In my 12+ years as an engineer at Cerdant, I have seen bandwidth management be one of the most effective, and most underutilized, tools available to administrators for managing network performance. Today, bandwidth is more affordable than ever, which has made it easy to just upgrade to a higher speed to solve network performance issues, but some simple bandwidth management can often resolve many network performance concerns. I am often asked what bandwidth management best practices are, and I answer that question with a variety of other questions. Bandwidth management best practices are almost entirely dependent on what expectations and policies you have in place for your bandwidth usage. Do you know what your daily bandwidth is being used for? More importantly, are you struggling with call quality or are business critical applications competing for bandwidth against other programs? Maybe you simply want to limit the amount of Netflix or YouTube traffic users can consume during their time on the network. What about your guest network? Stop wondering and start managing.
How bandwidth is utilized from company to company differs widely; however, most of the time large amounts of streaming media services are typically not something a network administrator wants to see on a business network. While troubleshooting a recent VoIP quality issue with a customer, I found the following information using one of our Pervidio Bandwidth reports (see report below). If your network traffic looks like this, your business-critical applications could be suffering. Bandwidth management can be used for MUCH more than just limiting bandwidth to certain applications, but this is just one example to get started. Bandwidth resources can be siphoned away from business tools more than you’re realizing when management rules and tracking is not in place.
I’m going to rewind a bit here to make sure we’re all clear on what bandwidth management refers to. Quite simply, it is the process of measuring and controlling the communications (traffic, packets) on a network link to avoid filling the link to capacity or overfilling the link. We’ve all experienced link capacity issues resulting in network congestion and poor overall network performance. As an additional note, bandwidth is measured in packets per second (Kbp/s, Mbp/s, etc.).
Most Next Generation Firewalls have Bandwidth Management (BWM) as a built-in feature. At Cerdant, we specialize in managing SonicWall products, so the SonicWall BWM tool is what we’ll be referencing specifically. The secret to the sauce is fully understanding everything you can actually control with bandwidth management tools. The capabilities are often much further reaching than many administrators realize. As an example, SonicWall’s SonicOS includes bandwidth management through its interfaces for both inbound and outbound traffic. Outbound BWM can be applied to traffic sourced from Trusted and Public Zones (such as LAN and DMZ) destined to Untrusted and Encrypted Zones (such as WAN and VPN). Inbound BWM can be applied to traffic sourced from Untrusted and Encrypted Zones destined to Trusted and Public Zones.
Limit services like Multimedia (Netflix, YouTube, etc.)
Situation: You have a 200Mb Internet connection. You find that VoIP is struggling around lunch time. Voice conversations are delayed, and people are complaining. Your research indicates you have a few users streaming Netflix on their lunch break. No real harm… the “offenders” are among the top salespeople in the company, but we still need to make sure the rest of the sales team has enough bandwidth for their phone calls.
Solution: Limit streaming services to 50Mb and guarantee 20Mb to the VoIP system. This will allocate some of your bandwidth resources to employee leisure activity during lunchtime, while also ensuring that business-critical services do not suffer. Adjustments can be made within minutes after rules are put into place. Now, Sally and Steve can find out what happens in Season 3 of Episode 4, and the rest of the sales team can try to catch up their sales numbers without poor call quality!
Situation: It’s 2018, and most people expect businesses to offer “Free Wi-Fi,” for coffee shops and office space alike. You do not want “untrusted” people having access to your internal data; likewise, you don’t want your guests to be able to “steal” your bandwidth from the critical business applications, such as the POS credit card network in a retail setting.
Solution: Using a 200Mb connection in this scenario, allow the guests to use up to 25Mb, but guarantee nothing. Remember, if you guarantee bandwidth, it is held for the specific type of traffic you allocate it to. This also brings up another important point to keep in mind. With basic BWM rules in place, a single user can utilize the maximum bandwidth allocated in that specific rule. In most firewalls, single IP tracking is available, so you can also put limits on individuals instead of the group to ensure no one person can use all of the bandwidth.
Situation: I work with many customers who host events throughout each month. They have both conference and social areas that they use for teleconferences and social events. Some also rent these spaces out for many different types of gatherings. During these events, it is critical that bandwidth resources are available for streaming or teleconference quality during the event, but we also need to ensure that normal daily business systems are not affected.
Solution: We recommend that they utilize bandwidth management rules on a schedule. This allows them to “set it and forget it.” During conference/event times, the BWM rule guarantee’s bandwidth for the presenter wireless network to ensure the hosts are not fighting other guests in the room, or normal business applications, and can get through their presentation with no lagging. There is nothing worse than slow internet while trying to give a presentation or run a teleconference. Setting scheduled BWM rules also means that you don’t have to make changes to main policies then revert back later. You can set these policies for specific dates/times, and your main BWM policy will resume once the scheduled policy has expired.
Whether it be guaranteeing bandwidth for critical systems or limiting non-business-related applications, managing your bandwidth is a cost-effective way to take control of your network resources. I could keep giving possible scenarios and may still not hit every option available. So, take a look at what you have available or contact your favorite partner to see what your equipment can do for you. Odds are you’ll be shocked at the level of control you could have.