01-15-2009 12:14 AM - edited 03-06-2019 03:27 AM
friends i have planned to audit a network which contains atleast 7 routers(bgp,QoS,OSPF and other features) with 25 switches(L3,HSRP,MCast etc)so how can i do my job i mean which softwares are required plus what services shoud i target.Please help me out
01-15-2009 07:26 AM
CiscoWorks, Solarwinds, MRTG...just to name a few
01-15-2009 07:48 AM
What type of auditing are you doing? Security audit or "make the network better" audit?
John
01-19-2009 03:43 AM
If you are performng security audit, my recommendation is to use Nessus http://www.nessus.org
Also remember the following;
- Use encrypted port for management (i.e. SSH, HTTPS)
- Shutdown ports not in use.
- Put descriptions on ports being use (i.e. wha they are used for, circuit # of wan ports if possible include the provider service desk number)
- Have an updated (complete) hardware/software inventory list (includes: models, serial numbers, maintenance contract, maintenance provider and contacts, maintenance contract duration and expiry/start dates)
- Network operation guide (for NOC).
- WAN line contracts (expiry/start dates, circuit numbers, provider contacts)
- Hosts permitted to access the devices (should be lesser, some I saw entire Class C network added in the VTY ACL - if I'm auditor this will fail audit)
- BGP should have password (specially multi-hop BGP)
- It is recommended to implement password security in OSPF (this can be complicated to some)
- VTP domain should have password.
- Switch ports not joining VTP domain should be protected "root guard"
- Physical cabling should have proper label (each end of the cable should be labeled as in you know where to plug them back if you unplug both ends)
- Equipment should be labeled front and back includign power cables (in case you call 24x7 operator to shutdown/power cycle a device, they will not make mistake which one to shutdown/power cycle)
- Any ACL for bogons should be checked and make sure up-to-date (some people put bogons ACL but never update it for years)
- It will be good also if there is a blackhole routes (depends on your network)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: