In this post, I wanted to say some of the lessons I’ve learned with maintaining a relatively large home network and a bit of an understanding I’ve come to regarding the work large enterprise admins have to deal with.
I skipped over “general” IT in my career and jumped right into the realm of cybersecurity. I never had to deal with IT troubleshooting, infrastructure design, scheduling updates, or other work. I never wanted to do this work, even if I acknowledged it as necessary. What I didn’t realize was how difficult coordinating all of this was. I had never considered how much time and effort went into maintaining a network while at the same time maintaining an uptime requirement and business functions. I’ll own up to my ignorance here and admit that I underestimated how difficult this would be until I had to start doing this for my own home. I’ve discussed this in an older blog post about adding VLANs which you can read here.
My home network is similar to, or perhaps, more advanced than, what you would find in a small to medium-sized company. I have reverse proxies, identity-aware proxies, intrusion detection & prevention systems, SDNs equipment, VLANs, virtual machine farms, thin client infrastructure for my kids’ schooling, training labs, VPNs, NAS, Websites (like this blog), SIEMs, and more.
In addition to this equipment, I have a series of soft requirements to maintain. My wife remote works, so she needs reliable internet for video conferencing. My kids go to school in the northeast, where snow happens regularly during winter; additionally, they have virtual homework. Finally, I also remote work (as I am right now), have virtual school to finish my MS in Cybersecurity, and work on my publication (hopefully more on that in another blog post).
In the past, I would simply update my equipment when the updates became available, which sometimes killed the network for a few minutes. However, now having unplanned downtime in the network impacts school, work, and entertainment for my family. Now, I’ve had to take on a new approach to updates. I’ve divided my updates into disruptive, non-disruptive, and potentially disruptive.
The disruptive updates, such as updating Unbound, the Firewall, and the switches, all get scheduled for later at night. These updates will bring down the network for short periods. Non-Disruptive updates, such as updating packages on a server, can be performed when available. Finally, potentially disruptive updates, such as updating the EAPs happen in stages. I will update the EAPs individually and wait for them to return online before I update the next one. My house is small, and I only have 4 EAPs in total, so this isn’t a huge lift, but in an enterprise environment, I would need to plan something more specific.
This is a bit different from my regular blog posts, where I talk about more technical things, but I thought it was important to acknowledge my biases and lack of knowledge of enterprise IT. Two days ago, I finally added a UPS to my network. Before that, however, I had to plan to add the UPS into the network while minimizing downtime. That planning made me reflect on how my thinking has changed about performing updates. It also made me reflect on how little I understood, and still understand, the inner workings of network management. Maintaining my own home network and all the requirements that come with it has given me a new appreciation for IT folks’ work.
Keeping a network patched, running, and meeting requirements is challenging. Make sure to thank and appreciate your IT teams.