Monday 22 August 2011

Auditing a network

Imagine that you have been contracted by a company to resolve their network issues. How would you go about tackling this issue? Here is some of my thoughts if I had to solve this:
  1. audit the network
  2. understand and discuss the customers issues
  3. design an solution that satisfies the end customers
  4. produce a project plan and budget
  5. test changes in lab environment and or limited deployment
  6. schedule and implement the changes
  7. discuss with the end-users and report on the effectiveness

Network Auditing

For all tail sites record the following information:
  • location, number of users and any on-site IT contacts
  • type of hardware (eg routers, switches, firewalls, servers)
  • network design, ip addressing, wifi channels and configuration
  • serial numbers of all devices
  • configuration of all devices
  • software / firmware versions of all devices
  • operating system type, version and patch level
  • network links, capacity, service provider, circuit id, support details
  • peak utilization of link
  • business as usual requirements of the site
For all datacenter/hub sites record the following information:
  • location
  • type of hardware (eg routers, switches, firewalls, servers)
  • network design and ip addressing
  • serial numbers of all devices
  • software / firmware versions of all devices
  • configuration of all devices
  • operating system type, version and patch level
  • network links, capacity, service provider, circuit id, support details
  • peak utilization of links or server loading
  • business functions provided by the site
  • redundancy / disaster recovery options
  • load balancing and firewall configurations
  • data backup and recovery (onsite and offsite)
WAN Network
  • location and capacity of links
  • current utiliation of links
  • growth rate of traffic
  • service providers, circuit ids and support procedures
  • routing (ospf, bgp etc)
  • ntp design
  • syslog design
  • snmp traps collection
  • network monitoring and alerting
Processes and procedures
  • backups
  • alerting
  • proactive and reactive monitoring
  • software testing and patching
  • capacity planning
  • internal support process
  • existing documentation and procedures


A lot of this information should be captured from the network monitoring systems. Most rely on snmp polling and the data can be extracted / exported to a text format. Other information should be gathered by talking to the staff who regularly work on this network to build, support and maintain it. This will undoubted lead to other avenues to explore.






Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)