators) consistently and rigorously with defined standards to provide the best service and a satisfactory usage experience without latency and as stable as possible. Previously this was a greater challenge when traditional network environments relied primarily on hardware for multiple devices, computers, and managed servers; today, advances in software-defined networking technology make it possible to standardize processes and minimize human effort to monitor performance in real time. It is also recommended to ensure that network management software is not biased towards one or a few original equipment manufacturers (OEMs) to avoid dependence on one or a few vendors in the long run. The impact would also be seen in the difficulty in diversifying IT investments over time.
  • Downtime Prevention: A team designated for network failure management allows you to anticipate, detect and resolve network incidents to minimize downtime. On top of that, the team is responsible for logging information about failures, performing logs, analyzing, and assisting in periodic audits. This implies that the network failure management team has the ability to report to the network administrator to maintain transparency, and to be in close collaboration with the end user in case failures need to be reported. Also, it is recommended to rely on a Managed Service Provider (MSP) as an external partner that can assist in the design and implementation of the network and in routine maintenance, security controls and configuration changes, in addition to being able to support on-site management and support.
  • Network Security Threat and Protection Management: Business processes are increasingly moving online, so network security is vital to achieving resilience, alongside risk management.
    A regular stream of logs is generated in an enterprise network and analyzed by the network security management team to find digital fingerprints of threats. Depending on the business and the size of the organization, it is possible to have equipment or personnel assigned for each type of network management. Although it is also recommended to rely on services managed by experts in the industry in which the organization operates, with a clear knowledge of common risks, best security practices and with experts in the field of security that constantly evolves and becomes more sophisticated.
  • Agile IP Address Management and Efficient Provisioning: Network protocols are the backbone of digital communication with rules and procedures on how data is transmitted between devices within a network, regardless of the hardware or software involved. Provisioning must contemplate the IT infrastructure in the company and the flow and transit of data at different levels from the network, including servers, applications and users to provide connectivity and security (also managing devices and user identities).
    Another important task in network management is transparency about usage, anomalies and usage trends for different functions or business units and even individual users. This is of particular value for large companies in that they must make transparent the use of shared services that rent network resources to different branches and subsidiaries to maintain an internal profit margin.

Summary and conclusions

In business digitization, Network Management Protocols aims to take actions and standardize processes to achieve a secure, reliable and high-performance network for end users (employees, partners, suppliers and end customers). Companies distributed in different geographies depend on Network Management Protocols to keep the different business areas, functions and business teams connected, allowing the flow of data inside and outside the company, whether on local servers, private clouds or public clouds.
As technology continues to evolve, so do network protocols. The IT strategist and the teams assigned to network management must prepare for the future of network protocols and the integration of emerging technologies, to take advantage of advances in speed, reliability and security. For example, 5G is a technology that is expected to have a significant impact on networks, driven by the need for greater connectivity and lower latency. People’s daily lives also involve connecting objects (vehicles, appliances, sensors, etc.), revolutionizing networks to meet the Internet of Things. In Security, more robust network protocols are being developed, such as Transport Layer Security (TLS), which encrypts transmitted data to prevent access or manipulation by third parties.
All this tells us that the development of network protocols will not slow down in the short term as we move towards an increasingly connected world.
Pandora FMS works with the three main protocols for network management to offer a comprehensive and flexible monitoring solution. Check with Pandora FMS sales team for a free trial of the most flexible monitoring software on the market: https://pandorafms.com/en/free-trial/
Also, remember that if your monitoring needs are more limited, you have at your disposal the OpenSource version of Pandora FMS. Find out more here: http://pandorafms.com/community
Do not hesitate to send us your queries. Our Pandora FMS team will be glad to assist you!

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×