In part-one of our Network Assessment piece, we showed you how to focus your spring-cleaning efforts on creating a network inventory and examining your IT infrastructure. In section two, we’ll look to audit three more critical aspects of your network: performance, security, and management.
Having audited your inventory and infrastructure, you should now have a clearer picture of your network. Next, you’ll want to test its performance by analyzing key metrics to help define the overall quality of your service.
To compile this data, you’ll need a network performance measurement tool. Tools such as Wireshark or iPerf can provide powerful data packet capture analytics with diagnostic capabilities. Broadly speaking, these tools are split into two categories: Passive and Active. Passive tools limit disruptions by avoiding introducing additional network traffic. Active tools inject data into your network to monitor its path to a target destination. It’s important to know the difference because choosing an active tool will require clever scheduling so as not to interrupt existing network traffic.
When testing, you’ll be looking to measure these key metrics:
Latency – the amount of time it takes for data to travel from a defined location to its chosen destination
Bandwidth – the amount of data that can be transmitted over a specific period of time (usually measured in bits per second)
Packet Loss – the number of data packets that fail to transmit from one destination to another
Jitter – related to latency, jitter quantifies the variations in time delay when packets are sent over the network
Throughput – also related to latency, throughput is the amount of data packets that can be delivered in a predetermined time frame
With these measurements in hand, you should have a set of hard data to test all your variables against to help improve your network performance going forward.
Solidify Your Security
Internal networks are notoriously open and contain many vulnerabilities. Lack of encryption or authentication controls are usually two of the most common problems. In your assessment, you’ll want to do a thorough inspection for weaknesses by monitoring network traffic for any exposed services and testing device and control configurations. It’s also time to scan every port in your network. Unprotected ports in your network are like unlocked doors in your home and can be secured by implementing firewalls, SSH public key authentications, and keeping the services you use constantly up-to-date. Also, don’t forget to take physical security risks into account as well. Fires, floods, or stolen equipment can be just as damaging as compromised passwords or malicious viruses.
The final detail you’ll need to take a careful look at is how your network is being managed. One look at the inventory list you made when you started, and it’s easy to see why this can be a daunting task. Developing and communicating coherent company policies surrounding network access and usage are paramount to keeping your systems clean and under control. Monitor network usage heavily during your assessment to figure out who’s using what and when. If you haven’t already, consider implementing a Network Management System (NMS) like OpenNMS. An NMS is a set of applications that assist your network administrators by letting them manage software and hardware components individually from a central workstation. Using one can be of great assistance in streamlining the very complex task of day-to-day network management.
Assess Whether You Need Assistance