AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Filter by Custom Post Type

The Tribe Has Spoken – You are Voted off the Network


One of the more interesting phenomena I have observed when working with companies on their network security challenges is that every company feels that their challenges are unique. While this is true to some extent, there are many more similarities than differences between companies. One such similarity is the existence of “Network Ned”.

Who is Network Ned you may ask. It is an affectionate name we coined at AlgoSec for the guy that:

  • Has been a network engineer with the company since dinosaurs roamed the planet
  • Helped design the early network architecture and access rules. If somebody wonders why a firewall rule from 10 years ago was put in place, the firewall comment may as well say “Ask Ned”
  • Can spot an error in the Visio network diagram from a mile away, even when blindfolded

Simply speaking, Ned is a walking concentration of “tribal knowledge”. Oh, and one other noteworthy truth about Network Ned… …   S**T will hit the fan when he leaves the company.

If you have a Network Ned and you care about your fan’s hygiene, now may be a good time to start thinking about how you deal with tribal knowledge. It’s not just about a succession plan. There are several business reasons to properly document tribal knowledge:

  1. Employee ramp up – a company I talked with recently mentioned it takes them a full year to ramp up a network engineer. This adds up to a significant cost when you have a complex network with many engineers.
  2. Business Continuity – mistakes in network configurations cause disruption and outages. Having access to tribal knowledge at your fingertips means fewer engineers are doing their rendition of Brittney Spear’s “Oops I did it again”
  3. Workforce Flexibility – access to knowledge allows more junior engineers to tackle complex tasks, freeing up expensive senior engineers for higher level tasks.

The best way to document tribal knowledge is (drumroll please)… automatically! Wouldn’t it be great if you had a live map of the network that automatically updates every time a routing table is modified or a new firewall rule is put in place? How about the ability to automatically know if a new firewall rule violates your network segmentation policy or PCI requirements? With a good security policy management solution this becomes a reality.

All you need to do is get Network Ned into the room to:

  • Point the solution to the relevant network devices – firewalls, routers, load balancers etc. These devices are then continuously monitored in near real time to automatically reflect updates.
  • “Upload” his knowledge to the solution. For example – which traffic is or isn’t allowed between different network zones, or which firewall rules are in place to enable connectivity for a specific business application.
  • Rinse/Repeat – when new business requirements or procedures are created, set them up within the automated solution, so that every network engineer has instant access to the correct analysis and course of action.

Once the knowledge exists in a good automated solution – maintaining it should be straight forward, as the solution should be aware of changes that happen on both the network level and the application level, and auto-document these changes for everyone to utilize.

Tribal knowledge should not be the privilege of the few – especially if you want your tribe to flourish when people start getting voted of the island.

Subscribe to Blog

Receive notifications of new posts by email.