Network Optimisation

You're no doubt familiar with being on a video call and having connection issues, or being in an FPS and experiencing lag that makes you and the other players teleport randomly around the place. Having connection issues like these can be annoying in a home network, but can be critically problematic in a business context (FPS aside). Not being able to do simple things like send/receive emails or submit a form in a web browser could potentially be very harmful to a business and are problems that need to be addressed quickly.

Network optimisation is the process of analysing issues in a network (or potential future issues), then adjusting the network in order to improve its performance and speed using various tools, techniques, and practices.

Queueing Theory
Queueing theory is a mathematical study of waiting in a queue. In network optimisation this can help us understand how data moves through a network and how to manage traffic efficiently. Under heavy load packets will often stack up at various points like routers or switches as they wait for their turn to be re-directed forward on their way. Basically, the idea is that we study the wait times at points in our network. If packets are arriving faster than they can be processed then we know that we will have queues that grow and give longer wait times and even potentially packet loss.

One model that is often employed is the First In, First Out (FIFO) queue - pretty much our standard understanding of a queue where the first person is served then we line up behind them and wait for our turn.
Another model is priority queueing where certain types of data are given priority over others, allowing critical information to move faster through a network - much like drivers on the road will (or should) pull over to allow an ambulance with its lights on to pass.

Using queueing theory allows us to determine how to balance the load in our network - how many servers/routers/switches do we need? How much buffer do we need to handle sudden busy periods? Improving our network using this can help to have a faster and more performant network.

Tasks:
1) Make and review notes on queueing theory
2) Give a brief description/explanation of what queueing theory is.
3) Explain the advantages of using queueing theory over not using it (you might use an adjacent example like queueing at the cafe to help explain) - 150 words.
​

A queue (Credit: GeeksforGeeks)

Predictive Maintenance
By now you have probably realised (if you didn't already know) that the Internet is very much a physical thing - put very basically, it's pretty much a countless number of servers, routers, switches, and the means to connect it all. In a network, when something like a router goes down it can be anything from mildly disruptive, to bringing everything to a halt. Just like most things that we use, things like routers don't have an indefinite life span and will occasionally break down. Being able to predict when things like this might happen and replacing hardware before it does is essential to running an effective network.

In doing predictive maintenance, network managers use data analysis, historical performance metrics, and machine learning algorithms to help them predict when equipment might fail or degrade.

As depicted by the image on the right we have different levels to maintenance:

• at the bottom we have reactive maintenance - this is where we don't fix something until it's broken. For example, a pipe bursts in the bathroom so we call the plumber to fix it.
• Preventative maintenance - We plan a replacement based on how old something is/how much it is used. For example, the particular bathroom was made in the 70s so we decide it's about time to inspect/replace some of the pipes before they burst.
• Condition-based maintenance - Here we have some kind of sensors/checks in place to give us information on the current state of a piece of equipment and whether or not it needs to be replaced soon. E.g. phones will sometimes tell us the remaining life of their battery/how much it has deteriorated.
• Predictive/prescriptive maintenance - this is what we started talking about above. Using data analysis and other high-level practices to determine how much life a piece of equipment has left.

Tasks:
1) Make notes on predictive maintenance
2) Explain briefly what predictive maintenance is.
3) Discuss how we use predictive maintenance and why it is important (maybe use servicing a vehicle as an example) - 100 words.

Patterns and Anomalies
In network management recognising patterns and detecting anomalies is crucial for maintaining optimal performance and security. Patterns refer to the typical behaviour of network traffic such as regular peaks during business hours, or consistent data flow in specific applications. Understanding these patterns helps network administrators predict normal performance and identify potential issues early.
Anomalies are deviations from normal patterns and can indicate problems like network congestion, hardware failures, or security threats such as cyberattacks. A sudden spike in traffic could suggest a Distributed Denial of Service (DDoS) attack. Unusual data transfers might indicate malware activity.
It's important for network admins to be familiar with patterns, especially what is normal in their own network, in order to appropriately manage anomalies.

To help detect anomalies, network admins use monitoring software that can alert them of anomalous or potentially anomalous network behaviour. Tools like Network Performance Monitors (NPM) and Intrusion Detection Systems (IDS) give information in real-time about activity in the network and are an invaluable resource.

Tasks:
1) Write notes on patterns and anomalies
2) Think of an example from your own life where understanding common patterns helps you to recognise anomalies (ask Mr Tyler if you need help with ideas). Explain how this is similar to understanding the patterns and anomalies in networks - 150 words.
​

An anomalous fish (Credit: Tatvic)

Security Threats
You are no doubt aware of security and the need for it in Information Technology. Understanding the various types of attacks/threats to a network is essential for any network admin. Some examples are:

• Distributed Denial of Service (DDoS) Attacks - these are attacks whereby a huge number of requests are used from various sources to overwhelm as many parts of a network as possible. Because the activity is more than the network can handle (queues too large etc.) it is effectively shut down and normal service is prevented. To help avoid this we use firewalls and intrusion prevention systems to filter out malicious traffic.
• Malware - this includes (but is not limited to) viruses, ransomware, trojan horse software, and worms. Malware can damage networks, systems, steal information, and be generally troublesome by doing things like consuming system resources (like CPU and memory). Regularly doing updates and having antivirus (like Windows Defender) is helpful to avoiding these.
• Phishing - this is where someone will fraudulently attempt to obtain sensitive information by pretending to be a trustworthy entity - like NZ Post or your bank for example. The best way to avoid this is through education to become very skeptical of anyone suddenly asking you for information and paying close attention to the address/phone number that it comes from. Having good spam/filtering systems is also helpful here.
• Man in the middle attacks - this is where a hacker will intercept data en route from one place to another and acquire information and/or alter the information inside it. Encryption is our best line of defense here, using things like HTTPS and VPNs.

Tasks:
1) Write notes for each of these threats
​2) Give an explanation about what you think some of the impacts of each of these threats could be on a company.
3) Do some research to find other types of security threats and make notes on them.

Best practices for protection from cyber threats (Credit: Stealthlabs)

< Link Layer

Traffic Analysis >