System Documentation, Diagram and Disaster Recovery

Hello,

I'm looking to put together a binder of all of my network information for reference or
in case something were to happen to me (new IT admin, attacked by a smurf, get infected
by a disease from a monkey, you know the normal stuff).  This will be the first binder
I've put together so I'm fuzzy on what I should and should not include.

Currently I have a detailed network map (using visio) of all of our equipment, IP's and users.
I would like the binder to have information that the next admin would find useful.  Has
anyone done one of these and if so what were some of the sections you added?  Also, are
there any good sites that would walk me through how to lay out a drp for a file server,
exchange server, web server, etc?  

I just want to have the most complete binder without a bunch of filler.


thx!!


Steve
LVL 1
c230kochiAsked:
Who is Participating?
 
tonyteriCommented:
Well I have created many such docs, and it is my recommendation to never have the admin users and passwords in there.

You should have sections :

1) Basic Network Diagrams
  Includes Topology: Servers, ISP, Firewalls, Switches, Routers, et.al.
2) Devices and IP's
3) Server setup: IP's, DHCP pool, DNS config.  Backup intervals and location of media
4) Restoration procedure
5) Phone numbers and contacts of relative vendors, and what those vendors are responsible for.
6) Serial numbers of all missions critical software that might need to be reinstalled.

/TT
0
 
c230kochiAuthor Commented:
Okay, that sounds great.  As for the users and passwords, this document would be stored
in the server room which is card swipe, and then in the documents safe which is only
accessible by three individuals.  Is there another place where I can keep it out of the
wrong hands?  I'm huge on security and don't need anybody getting the wrong info.

This is definitely a start.  I appreciate the help tonyteri.  Does anyone have any
additional ideas, thoughts, comments?
0
 
pseudocyberCommented:
For your network documentation, I would add layer 1 and 2 information.  It's nice to have the same network diagram with three levels of information on it.  Visio can do it electronically - using layering.  So, you could know for instance that the fiber in switch 1, slot 1, port 1 connects to the first floor switch in slot 2, port 1 for instance.  Then for layer 2 information, you could have the line between the two switches with the MAC addresses of the ports on each end.  Then for the layer 3 info, you could have the IP addresses used.  So, just summarize, having the IP addresses is great - but tells you nothing about which cable is unplugged, or what happens if I unplug this cable ....

MAC addresses can be very very useful information to have on hand when you're trying to troubleshoot spanning tree problems...

I would HIGHLY RECOMMEND you extort, bribe, threaten, cajole, commandere, or other wise acquire Solar Winds Network Engineers Toolset at http://www.solarwinds.net/Tools/Engineer/.  It's worth its weight in gold - for troubleshooting and documentation.  You might have to build some business justification BS to convince your boss and their boss, but it's worth the trouble.

As far as DR goes ... I would highly recommend picking up a CISSP book.  It will discuss all the things you have to think about and document and how to get MANAGEMENT & EXECUTIVE sponsorship and signoff on what you pull together.  You have to GET THEM to buy into it, so if the fit hits the shan, THEY OK'D IT AND YOU DON'T GET FIRED.  You have to do a risk analysis and look at all the things which could happen, how likely they are to happen, what it would cost to avoid it, and MANAGEMENTS decision on whether or not to spend the dough to avoid the risk you identify.

For instance:

Risk:  Meteor strike on the building
Likelighood:  Neglible
Avoidance:  Maintaining hot site
Cost to avoid:  $1 Mil /yr.

Is it worth it to maintain a hot site to avoid a meteor strike which would take out all your infrastructure and kill all your people if the risk is negligible?  If you're a "normal" company, probably not.  What if your a global operation with $1 Mil /sec flowing through your data center ... yeah, probably so.

Risk:  Theft of Equipment
Likelihood:  High - shared office space with xyz corp.
Avoidance:  Issue proximity badges which unlock doors based on badge and 4 digit unique passcode
Cost to avoid:  $10,000 one time, $100/mo ongoing maintenance and supplies.

Is it worth it to protect a $1000 PC operating as your "server"  - probably not.  Just get a normal lock and key.  Is it worth it to protect that same $1000 PC with ALL YOUR COMPANIES PROPRIETARY DESIGNS FOR THE NEXT BIG THING?  Probably so.

Let Management decide.

Hope this helps.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.