A network is defined as a group (2 or more) of systems such as Windows desktop and server platforms that connect together for the purpose of sharing resources. Typical resources include printers, storage devices and folders that include files and other data that users may wish to use. Networks are used to give centralized access (secure access) to networked resources and generally, the entire network (whether it be a home based office, or a corporation’s infrastructure) all connect up to the biggest shared resource in use today – the World Wide Web.
# 5: Initial Configuration
The first problem that comes to mind is glitches that occur when configuring your network, your systems and resources for use. There are many components to a typical network and as size and use grows, so do its complexities and the possibility for problems to arise. With the rise in telecommuting over the past 10 years, and the growth of this market in terms of hardware and software offerings, there are many people setting up systems and networking them together without any formal education on the topics or systems, networking and security.
No matter whether you are setting up and configuring Windows, or a Linksys router, there are many things that need to be considered and done correctly. There are also multiple ways of doing things, and so, the best practices should be considered and followed. For example, the computer system you want to connect to the Internet. This simple example requires you to know a few things about TCP/IP addressing schemes, the DHCP protocol and cabling (or wireless for those who have it available). A great primer to networking can be found by following this link. Here you can get an idea of the complexity of networking if you are not already familiar with the fundamentals.
When setting up your systems, the biggest things that cause disruption are loss of your main power source, incorrect cabling (or wireless configurations), lack of/or misconfigured protocols (such as IP) and problems with Windows systems such as misconfigured network services. Another issue to consider is the configuration of how your client computers access shared resources, such as a network printer. Many times, a ‘server’ is used to provide centralized access which would mean you would need to configure properties on the print server, or if the print server function is located and controlled on a server, the configuration of the workgroup, or client/server relationship. This is a huge stumbling block for those working with networked Windows systems… the relationship of a client to the server it uses to work with shared resources. After the initial configuration and testing of your network, the next steps should be to document it correctly so that if problems do pop up, you have the phone number for your ISP handy, or the manuals (or Web links) to the systems you are working with.
# 4: Credential, Permission and Rights Problems
So, if you configured everything correctly and connected all systems without issue – then what could possibly go wrong? Anything and everything. The first problem that comes to mind with Windows systems is credentials, permissions and rights. Most times, you may try to access a host and not be able to because… yep, you guessed it – because they can not log in, or they do not have permissions to access resources once they are logged in.
You can use the Windows Event Viewer to find most of your problems in this area, if you can log on and check it. It’s recommended that you store a password in a safe place in case you forget, but never leave a credential set (username and password) visible for anyone to locate and use without your permission. Not being able to access resources over your network is a common issue and easily resolved with a better design, or a contingency plan to recover lost of forgotten credentials.
# 3: Network Performance
This is by far the most common issue with networking in general. With Windows, performance can be affected in many ways. For example, if you build or buy a computer system without taking into consideration the applications you will run across the network. The most common applications are any type that requires a client to server relationship, which means the client installed on the Windows desktop must interface and transmit data over the network in order to function. If network performance is impacted, either the network is too slow (very common term), or the application was not developed with the network in mind. It can be confusing to solve this type of issue and normally requires advanced analysis of the problem usually needing a tool such as a packet analyzer (known as a sniffer) to solve.
Speed and Latency issues can be the result of slow connections, or from a network that is saturated with data. For example, if you use gigabit Ethernet between your hosts, cabled connections will give you up to 1000 Mbps of speed. Unbeknownst to some, switching to a wireless connection will drastically impact your network communication because today home-based wireless systems (even when teamed) will not produce more than about 54-100 Mbps of transfer. Add in interference and you will definitely feel the pinch.
Also, using a hub instead of a network switch (that keeps a switching table in memory) can cause major issues with speed and latency. Using non-hierarchical designs where the core of your network is operating at the fastest speed and the access layer into the core operating at a slower speed can and absolutely will create bottlenecks. Although this is not a common design for home-based networks, you would be surprised at how many SOHOs have grown in size to really need a good design to operate correctly. Mismatched speeds and duplex settings on NIC cards such as half-duplex to full duplex (and auto-sense) are also common issues that create a performance hit on your network. Lastly, using a switch and creating a loop will likely shut your network down completely if one exists.
