Chapter 1. Conducting a Network Audit
You bought this book to find out which management data to collect from the network, so why is the first chapter about
Effective network management begins with a well-designed network. Unfortunately, most people do not have this luxury; if they do have network access, they usually cannot redesign the network to improve their ability to manage the infrastructure. Aside from simplifying the management, starting with good network design or improving existing network design facilitates simpler and quicker resolution of network problems.
In order to implement effective network management, you must begin by learning and documenting the network as it currently exists. This includes documenting the physical and logical
Although not an exhaustive study, this chapter covers the following topics:
The Importance of Network Audits
The purpose of a
is to accurately assess and document the current state of the network, its
Without proper documentation and understanding of how things change in the network, you cannot reliably deploy performance and fault network management. You must determine how all devices are connected to each other—both physically and logically—and where the network components are located. From this information, you can determine which devices, ports, and connections are important for the development of your performance and fault management strategy.
When you are working with outside
Without a proper understanding of physical connectivity and the location of network components, it will take longer to isolate network problems and you stand a greater chance of mistakenly introducing faults into the network during moves, adds, and changes.
When a portion of a network goes down or becomes unstable, troubleshooting the source of the outage is done through a process of fault isolation. During an
In a poorly documented network, fault isolation becomes a game of finding a needle in the haystack. The goal of fault isolation is to reduce the affected area; how can you do so if there is no documentation? Some administrators resort to brute force by splitting networks in half or
All in all, the inconvenience of maintaining useful network documentation will be most appreciated during outages.
If you have not previously documented your network as described in this chapter, you will need to begin the process by auditing the physical network and its connectivity. Through the audit, you will learn and document which devices are in your network, where they are located, how they are connected, and who is responsible for the device. This will be the starting point for your network documentation.
As part of the audit, you will identify those ports that are critical to the successful operation of the network. Critical ports tend to be those with routers, switches, hubs, servers, channel service unit/data service units (CSU/DSUs), and the key users (such as the CEO) connected to them.
Monitoring all ports and connections in a network can be overkill and cause over-management of the network. Monitoring generates traffic load on the network and sucks up network device resources (memory, CPU). Is it really necessary to monitor user ports? Probably not, although you may want to monitor the traffic performance on key user ports in order to use them as a baseline for their floor or workgroup.
If a device or port goes down and nobody cares, don't manage the port any longer. Manage only those devices and ports that are critical to the operation of the network.
In order to select which ports to monitor, you must know how your network is connected, both physically and logically. Without this information, the importance of a port cannot be determined. The network management infrastructure can become crippled with information from devices (such as user PCs) that have no impact on the operation of the network. You must determine where network devices and servers are located, how they are connected, and who is affected if they become slow or unavailable.