This is the first in a two-part series on the ways IT executives are managing the strain that mobile devices put on network capacity. The second part explores emerging capacity-management approaches for mobile device traffic.
Earlier this year, the OC-3 network Internet traffic at Kroll Factual Data Inc. reached a saturation point of 80%. Given that Kroll, a verification services provider for lenders and creditors, conducts most of its business online, this was bad news on a grand scale.
Now you have laptops, smartphones and tablets using a network that wasn't designed for that amount of traffic.
senior network engineer, Ford Motor Co.'s Mobile Computing IT Enterprise Technology Research division
The culprit was the streaming media slamming the company's network as employees used mobile devices to watch videos and download files. "It was starting to have a detrimental effect on our customers, and for us, that was the end of the story," said Christopher Steffen, principal technical architect at Kroll, a Loveland, Colo., division of global background-screening and security provider Altegrity Inc.
The company's IT team (with management's blessing) had no choice but to block and limit outbound network traffic. Sure enough, the bandwidth saturation rate went from a high of 80% (which caused significant network connectivity problems, if not connectivity standstills) to only 18%, but the limitations put on mobile device use "went over like a lead balloon" with employees, Steffen said.
IT executives across enterprises are trying to get a handle on network capacity in a bring-your-own-device (BYOD) era, and as Steffen put it, "There's 15 to 20 ways to skin this cat."
The solution to network capacity management at Kroll was firewall blockers and network controllers to prevent employees from going to sites like YouTube, as well as the creation of a guest network that handled all the "dirty Internet traffic," Steffen said. This guest network lets employees surf the Internet while keeping the traffic separate from the core network and the back-end systems used for business processes.
Managing the impact of mobile devices on network capacity, however, doesn't lend itself to a "'fire-and-forget' kind of approach," Steffen cautioned. Even with its technology measures in place -- and policies that prevent access to certain sites -- mobile-device traffic management continues to be a moving target at Kroll, requiring exceptions on a case-by-case basis to identify employees who need mobile access to corporate or network resources to get their job done.
The many mobile paths to network capacity enlightenment
Randy Nunez, senior network engineer at Ford Motor Co.'s Mobile Computing IT Enterprise Technology Research division, said the cause is pretty straightforward but there is "no one right answer for everybody" when it comes to dealing with mobile IT traffic.
More on MDM to increase network capacity
Evaluating mobile device management products
Enterprise mobility: Ubiquitous business? Or ubiquitous risk?
Mobile device management guide: Keeping IT on the move
"Mobile device traffic is absolutely a major problem as more and more people can afford smartphones and tablets, which are Wi-Fi devices that are now becoming more powerful, with more content available, especially with things like multimedia," Nunez said.
People have come to expect free Wi-Fi wherever they go. The problem is that wireless LANs were not originally built for this kind of capacity. "They were designed for occasional laptop Wi-Fi users; and there was a point where laptops were very expensive, so they were limited. But now you have laptops, smartphones and tablets using a network that wasn't designed for that amount of traffic. And it was also originally built for specific purposes, such as within a conference room or certain locations in a plant," Nunez said.
Nunez said there are three primary ways that enterprises are attempting to accommodate the network capacity needed for mobile device traffic:
- Keeping up-to-date with the latest wireless LAN standards and understanding the impact of legacy devices. Deploying devices that support the 802.11n standard can increase throughput, and many wireless devices now support this standard. Also, be aware that devices that support only older 802.11b and 802.11g standards can affect the performance of the 802.11n network, so organizations should upgrade those devices where possible.
- Redesigning the wireless LAN infrastructure. Move from autonomous access-point environments to a controller-based architecture with lightweight access points. "These networks are typically easier to scale and have more robustness," Nunez said.
- Building a guest network. It might not help with throughput, but it will help with security concerns. For BYOD traffic, companies are taking different approaches. Some are pushing mobile device users onto a guest network, while others are setting up different logical networks with different levels of access for BYOD versus corporate devices.
"Consumerization is happening, large file sharing is happening, and this trend will continue," Nunez said. "It is up to IT to figure out how to accommodate this, because if we don't simulate the kind of experience they get on the consumer side, people will figure out a way to go around us to get their job done."
- The Desktop Admin's Guide to BYOD: Pros and Cons of BYOD –SearchSecurity.com
- EssentialEnterprise Mobile Device Security Controls and Policies –SearchSecurity.com
- Weighing the Options for an Enterprise Mobility Strategy –SearchSecurity.com
- CW ANZ: Riding the wave of enterprise mobility –ComputerWeekly.com
Dig Deeper on Enterprise mobile strategy
Patch early, patch often to manage SAP exploit
From security product marketing to CEO: Jennifer Steffens
BeyondCorp brings software-defined network security to Google
Robust security and consumer buy-in needed for smart city success