Increased globalisation, advances in mobile and VPN technology, improved employee productivity and operational cost savings are all major factors which are driving the widespread adoption of remote working business models. From a network management, business compliance and security point of view this trend has brought with it a whole new range of operational challenges.

In recent years a key focus for IT managers has been on privacy together with prevention of malware and unauthorised access to data. Whilst these issues still remain a primary concern, the increasing operational dependence on network services such as email and Web applications has resulted in the ability to offer guarantee of service, particularly for priority users and customers, now also assuming critical importance. Failure in this area can and does cost businesses millions in lost revenue through reduced productivity and lost sales.

For e-commerce based businesses 24/7 availability is even more critical. In December 2006 over 3.5 million people per minute were hitting shopping sites with sales reaching £300 million in the process. Also for ISPs providing continuous connectivity goes beyond that of a desirable objective to become a contractual element of the service agreement with customers. Failure at this level could have a catastrophic effect on many businesses from which it would be difficult to recover.

Network performance degradation can result from a wide range of weak points in the system; inadequate network architecture or infrastructure, operational failure of routers, firewalls, servers or applications and limited bandwidth can all have a dramatic effect on availability of the network services particularly when demand can fluctuate widely between two extremes or a site is targeted by one of the many Denial of Service attacks which last year in the US alone were averaging over 5,000 per day.

To some extent the problem can be mitigated by ensuring that system resources are specified for the worse case scenario. However, back in the real world the network manager is involved in a constant IT budget balancing act to satisfy the expectations of increasingly demanding users within the RoI expectations of the company management.

Striking the right balance to satisfy both the operational and business cases can only be achieved by understanding and controlling what is going on within the network. Traditionally IDS/IPS, firewall and load balancing technologies have been deployed as the first line of defence to prevent unauthorised access or to stop security breaches and virus attacks but most do not have the level of granularity required to distinguish between a recognised user and a malicious intruder. Consequently when an attack is under way or IP traffic overwhelms the system resources the priority users and regular customers are just as likely to be shut out along with the bad guys.

As well as acting as a blunt weapon these solutions fail on a number of critical levels: They often depend on known threat alerts and human intervention to block malicious DDoS attacks after they have started, by which time the damage could have been done. In the case of a new threat or a sudden spike in legitimate network traffic the delay can be even longer and the chances of an outage significantly increased.