BYOD or Not... That is the Question!!

One of the major challenges for today’s network administrators is the monitoring of BYOD (Bring Your Own Device) traffic on corporate networks. The average consumer owns at least three wireless devices and smartphone sales continue to rise - Gartner predicts that 645 million smartphones will be sold this year in 2012, a 40 percent increase from last year. With weak cell phone receptions still plaguing most public buildings, smartphone owners and employees with mobile devices most often use corporate networks for connectivity. While most employers assume BYOD contributes to increased productivity, the fact remains that wireless devices slow down the network as they consume bandwidth which is normally reserved for regular business applications such as email, etc.

While most enterprises are welcoming BYOD, a company-wide BYOD policy must be established to set rules and reserve bandwidth while securing the network against possible Malware and other viruses. To begin, admins must consider:

1. The amount of bandwidth the additional devices collectively use and the impact on business critical applications.
2. Applications and web sites hit by the users - and the impact of these distractions on employee productivity.
3. The security implications introduced by allowing these devices onto the network – considering that many of these hand held devices do not have antivirus software.

The BYOD policies must also define both acceptable use and misuse of wireless devices on corporate networks. It’s inevitable that most employees will use their wireless devices during work hours to check on personal sites - such as Facebook, Twitter, or Scrabble. In addition to the obvious distractions to the work, these sites consume considerable bandwidth impacting business-critical applications, such as connectivity to the CRM or even VoIP. The slowing of connectivity across the network will have major business impact – not to mention opening the doors to virus attacks that often sneak into enterprise networks through these open sites.

If your organization is sold on the benefits of BYOD savings then consider the Aberdeen Group’s finding that indicates: “a company with 1,000 mobile devices spends an extra $170,000 per year, on average, when they use a BYOD approach.” Still sold on allowing BYOD on your enterprise network?

Let’s Start Tracking BYOD Traffic

To begin with, network administrators should not only set up single sign-in for all devices accessing the network, including BYOD, they should also monitor BYOD traffic using NetFlow technology. Depending on the elements exported in the flows, this can allow admins to track the username associated with every device accessing their network, and in many cases the traffic including URLs logged. Traffic from a cell phone browsing a web site looks nearly identical to that of a PC hitting the same site. So how can a network admin determine the amount of Internet bandwidth utilized by the combined smart phone devices?

All hardware accessing the LAN utilizes a six byte hexadecimal MAC address. The first three bytes of this address is reserved to identify the vendor. For example, an iPhone may have an address of E4:CE:8F:C2:9D:AA. The first three bytes E4:CE:8F identifies the vendor ‘Apple’ and it is likely that thousands of other iPhones start with the same 3 bytes. The remaining three bytes C2:9D:AA are unique to the individual iPhone. Nearly a dozen vendors (e.g. Cisco, Enterasys, Exinda, Juniper, nBox, Sonicwall) are now exporting MAC information in their flow exports.