Friday 16 May 2014

The Ultimate Checklist for Network Auditing

          
         Detailed network auditing is recommended to everyone who manages a network. Network auditing must include examination of the networks, software, systems, procedures and employee training. The parameters like hardware configuration, settings and software’s installed on the network have a great influence on the network performance. Network depends not only on the infrastructure, but also on the devices connected to the network and so it’s important to know the configuration of each device connected to the network before the creation of network audit. The auditor’s only job during network auditing is to note the errors and deficiencies.

A good checklist must include ISP Modem, network switch, battery backup, firewall, grade of cabling, wireless security, a circuit, sustained ping and bandwidth test, DHCP authority, DNS authority and WAN IP. The auditor should run tests or checks on each of the above items to complete a basic network diagnostic audit. It should include detailed information about the routers and switches including its model, serial number, location, configuration, routing protocols in use, spanning tree information for switches, ARP table, CAM table, passwords, memory and CPU utilization. Including these items in the checklist can ensure a successful network audit.

A good Network Audit check list should contain:
  1.  A graphical representation of network topology and its physical infrastructure      helps to understand the network in a better way.

  2.  The network addresses and names should be assigned in a structured manner and it should be well documented. Planning a good naming convention can make the work easy.

  3.   Network cabling should follow structured cabling in-order to prevent wastage of   time in tracking cables in the future.

  4.  There are many free-ware and open-source tools available for monitoring the network availability. MRTG, Zenoss or NAGIOS are some examples.

  5.  Good password policy is necessary for basic network security. Maintain a         database of all database and other credentials at a secure location. Firewall     configuration settings should be inspected. A hole in the firewall may be opened for any specific task, but may be no longer needed which if not closed can create security problems.

  6.  Details of each device in the network should include the details like location, city, address, building, floor, wiring closet, rack, slot-in-rack, etc. as detailed as possible.

  7. Set access control device in place and specify who can access what to improve     the security of the physical place.

  8.  To detect security breaches quickly, event logs should be monitored continuously. Software tools are available to correlate events from multiple devices, to a single management station, which makes it easier to spot the dangerous events.

  9. The employees should be trained to identify and avoid security attacks like phishing attempts and they should be trained to perform their roles well. Improper configuration changes done by an untrained employee may bring down the entire network.

  10. Documenting the charges for each WAN circuit helps in designing the traffic routing policies. The most utilized one should be the most paid circuit.

Creation of a network audit checklist is an easy way to simplify the auditing process. A network manager should be aware of factors like network layout, inventory, top customers, traffic pattern of his network, etc. It can not only make the troubleshooting easy, but can also reduce the average time to repair to a great extent. Finally consider the other aspects also during the audit process. Identifying the problems like inadequate energy usage, back up facilities and other inefficiencies provide a way to improve the performance of the network. 



No comments:

Post a Comment