Network documentation and auditing
Network administration assistance for documentation and auditing is presented in this section of our series.
The first step toward administering a network is to have accurate and complete documentation of the network. Documenting...
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
a network will reduce administration time for issues such as updates, user problems and disaster recovery. There are four basic parts of a network that should documented: LAN Software, LAN Hardware, Network Diagram and User Names (ID numbers) and network numbers. All documents should be kept in a secured location. Make sure that you have a policy in place and a person assigned to the responsibility of keeping all documentation up to date and accurate.
|
This checklist was created by Doug Chick.
Network diagrams
Documenting your network doesn't exactly sound like the most exciting way to spend your time, does it? It involves creating a diagram, usually with a documentation tool such as Visio or LanFlow, that illustrates how your servers, routers and switches are connected, either logically or physically.
However, a comprehensive network documentation can be of vital importance. In addition to serving as a network blueprint, it can also help you remember what you did to your network, and just as importantly, why. This can make maintaining your network and troubleshooting problems a much easier and smoother process. Diagram samples are provided in this tip from Tom Lancaster.
Network cabling documentation
Picture these scenarios: A quick and simple network change turns into disaster when instead of disconnecting the correct cable, you actually disconnect the cable to a critical server. A security audit requires you to document the physical path location of cables carrying sensitive information and who has access to those cables. But your documentation of cable location and the identity of all the endpoints to which they are connected is out of date. Read more about network cabling documentation in this tip by David B. Jacobs.
Learn more about network documentation.
Network auditing
Network auditing may be a time-consuming chore that you probably don't have time for. It's more than likely, however, that someone has already gone to the trouble and is scanning your network for weak points to attack. It could be someone within your organization; FBI statistics show that more than 60% of computer crimes originate inside the enterprise. So remember that the best defense is a good offense, and you cannot raise a good defense unless you know where your network is weak.
Before a network services audit can begin, a network inventory must be conducted. An inventory includes collecting host identification information, such as IP address, network interface hardware (NIC) address and DNS entries, for all network nodes. While some of this information will be on hand in most environments, often it will have errors. In most cases, NIC information and MAC addresses will not be recorded.
Even if you think you have the information, it's a good idea to conduct the inventory and verify the information as a first step to an audit. This allows you to build a complete picture of the environment and, as an additional benefit, will reveal inconsistencies that should be cleaned up.
Learn about conducting a network inventory in this tip by Michael Martin.
|
This checklist was created by Doug Chick.
More resources for conducting a network audit:
- Learn what's involved in a network audit.
- Understand the difference between a network assessment and a network audit.
Network administrators task list
- Task 1: Design, install and evaluate network
- Task 2: Perform and manage regular backups
- Task 3: Provide technical documentation and perform audits
- Task 4: Manage and troubleshoot network
- Task 5: Security management and virus prevention