Common to home based users using Windows systems, is Internet problems. If you have checked over your hardware and software and still cannot resolve the issue, it is likely it is not an issue at all. Sometimes, you may have an issue with a provider’s service. Contact and engage your provider if you think that there is an issue, because if you are paying for a service, it is also likely that you have an SLA in place. The SLA, or service level agreement, states that you should get a certain amount of bandwidth and uptime from them as well as a support network where you can contact experienced techs that ‘should’ be able to resolve your issues with you, or for you. This is not always the case. SLAs are in place to ensure that you get what you are paying for, so make sure you verify them! After speaking with your provider, it should be apparent whether you are working for them, or they are working for you. Just because a link is cheap, or expensive – this has nothing to do with the quality of the network, the support staff that manages it, and the support staff that manages you – the customer. You can also run your own tests. Test your connections, see what you have available and try to find out what you are currently using:
Other issues that relate to performance are security problems (such as Malware, covered later in this article) that tie up your systems resource, or purposely cause your services to fail. Lastly, you can easily have a problem that occurs outside your ISP’s realm. For example, if you were trying to access a Web site in Africa, you may find that the ‘hop count’ (which is defined as how many routers your packet traverses to get to and from its intended destination and back to the source) can be extremely lengthy. Just like it would take a plane a long time to fly from NY to Capetown, a packet has to travel the same distance and can run into problems along the way. You can use other tests such as Windows tools – ping, traceroute, netstat,and pathping to find and pinpoint network issues.
# 2 TCP/IP and other Protocol Problems
There are many reasons why this can be an issue, to name a few – ISP-based protocol issues, DHCP, APIPA, DNS, IP addressing and/or using a different protocol suite other than TCP/IP within your network. You can solve most of your TCP/IP related problems by a) having an updated document of your topology, even if it is a few systems. Being able to view a graphic (like figure X) is extremely helpful when trying to resolve a network issue, or, to quickly add a new host to your network without causing an issue. Even if you use DHCP, it is important to consider how IP tools like tracert, netstat, ping and pathping can help, but there are others you can use when not solely working with TCP/IP-related problems. Other protocols do exist and tools are available to perform the same functions to test them. At a high level (usually corporate networks), IP packets are routed over multiple devices and links which takes the problem and multiplies it times the amount of gear you are using. Routing tables can get screwed up from duplicate entries, and if address space is not summarize correctly, could cause large route tables, both causing performance issues for any end-user just trying to download a spreadsheet from the corporate office location.
If you do not have a network protocol configured, you will not be able to communicate over a network. Within the TCP/IP suite are many other protocols, such as DHCP (Dynamic Host Configuration Protocol) and DNS (Domain Name System) are common culprits for network connectivity problems – as well as for network performance problems. For example, if your client computer cannot speak with the DHCP server which provides it with its IP information, it will not function at all and be disconnected from the network. If this happens, APIPA (Automatic Private IP Addressing) kicks in giving the client a different address number (likely un-routable or un-routed within your network) causing confusion if you are unsure as to what this is. Clients are trying to communicate. If physical connectivity (such as cables and power sources) are disconnected, then you will not communicate. If you cannot log into your system or resources available on the network, you cannot communicate. If your system is configured with the wrong protocols, or no protocol at all – no communication. If your system protocols are not configured correctly, you are not able to communicate! Sometimes however, you may have limited communication that will affect your performance.
# 1: General Security Concerns
The #1 networking issue when dealing with Windows clients is the poor application of basic security services and features – or lack thereof. For example, your system may get a virus (or other type of Malware) that causes the network to fail… or, ties up your systems resources so intensely that you cannot even browse a Web page. It is a fact that most of the intrusions over your network come from within the network, or very easily over wireless connections. This is seen more so with home offices and small companies that cannot afford (or are oblivious to) enterprise security solutions used to control, monitor and lock down wireless usage. That does not mean that your home PC, or router cannot be ‘secured’.
Whether using the Windows Firewall, or some other third party software offering, you should always consider using one as the most basic form of host protection. Network based intrusion detectors can help trend data and lock down anything that seems ‘fishy’. Defense in Depth should be considered and this concept is simple to understand. When you apply multiple forms of protection, you are applying defense in depth.
The router you use may have firewall capabilities, amongst other things (VPN/Encryption), IDS, Wireless AP with security features. Use them to your advantage and pull logs frequently to see what is going on. The systems firewall (Windows Firewall) is also able to perform this function at the host level.
Antivirus (as well as Network Access Protection, or NAP) can be used to reduce connectivity and performance issues. Most viruses today (as well as worms) operate to do the host system, or network harm. If 35 computers on a network that was barely able to hold its own load now get infected with a worm, it’s likely the network will slow down to a crawl.
The most important thing you should take away from this #1 problem (or concern) is that security when applied needs to be tested… and then monitored. Unless you have someone doing it for you in real time, its recommended that you apply multiple security features (which is the concept of defense in depth) and review your logs that come with them at least as often as you are concerned to check them.