LAN-to-WAN Management, Tools, and Systems
Managing the LAN-to-WAN environment basically involves the same tasks as managing the LAN environment. In addition, managing the LAN-to-WAN environment involves efforts to ensure the additional components in the LAN-to-WAN Domain are protecting the internal domains from the external domains. The LAN Domain, as the name implies, focuses on LAN-specific topics. The LAN-to-WAN Domain includes WAN access components and security needs.
Managing the LAN-to-WAN Domain means ensuring authorized data passes smoothly through the domain’s components and on to its destination. This means ensuring you have defined just the right firewall rules. Use the principle of least privilege to write firewall rules. Your rules should allow through the firewall only the traffic that is necessary to perform authorized business functions. In today’s distributed environments, that goal is difficult to achieve. Users and applications tend to establish and use multiple connections with remote services and resources. Your firewall rules should allow all of the different connections you’ll need and can take some fine-tuning to get right.
FCAPS
Managing a network involves several related tasks and can become confusing without a plan. The International Telecommunication Union Telecommunication Standardization Sector (ITU-T) (one of three divisions of the International Telecommunication Union, primarily responsible for communications standards) and the International Organization for Standardization (ISO) developed FCAPS. FCAPS is a network-management functional model. FCAPS is an acronym that represents the focal tasks necessary to effectively manage a network. FCAPS stands for the following:
Fault management—This includes activities to detect, log, communicate, and potentially fix network problems to keep the network running effectively. Fault management directly addresses the availability property of security by minimizing downtime.
Configuration management—This includes activities to monitor network component configuration settings to track and manage the state of your network.
Accounting management—This includes activities to measure how your users are using your network to support regulation compliance and billing.
Performance management—This includes activities to measure and report on network performance to support optimization.
Security management—This includes activities to control access to network resources and limit access exclusively to authorized users.
Network-Management Tools
Many tools are available to help manage your network. Look for the tools that best fit into your environment and provide the functionality you need to best manage your environment.
Although these tools represent functionality that is useful in the LAN-to-WAN Domain, many of them are useful to manage networks in other domains as well. Select the tools that work best to help keep your networks secure and operating smoothly.