How remote work is changing the future of network management

During the COVID-19 pandemic, businesses have undergone dramatic changes to accommodate employees working from home. When the workforce is geographically dispersed, IT operations staff are under pressure to keep the underlying infrastructure delivering optimal performance. In many cases, this has created visibility and control gaps, forcing IT departments to adjust to regain the appropriate level of management control.

[[423332]]

How monitoring and management gaps develop

Early in the pandemic, IT shops focused on strengthening their remote access connections so that employees could work from home. The massive dispersion of the workforce created a gap from a network operations management and monitoring perspective. Network administrators no longer had end-to-end visibility and control.

Network teams initially accepted the loss of proper management because businesses assumed employees would return to the office within a few weeks. However, as the hybrid workplace becomes a persistent enterprise trend, IT must seriously consider how to oversee this new work environment. The future of network management requires teams to learn how to properly manage network security and performance regardless of where users are connecting from.

Adjusting distributed network management and monitoring

Today, most work is done outside the corporate LAN boundary, which has led to a major shift in traffic. Many of the limitations of network-based security and performance monitoring and management tools deployed within the LAN are outdated.

To address this, departments are beginning to turn to modern tools, network components, and architectural models to help regain control. Some examples include the following:

• Remote and teleworker gateway hardware;
• Virtual Desktop Infrastructure (VDI) or Desktop as a Service (DaaS);
• Zero Trust security model;
• Unified Endpoint Management (UEM)

Remote and Teleworker Gateway Hardware

When users connect to corporate resources using client-based VPN software, network operations staff have little visibility when it comes to monitoring and managing endpoint devices. One way to regain control is to issue remote access gateway hardware to each employee.

A remote access gateway typically consists of a small hardware device that is fully configured and controlled by corporate IT staff. Devices connected to the gateway can access corporate resources through an always-on, site-to-site VPN tunnel.

Other benefits or remote gateway hardware include network firewall functionality, secure Ethernet or Wi-Fi access, and the ability to view and collect local network security and performance data at the remote end of a network connection.

VDI and DaaS

VDI and DaaS offer two alternatives to remote gateway hardware. VDI and DaaS are two technologies that provide better monitoring and control of endpoint devices on the network. They both allow remote workers to connect a PC, laptop or tablet to a virtual desktop that runs within the security of a corporate data center or cloud.

VDI and DaaS eliminate much of the risk of endpoint device infection, data leakage and malware, which is much higher at an employee’s home than on a secure corporate network. Virtual desktops are completely controlled by internal IT, which enables network teams to monitor and secure devices as if they were directly connected to the corporate LAN.

Zero Trust Security Model

Before working from home or a hybrid workforce became the norm, IT security teams used network-based tools to enforce network security policies - based on trusted networks, zones, and devices. However, now that employees are increasingly working remotely, data flows often bypass corporate networks and connect to various public cloud services over the Internet. Enforcing security policies has become a challenge.

Today, the zero-trust security model is becoming popular because it requires all devices to be authenticated, regardless of who the user is or where they are located. User and device authentication is centrally managed across the distributed network. This reduces the need for remote access VPN tunnels and simplifies the authentication process.

Unified Endpoint Management

When the BYOD phenomenon first emerged in the early 2010s, IT departments began implementing mobile device management (MDM) software to protect corporate networks from unpatched or unsecured personal devices. Since then, MDM has evolved into UEM.

UEM platforms utilize software installed on remote endpoints (or hooks within the device OS itself) to ensure that enterprise-owned and network-connected devices are kept up to date with the latest versions in terms of OS and software patches, access controls, document sharing, and compliance regulations. Devices with UEM software installed can be remotely controlled and monitored via a centralized ITOps platform.

Choosing tools and technologies for your business

Business variables such as the size of the remote workforce, mobility restrictions, geographic distance between remote users, and security requirements influence the monitoring and management tools that are best suited for the enterprise. Unfortunately, there is no one-size-fits-all approach to this problem.

That said, when selecting tools and technologies, organizations should first take the time to identify where visibility and management gaps exist and what tools to use to fill those gaps. Network teams must fully understand the technologies available in the market and understand how to apply these tools to their infrastructure to achieve the best results.