Network auditing

Network auditing may be a time-consuming chore that you probably don't have time
for. It's more than likely, however, that someone has already gone to the trouble and is
scanning your network for weak points to attack. It could be someone within your
organization; FBI statistics show that more than 60% of computer crimes originate
inside the enterprise. So remember that the best defense is a good offense, and you
cannot raise a good defense unless you know where your network is weak.

Before a network services audit can begin, a network inventory must be conducted.
An inventory includes collecting host identification information, such as IP address,
network interface hardware (NIC) address and DNS entries, for all network nodes.
While some of this information will be on hand in most environments, often it will
have errors. In most cases, NIC information and MAC addresses will not be recorded.

Even if you think you have the information, it's a good idea to conduct the inventory
and verify the information as a first step to an audit. This allows you to build a
complete picture of the environment and, as an additional benefit, will reveal
inconsistencies that should be cleaned up.

Learn about conducting a network inventory in this tip by Michael Martin.

Performing a network audit

1. Use outside vendors to conduct and audit. This will ensure that there
 is no favoritism or politics in the results, and provide credibility

with senior management. Ensure the vendor or contractor you use

covers the items listed below as a minimum. Find out who will be

conducting the audit and review resume and references from past

audited companies. Ensure goals of the audit are adhered to.

2. It is highly recommended that you perform an internal audit prior to

outside audit so you can compare results.

3. Establish and document baseline performance of all network

components.

4. Review, document and analyze controls over Internet, intranet and

network resources.

5. Review and document all network connections, client/server, LAN, WAN,

etc.

6. Review and document controls over network operations and management,

load/traffic management and problem reporting and resolution.

7. Review and assess network segmentation and identify and audit any

internal firewalls.

8. Review and assess a single point of failure analysis. How is your

network affected by critical equipment? Do you have backups installed

and ready?

9. Prepare a risk assessment and develop and implement a risk mitigation

plan.

10. Review and document all software licenses required/possessed for all
 locations.

11.Verify and record all installed software. Remove all unauthorized

software and secure hardware and software to prevent future downloads

or installations.

Network administrators task list

Task 1: Design, install and evaluate network

Task 2: Perform and manage regular backups

Task 3: Provide technical documentation and perform audits

Task 4: Manage and troubleshoot network

Task 5: Security management and virus prevention

Network documentation is a vital first step in any network design or redesign

project. While your well-meaning customers may assure you that their
documentation is complete and current, it's unlikely that the documentation will
have the specific information you need to successfully complete your project.
As you go about the tedious task of network documentation, keep in mind our
top five tips as determined by other networking service providers and
consultants.

#1--------------------------------------------------------------------------------------------------

Network documentation: How to realize its benefits

Learn the many benefits of a complete network documentation and what to
document so that you and your customer can reap those benefits.
#2--------------------------------------------------------------------------------------------------

Compiling a hardware and software inventory

Performing a network inventory is not a one-size-fits-all task. This tip helps
you identify scope and choose a method (automated vs. manual) when
performing an inventory of a customer network.

#3--------------------------------------------------------------------------------------------------

Assessing a customer's site: The value of a hardware/software inventory

Not convinced you need to spend valuable time (and money) on network
documentation? This tip puts the task into perspective as it relates to your
work as a VAR or systems integrator.

#4--------------------------------------------------------------------------------------------------

Network documentation and cable management

Documenting network administration is a vital but difficult process for VARs
and consultants. Cable management software helps simplify the process.

Mastering the art of managed communications

#5--------------------------------------------------------------------------------------------------

Network topology rediscovered: NetworkView basics

This tip introduces network documentation tool NetworkView, to help
consultants and VARs efficiently map, sort and monitor network conditions.