SMB Network Issues
At first glance, SMB network issues may seem uncomplicated. Most users are happy if they can get to the Internet and maybe a file server. The business needs more than the user wants, though.
What Goes Into A Network Solution?
From an end user perspective, networking is simple. You plugin a router to your Internet Service Provider and hop on the network with a LAN cable or WiFi. That's how they do it at home.
When I started working for my current employer, that's how the previous owners set things up for business needs, too. It didn't work well at all. Network performance was slow. One of our sites crashed its network several times per day. There was no communication between sites, so there were no central file servers or other resources to share.
Small-to-Mid-Sized Business networks have different needs than a home office and those needs were unmet.
The problems users faced were compounded by an utter lack of understanding about network issues. Here are just a few of the mistakes that made business difficult for the staff.
- Home office routers could not perform at the capacity of the cable modems. Why buy a 70 Mbps service when the router could only handle 20 Mbps?
- Network switches were mismatched at different speeds and frequently daisy-chained together.
- There were no network monitoring tools to determine what traffic was on the network.
- There were no tools to prohibit undesired network traffic.
- Network access was completely unrestricted for staff and customers with unsecured WiFi.
- Malware ran openly on company computers due to the lack of control.
Any of this sound familiar? When a new business starts, Information Technology often isn't a priority. Slapping together some consumer-level components to address SMB network issues is easy, but may end up costing you more when you can't conduct business.
The first consideration when determining what goes into a network solution is determining what traffic you want on your network and understanding how to prevent the traffic that interferes with your business.
Why You Need Network Control
What is the primary need for the network in your business? In this case, the primary application most users needed was a hosted business application that required Internet access. Secondarily, we needed network access for some streaming media. Coming in third place was Internet access for customers in a specific field.
Requiring a password for the WiFi access would have been an easy place to start, even with the home office routers in place. That would help limit the number of users on the network to only those who should have access. However, other issues requires much more than those routers could provide.
There were times when we couldn't conduct business because the network was overwhelmed by non-business users. It's fine to provide a service, but it shouldn't prevent your staff from working. You need to have a tool that allows you to allocate bandwidth and provide quality of service for business critical applications.
Another aspect of SMB network issues is controlling the kind of traffic you allow to run on your network. Games and streaming media and kill your network. Access to malicious sites can let malware invade your computers, which in turn may start generating network traffic of its own as it tries to spread to other systems. Illegal peer to peer file sharing not only chews up your bandwidth, but it may leave you legally liable for the activity on your network.
It's nearly impossible to block traffic site by site. Instead, you need to have a tool that allows you to block content by category. For example, it didn't take much consideration to realize that we wanted to block adult content, peer to peer file sharing, malicious sites, criminal activity, etc. Blocking sites with these categories reduces network traffic and helps protect you from the liability of potentially illegal activity.
Even with site category blocks on malicious sites, you need layers of protection from viruses and malicious code. The first layer should be on the point of entry to your network. That means scanning for known malicious code as well as blocking executable files. Endpoint protection on each computer is another layer, but it's best to prevent problems from even entering your network in the first place.
Finally, you need reporting to help you understand what's happening on your network. Skip past the home office routers and you'll find plenty of useful metrics that monitor and log every single transaction. Based upon those logs, you can find out which device is using the most of your resources, which destinations are most visited, and much more.
Do you know if you have the right level of Internet Service for your needs? You can't know if you don't monitor the amount of traffic entering and leaving your network. You may be paying for service you never use, or perhaps you're constantly hitting the ceiling of your plan due to unwanted traffic.
Network Solutions for SMB Network Issues
Here's the thing about SMB network issues. Your business may not have as much traffic as a large business, but it still has all the same needs as a large business. You still have to conduct business. Anything that interferes with your network access to conduct business ends up costing you money with wasted time and potentially with lost opportunities.
Instead of gathering different components to address the issues listed above, there's a class of network routers that provide Unified Threat Management (UTM). These routers provide more than network connectivity and a firewall to prevent unwanted access from the Internet.
In addition to providing solutions for the problems mentioned above, they also provide additional services to support site to site connectivity, VPN access for users who are off-site and still need a secure connection, intrusion protection and VLAN support.
I ended up choosing the Sophos UTM routers for my environment and they've worked very well. Next time, I'll go over some of my decision criteria for selecting a UTM router and how you can create your own evaluation process to deal with your SMB network issues.