Also if you have routers/firewalls, Cisco provides information regarding the best practices for their appliances. I would imagine that many vendors do the same.
Fadi SODAH (aka madunix)Connect With a MentorChief Information Security Officer, CISA, CISSP, CFR, ICATE, MCSE, CCNA, CCNP, CCIP, SCSC and SCECommented:
In your check list include: Power supplies, Network media speed, Network adapter errors, CPU, Load rate, Physical inspection, Attention light, backup, ACL, ..etc look @ http://iase.disa.mil/index2.html and search for checklist or network checklist, for example:
(1)
Gathering information, by studying and analyzing COMPANY IT infrastructure,Objectives of the Engagement:
- High Availability (Cluster, Load balance, DR plan, Master/Slave, avoid SPOF)
- Networking/Media:
Router, Switches, VLAN, VPN, IPS, Firewall, Load Balance, WAN, Internet Connection, Wireless, VoIP
MPLS, Fiber connectivity, ACL, Dialup, ISDN, LeasedLine, STM1, Radius, ....etc. http://www.davidsudjiman.info/2006/02/16/network-health-checklist/
- Manageability
- Administration (Linux, Microsoft, AIX, FreeBSD)
- Monitoring Tools (ntop,cacti,mrtg,history logs, nagios..)
- Provisioning
- Utilization
- Security (phys, apps, network, os ..etc)
- Backup software and procedures
(3)
In the list i would recommend to look at each server/network device you can check the following
- Server Hardware Health Check such as
Physical inspection, LCD Display, Attention light, Power supplies,Disk lights
- Logs
Error logs,Root mail
- Server space Check
Local file,External File,Paging space. Volume Group, External Disk, Disk space
- Server network Health Check
Network media speed, Network adapter errors, Gateway, Routing
- Performance health Check
Perfomance logs, CPU Ideal %, Paging space status, Load rate
- Backup Check
Check Backup logs
- HMC Server Checking
Logs, Attention LED cause, Email Alerts
(4)
Note: check that there are no hardware errors in servers. Where faults are found they will need to be repaired or escalated to Vendor so that an certified engineer CE repairs the component outside of business hours.
(5)
In case of changes, failures or discrepancies, do provide reasons and clarify below on related items involved bearing in mind that all changes or errors should be rectified and justified, also with any items changes the configuration sheet and inventory should be updated and acknowledged.
What is your companys main concern? For instance for security concerns I would recommend http://www.sans.org/security-resources/policies/
Also if you have routers/firewalls, Cisco provides information regarding the best practices for their appliances. I would imagine that many vendors do the same.
Just a few broad suggestions.