Virtualization Technology News and Information
Article
RSS
VMblog Expert Interview: Steve Petryschuk Details Findings in Latest Network Field Report Conducted by Auvik Networks

 

Earlier this month, Auvik Networks released their 2021 Network Field Report which revealed widespread gaps in basic network management activities.  The study takes an in-depth look at how in-house IT administrators manage their networks, and how knowledgeable and confident they are in their networks.

To gain a better understanding about this report and its findings, VMblog reached out to Steve Petryschuk, Technology Advocate at Auvik Networks.

VMblog:  The latest edition of "The Network Field Report" reveals the current state of network management practices.  Can you give us some of the key takeaways?  And were there any surprises? 

Steve Petryschuk:  The Network Field Report provides great insight into the minds of IT professionals as it relates to network management practices. 

To answer your last question first, there were a couple surprises. The big one that stands out to me is the high confidence in the network with relatively low network knowledge. Unpacking this further, more than half of IT professionals have incomplete knowledge of how their networks are configured, but 77% of the respondents indicated that they are highly confident or very confident in their networks. I'm a "trust but verify" type of person, meaning that I'd be confident in the network too - but I definitely want to get the network insights to back up this confidence. 

A couple of other key takeaways that stood out were: 

  • Only 36% of organizations back up their network device configurations daily or weekly, despite additional data showing that configuration changes are frequent. What is an acceptable window for an out of date backup? How can we decrease this window and increase the frequency of backups to match the frequency of changes?  
  • More than half (52%) of an IT pro's time is spent on projects they hate or tolerate. Nearly half (45%) say that "not enough time" is the primary reason for not doing the projects that interest them. This is a big problem if organizations want to retain the best IT professionals. There needs to be a better balance between the time spent on interesting projects, and ones that are mundane, uninteresting, or just hated. What tasks can be automated to free up time for more interesting and engaging projects? 

VMblog:  What are blind spots and why are they so significant?

Petryschuk:  Blind spots can really be interpreted by the business as areas of risk. These are areas where there is a gap between best practices, and what has been implemented. Or where there is a gap between what an IT pro thinks, and reality. We call them blind spots as they are very similar to a blind spot in your car; if you change lanes and don't see the car sitting in your blind spot, some pretty severe consequences can ensue. Same thing here - if these blind spots aren't checked, the organization is vulnerable. The great news is, like with the blind spot in your car, for most network blind spots there is a remedy. First you need to be aware that a blind spot exists and once the blind spot is acknowledged, getting visibility into that blind spot is often as simple as tweaking an existing process, tuning a tool, or education (ie, it can be as simple as a "shoulder check" into your blind spot when driving!). 

VMblog:  Why do you think these network management weaknesses and inefficiencies exist? 

Petryschuk:  The IT industry moves at a very quick pace. Going back to the car analogy, it's natural for many IT professionals to be always in a "pedal to the metal" mode, where we are always on and running at or near capacity. It becomes natural then for us to get blinders on, and focus solely on moving as quickly as we can - either building new systems or putting out fires. It's rare in IT to have enough time to pause, reflect, and ensure we're all doing the right things. Even if you do this pause and reflect today, I bet you wish you had a bit more time to do it.

VMblog:  What best practices should IT pros follow to mitigate the risk involved with their network vulnerabilities? 

Petryschuk:  This is really a collaborative effort between the IT, business continuity, and security teams. Traditional network vulnerabilities, like required firmware updates, should be handled by the same risk management framework that the security team uses across the board. The non-traditional vulnerabilities, like lack of network visibility and out-of-date configuration backups, can be addressed by first defining policies around these items. What should the organizational policy for configuration backups be? How often should the business be ensuring the network topology maps are up to date? Once the policy around these items is defined, organizations can then look to understand whether there is the team capacity to do these things manually, or if there are existing tools within the organization that can automate these functions. If there is no capacity, and no existing tools to automate, the teams can go to the market and understand what solutions can help them solve these blindspots, such as Auvik

VMblog:  When comparing the results of this report to the one Auvik conducted in 2015, many of the metrics improved.  What does this tell us?

Petryschuk:  This is a very positive story. First, the report highlights that metrics around confidence in the organization's network have improved, indicating that IT teams have taken action over the past six years to improve the capabilities of both their networks and their teams. Both of these items have contributed to improved confidence. 

Second, the report highlights a very positive change in the workweek of a typical IT professional, where the percentage of IT pros working more than 50 hours a week has declined. This can be attributed to an increase in proactive maintenance and network management, reducing the reactive ‘firefighting' that IT pros often find themselves in. The report highlights the most gains toward proactive management and monitoring happened in the largest organizations, meaning there's still some room for improvement in the shift towards proactive management in small and mid size (<1000 employee) organizations.

VMblog:  Does the survey give you any insights of how the pandemic may have impacted IT organizations?

Petryschuk:  One of the things I find most interesting about the report is the percentage of time IT pros have spent on items like maintaining the existing network, implementing new systems, and researching new systems. In the 2021 report, we can see that 58% of time per week is spent on researching and implementing new systems, up from 39% in 2015. This means that about 40% of time is spent on maintaining existing systems in 2021, compared to 61% in 2015. It is clear that digital transformation initiatives have been accelerated and IT professionals are being tasked with enabling the organization in the post-COVID world!

VMblog:  Is there risk that the improvements over 2015 have stagnated?  For example, if IT pros continue as-is and we don't continue to see improvements, what kind of implications could this have and at what kind of scale?

Petryschuk:  Sure, there's always risk that improvements have stagnated. I personally don't believe that's the case and that we'll continue to see gains in these areas. There are still improvements to be had in network confidence and improving on the reactive / proactive work mix. 

There is a law of diminishing returns here though, meaning that there is a practical limit to how much IT professionals can avoid reactive firefighting. At the end of the day, we can put all the tools, technical guardrails, and user education in place, but one of your users will inevitably find a way to break something! It keeps things interesting, even if it does add a bit of grey hair. 

If we take the contrarian view here and say - "Yes, improvements have stagnated", then I don't think it will be long until we start seeing some metrics move back to 2015 numbers,  for things like typical workweeks, reactive / proactive mix, and network confidence. If we don't continue to be proactive and stay on top of network management, then we'll quickly lose control and be back to the old way of doing things. 

##

Published Tuesday, January 26, 2021 7:50 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<January 2021>
SuMoTuWeThFrSa
272829303112
3456789
10111213141516
17181920212223
24252627282930
31123456