Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5149
Views
15
Helpful
4
Replies

*** NETWORK AUDIT ****

rajput001
Level 1
Level 1

‎01-17-2012 07:53 AM - edited ‎03-07-2019 04:24 AM

Hi ,

Can some one please advise how to do the network audit. My task is to do the network audit on one of the unorganized network consists of several Cisco Routers and switches and also using MPLS network ISDN lines.

I want to do the network audit that acutally shows the clear picture of the network , what services are running etc .

Can some please guide me from where to start . I dont want to use any tool for this audit . Any templete , book , link that explain how to start network audit will be very helpful.

some one told me to enable the cdp neighbour on all the devices and start from there.....

THANKS....

Labels:
0 Helpful
4 Replies 4

sleepyshark
Level 1
Level 1

‎01-17-2012 11:25 AM

(not trying to sound rude on this post)

If you're not intimately familiar with routing and switching this task should probably be left for an experienced professional in this field, ESPECIALLY if the network is unorganized.  Seeing as i've been doing this for 15 years - it is one of my strong points, I can tell you that even I miss things during an initial network audit... If you're trying to do for this a learning tasks, and it's NOT ASSOCIATED WITH UPCOMING NETWORK CHANGES, use the following commands on most cisco IOS gear:

sh cdp n (will show you interconnected managed Cisco equipment and what port it's connected it)

sh arp (will show IP address, MAC addresses and associated interface/VLAN)

sh vlan (will show each VLAN and which ports are associated)

sh ip route (will show Layer-3 routing tables)

sh run (shows running config output)

There are plenty of tools out there that claim they can create a network map, but I haven't found one which actually creates an accurate representation of how stuff is actually connected.

Now you mentioned "services running" - this opens up an entirely new can of worms; Applications and servers are no longer in the scope of network transport, meaning you'll need a speciality and focus on servers/operating systems and security.  Thankfully, there are PLENTY of decent application packages out there to *DO* accurately give you a picuture of services running on servers (just google it, there should be a few million page results to sift through).

Just my two cents, hope it helps!

Thanks,

Sean Brown

http://www.sleepyshark.com

(rate this post if it's useful)

vmiller
Level 7
Level 7

‎01-17-2012 01:44 PM

In addition to the responses that Sean provided, for each device:

     code version

     SNMP config (is there an access list?)

     NTP

     addressing

     logging

     VTP (switches)

      circuit inventory - are telco link ids on the interface description ?

      login security

      syslog config and review

Thats just for starters.

0 Helpful

darren.g
Level 5
Level 5

‎01-17-2012 02:12 PM 

muhammad zeeshan wrote:
Hi ,
Can some one please advise how to do the network audit. My task is to do the network audit on one of the unorganized network consists of several Cisco Routers and switches and also using MPLS network ISDN lines.
I want to do the network audit that acutally shows the clear picture of the network , what services are running etc .
Can some please guide me from where to start . I dont want to use any tool for this audit . Any templete , book , link that explain how to start network audit will be very helpful.
some one told me to enable the cdp neighbour on all the devices and start from there.....
THANKS....

Seriously, I 100% agree with Sean - if you're not absolutely confident in your knowledge of networking, pay someone who is to do your audit. There are many, many companies, large and small, who will do so.

If you try it yourself and you're not familiar with the network and the underlying complexities, you're going to leave something out, and you may do more harm than good.

Cheers.

0 Helpful

pramodctl
Level 1
Level 1

‎01-17-2012 10:50 PM

Hi Zeeshan,

Glad to know that you are trying to audit a Network without any tools.

From my experience in audting n/w audit is a job with broad scope.

Typically we use to break down Network Audit further into the following,

1. Router Audit

2. Routing Audit

3. Syslog Audit

4. Lan swithing Audit

5. MPLS Audit

etc...

Before doing any audit you need to have the updated device inventory which is a task that cannot be avoided and you will have to spent time in getting it.

The Device inventory should have the IP address, Hostnames, and Login info if TACACS is not implmented.

Now coming back to the specifics in Network audit, lets take an example for Router Audit. which includes the following,

1. Analysis of Interface ststistics and  remedy for fixing it

    eg.,  Increasing CRC errors, runts, carrier drops, Buffer drops etc....

2. Disabling of un necessary services which are enabled by default

     DHCP (if not used), finger, ATM, etc..

3. Working of CDP

4. Analysis of interface configuration

  

     eg., bandwidth config, SNMP trap, speed , duplex etc...

The list goes on

Essentially you need to realize one fact that audit is completely based on Show commands.

An audit is not effective unless you provide solution for what has been flagged.

Regards,

Pramod

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card