Network documentation and auditing

Network administration assistance for documentation and auditing is presented in this section of our series.

The first step toward administering a network is to have accurate and complete documentation of the network. Documenting...

a network will reduce administration time for issues such as updates, user problems and disaster recovery. There are four basic parts of a network that should documented: LAN Software, LAN Hardware, Network Diagram and User Names (ID numbers) and network numbers. All documents should be kept in a secured location. Make sure that you have a policy in place and a person assigned to the responsibility of keeping all documentation up to date and accurate.



 Documenting your network

  1. Obtain or construct a building diagram/floor plan.
  2. Obtain or construct a physical network diagram.
  3. Obtain or construct a logical network diagram. (Software packages can research and...  record all hardware information.)
  4. Hardware information should include make, serial numbers, numbers of ports as well as MAC and NIC numbers.
  5. Research and record all configuration, protocol and DNS information.
  6. Print copies of configurations files, keep those copies on tape for removable disk.
  7. Document specific software configurations.
  8. Research and record all corporate contact and vendor information.
  9. Product and maintain device log sheets for all applicable network devices.
  10. Product and maintain a network cabling labeling scheme. Do not base the labeling on names of users.
  11. Product and maintain procedure documentation.
  12. Product and maintain computer and network acceptable use policies.
  13. Product and maintain computer and network security policies.
  14. Product and maintain a disaster recovery plan.
  15. Schedule to update and maintain these items on a regular basis.
  16. Never share these documents with unauthorized individuals -- ever!

This checklist was created by Doug Chick.

Network diagrams

Documenting your network doesn't exactly sound like the most exciting way to spend your time, does it? It involves creating a diagram, usually with a documentation tool such as Visio or LanFlow, that illustrates how your servers, routers and switches are connected, either logically or physically.

However, a comprehensive network documentation can be of vital importance. In addition to serving as a network blueprint, it can also help you remember what you did to your network, and just as importantly, why. This can make maintaining your network and troubleshooting problems a much easier and smoother process. Diagram samples are provided in this tip from Tom Lancaster.

Network cabling documentation

Picture these scenarios: A quick and simple network change turns into disaster when instead of disconnecting the correct cable, you actually disconnect the cable to a critical server. A security audit requires you to document the physical path location of cables carrying sensitive information and who has access to those cables. But your documentation of cable location and the identity of all the endpoints to which they are connected is out of date. Read more about network cabling documentation in this tip by David B. Jacobs.

Learn more about network documentation.

Network auditing

Network auditing may be a time-consuming chore that you probably don't have time for. It's more than likely, however, that someone has already gone to the trouble and is scanning your network for weak points to attack. It could be someone within your organization; FBI statistics show that more than 60% of computer crimes originate inside the enterprise. So remember that the best defense is a good offense, and you cannot raise a good defense unless you know where your network is weak.

Before a network services audit can begin, a network inventory must be conducted. An inventory includes collecting host identification information, such as IP address, network interface hardware (NIC) address and DNS entries, for all network nodes. While some of this information will be on hand in most environments, often it will have errors. In most cases, NIC information and MAC addresses will not be recorded.

Even if you think you have the information, it's a good idea to conduct the inventory and verify the information as a first step to an audit. This allows you to build a complete picture of the environment and, as an additional benefit, will reveal inconsistencies that should be cleaned up.

Learn about conducting a network inventory in this tip by Michael Martin.



 Performing a network audit

  1. Use outside vendors to conduct and audit. This will ensure that there is no favoritism or politics in the results, and provide credibility with senior management. Ensure the vendor or contractor you use covers the items listed below as a minimum. Find out who will be conducting the audit and review resume and references from past audited companies. Ensure goals of the audit are adhered to.
  2. It is highly recommended that you perform an internal audit prior to outside audit so you can compare results.
  3. Establish and document baseline performance of all network components.
  4. Review, document and analyze controls over Internet, intranet and network resources.
  5. Review and document all network connections, client/server, LAN, WAN, etc.
  6. Review and document controls over network operations and management, load/traffic management and problem reporting and resolution.
  7. Review and assess network segmentation and identify and audit any internal firewalls.
  8. Review and assess a single point of failure analysis. How is your network affected by critical equipment? Do you have backups installed and ready?
  9. Prepare a risk assessment and develop and implement a risk mitigation plan.
  10. Review and document all software licenses required/possessed for all locations.
  11. Verify and record all installed software. Remove all unauthorized software and secure hardware and software to prevent future downloads or installations.

This checklist was created by Doug Chick.

More resources for conducting a network audit:

Network administrators task list

This was last published in March 2005

Dig Deeper on Network management and monitoring