What is Packet Loss in Network Security?

November 12, 2019 Eric Dosal Eric Dosal

There are numerous technical issues that can affect an organization’s network. One particular issue that many organizations experience is packet loss. What is packet loss? What causes it? How does it affect network performance? Finally, can you prevent it?

Here are a few basic bits of information about packet loss and how it can affect your network’s performance:

What is Packet Loss?

When a computer or other network-capable device tries to connect to the internet or to your organization’s internal network, that device sends and receives information packets back and forth to facilitate communication. These packets can contain information queries, data for downloads, and other information that is used to authenticate the device and/or allow users to access specific content.

Packet loss is when these packets fail to arrive at their destination for one reason or another. This can negatively impact network performance, disrupting work and making team members relying on internet or network access less effective and efficient at their jobs.

What Causes Packet Loss?

There are several potential causes of packet loss for any organization. Some of the most common causes include:

  • Network Congestion. When there is more traffic on a network than the routers, firewalls, and devices on the network can handle, data packets may be dropped until previous data requests are fulfilled. If network congestion is bad enough, it can result in completely dropped connections and loss of data.

  • Distributed Denial of Service (DDoS) Attacks. A DDoS attack often floods a network with excessive data packets from a variety of sources—artificially creating network congestion so that legitimate users cannot send packets back and forth. These attacks can easily cause packet loss for a prolonged amount of time.

  • Software Bugs. One of the most common causes of data packet loss is random software bugs and glitches that cause programs to misfile or ignore data packets. In most cases, modern software programs will automatically re-send data packets if the first request fails, which helps to cover for some software bugs—unless the glitch is endlessly recurring (which should be tested for as soon as possible).

  • Physical Hardware Faults. Random interruptions happen from time to time. A server may have a loose cable, causing it to intermittently lose connection. A power outage may temporarily disrupt communication mid-session. Or, a physical router device may short out suddenly—dropping any data packets that were being routed through it.

  • False Positives from Firewalls. Firewalls are a critical network security measure—helping to filter out “bad” traffic that may contain malware or be behind an attempted security breach. However, improperly-configured firewalls may generate false positives, causing the firewall to block legitimate traffic requests—leading to packet loss.

  • Security Breaches in Progress. Some types of cyber threats alter the behavior of databases and other assets on a network. This can cause the compromised network security endpoint to drop legitimate access requests. For example, an attacker may change a database so it drops data packets from legitimate users while they download sensitive information—or until they’re able to complete some other objective. Sudden network-wide packet loss could be an early indicator of a network security breach in progress.

How Does Packet Loss Affect Network Performance?

Depending on the severity of the cause of packet loss—whether it’s short-lived network congestion or a long-term security breach designed to ensure dropped traffic and other problems—packet loss can have different effects on your network.

The most common issue is that there may be slight delays or instability in network communications. This will cause data to download more slowly and may prevent users from being able to access certain resources in the short term. Users experiencing packet loss may complain about interrupted downloads or relatively small files taking a disproportionately long time to complete—like they were back in the bad old days of dial-up internet.

At its most severe, packet loss may render your network completely incapable of processing user requests. For example, in the middle of a DDoS attack, so many data packets will be dropped that few, if any, legitimate users will be able to get through to the resources they need on a network for several days (or however long the attacker is able to maintain the attack).

Can You Prevent Packet Loss?

Preventing packet loss is a lot like dealing with network security issues—it’s easier if you’re proactive about prevention rather than reactive. Waiting until a hardware router shorts out to add a spare system to take over traffic distribution, for example, is not ideal.

Instead, checking your network architecture and looking for single points of failure (such as the aforementioned lone hardware-based traffic router) and creating some redundancy ahead of time makes things easier. This way, if Router A fails, Router B can pick up the slack and redirect traffic on the network right away—minimizing packet loss and network service disruption.

Additionally, it can help to check your organization’s firewall configurations to verify whether there are any redundant or conflicting rules. This check should be done frequently to ensure that new rules don’t cause conflicts with older firewall rules.

Packet loss caused by faulty hardware can be difficult to anticipate. However, it can be avoided by running weekly or monthly maintenance checks on network hardware and replacing any faulty equipment as soon as possible.

Finally, taking basic precautions to prevent network security breaches can help to prevent packet loss (and a variety of other issues). This involves conducting some vulnerability management—like running penetration tests and applying a defense-in-depth strategy to your network security architecture—so you can identify and close security gaps before they cause security breaches.

While you might not stop 100% of all packet loss, you can limit your exposure to this network performance problem and keep your teams working at peak efficiency. Need help improving your network security so attackers can’t disrupt your network? Reach out to the experts at Compuquip to get started!