Link to home
Create AccountLog in
Avatar of andymellor
andymellorFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Network Audit Advice

Dear Experts,

I've started a new job this week and I've been asked to go to one of the client sites to perform a "Network Audit" prior to some planned infrastructure work.

I know the switches at the site are all HP Procurves so I thought that a good start would be to run and capture a "sh tech all" on each of them to get a baseline of the configs.

What else would you suggest should be included in a Network Audit and does anybody have any templates that I could use for reference?

Many thanks
Avatar of Patrick Bogers
Patrick Bogers
Flag of Netherlands image

Hi,

"Network Audit" is like an assesement of what hardware is being used or does it mean 'a full blown security audit'?

If it means the lather, do you have any security audit experience? Do terms like NMAP, DNSMAP say anything to you?
Avatar of andymellor

ASKER

Hi there,

It's just a pretty basic assessment of hardware, routing, and connectivity, with a bit of fault identification thrown in.

I'm after some sort of guide or template that I can use to help me.
ASKER CERTIFIED SOLUTION
Avatar of Patrick Bogers
Patrick Bogers
Flag of Netherlands image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of titan123
titan123

Please explain a bit more like you are concerned about what sort of Network device. Since at many time device word can be used for tool and applications also and it can be used for a hardware sort of device. If it in case it is an application then what sort of Audit application i.e for AD infrastructure or File server infrastructure etc. and if for hardware then at that case what is for Hardware Infrastructure. Please explain to help you in a better way.

Thanks.
Audit in the sense of seeing what hardware you have, security concerns, and/or performance/errors? If so then you would need to do multiple things:
We run the logs to gather some information, run crons to gather data. (Always time stamp data, I have had this concern with one network person that just logs the event not the time.


More info
http://csrc.nist.gov/
http://www.scribd.com/     search templates network audit
http://www.docstoc.com/   search templates network audit
http://benchmarks.cisecurity.org/downloads/show-single/?file=rat.unix.253
http://iase.disa.mil/index2.html