What is a Network Audit? When Do You Need One?

2 Oct 2020 by James Timmerwilke

What is a network audit? How does it differ from a network assessment? When should you consider a network audit? In this article, I will start with a definition of network audit and look at what’s included within an audit. I’ll also look at the differences between an audit and an assessment. Lastly, I look at the importance of network auditing for your business and how you can find an IT consultant to help with the process.

With a telecom background that dates back to the early 2000s, I’ve performed numerous network audits – everything from a few locations and cities to tens or even hundreds of locations. The one constant is the process is the reason for the audit. Nearly all businesses want to understand the current state of their network infrastructure so they can make important decisions regarding performance, cybersecurity, and cost.

What is a Network Audit?

Network auditing is the process of mapping and inventorying your network in terms of hardware and software. It’s a fairly complex task that involves manually identifying network elements. In some cases, network auditing tools can provide automation support to identify the devices and services connected to the network. In addition to hardware and software, auditing should include security documentation such as user accounts and groups as well as permissions.

Network Audit vs Network Assessment?

What’s the difference between a network audit and assessment? While network audits inventory hardware devices, software, and services at each location, network assessments serve a completely different purpose.

Network assessments are used to examine your IT infrastructure and identify any potential areas for improvement or concern. They touch on topics such as bandwidth bottlenecks, network security flaws, and under and over-utilized resources.

Especially, network assessment can help organizations remedy networking issues that have been plaguing their networks, applications, dampening performance, or causing additional risks and security concerns. Assessment reports are used for specific recommendations on how to improve network performance, increase network security, and reduce costs – all with the goal of maximizing the IT infrastructure and underlying network.

I will do a deep dive into network assessments and best practices in a follow-up blog article soon. Make sure to sign-up for our newsletter and follow us on LinkedIn for the latest articles.

When Do You Need a Network Audit?

When do you need a network audit? There are many reasons why you should consider an audit. Typically, it’s timed around important technology decisions or business requirements. Here’s just a few potential reasons why your business might consider a network audit.

1) Outdated & Incomplete Inventories

When was the last time that you and your team performed an audit? A lot can change overtime – mergers and acquisitions, new and existing application demands on the network, budget forecasting and capital expenses, and turnover within IT and especially network infrastructure.

2) Upgrades & Refreshes

There’s a tendency for network admins to fall into an operational state where their main priority is the day-to-day operations. I like to call keeping the lights on. However, networks need to be upgraded and refreshed from time-to-time. This is especially true when upgrading your networking technology. This includes performing an audit to identify which hardware and software need to be replaced or upgraded.

3) Troubleshooting & Resolution

It’s probably the last thing that IT or a Network Administrator wants to hear is – we’re experiencing a major network outage, we can’t connect to the internet, or latency issues are having an impact on applications, clients, users, and partners. In this scenario, it’s needed on an emergency basis as a way of troubleshooting the network.

4) Regulatory & Compliance Standards

For many industries including financial and healthcare, regulatory and compliance standards are an important reason to initiate a network audit. This includes adhering to HIPAA, SOC1, SOC2, FedRAMP, PCI, FISMA, NIST, and other critical standards for compliance. It may be used by internal or external auditors to assess the compliance of the organization as a whole.

What’s Included in a Network Audit?

Here are several key focus areas that should be included within your network auditing process. Unfortunately, some of the tasks will require manual resources to complete. Yet, others can be accomplished with the use of today’s advanced network auditing and analysis tools.

Inventory Creation

The best place to start your network audit is in building an inventory of your existing network. This includes detailing the devices that are running on your network at each location. It’s important to include both physical and virtual network infrastructure associated with each location.

Another important part of the process is to identify the services and service providers at each location. This includes taking noting the telecom carriers, ISPs, and network providers you are using at each location along with contract expiration and pricing or rates.

Identifying Obsolescence

You’ve created a comprehensive inventory of your devices and services at each location, the next step is to determine if any devices are obsolete, outdated, or nearing end-of-life. This includes hardware such as routers, switches, and firewalls. It may also include software, licenses, versioning, and support.

Network Architecture

Most Network Architects and Engineers really enjoy this step in the auditing process. This is where they get to create their masterpiece – the creation of network diagrams. Some professionals use Microsoft Visio while others rely on tools like SolarWinds, Intermapper, Lucidchart, Edraw Max, and LANFlow.

Network diagrams are simply used to define the various connections and relationships that exist between locations and devices within the network. It provides a visual representation of the network.

Network Security

Last but not least, network security plays an exceptionally large role in the auditing process. Some clients may choose to briefly touch on cybersecurity while others create detailed project scopes entirely on the subject.

How to Perform a Network Audit?

We’ve discussed why network audits are important, when you should consider an audit, and how they relate to assessments. Let’s now discuss how to perform a network audit. There are three stages involved in performing an audit – planning your audit, performing the audit, and post-audit activities.

Planning Your Network Audit

The first rule of successful planning is preparation, right? If you do not plan properly, you may end up with delays and project outcomes you’re not exactly satisfied with at its conclusion. Here’s a couple of things you should consider when planning your network audit.

Get Buy-In from Stakeholders

First and foremost, get buy-in from all stakeholders. That’s right. This is critical to almost all IT related projects. There are usually two major stakeholders involved in network audits – Management Teams and the Technical Team.

Even if you have approval from Management, make sure to check-in and involve the Technical Team from the very beginning of your audit. They have access and insight into critical parts of the IT environment relating directly to the network.

Networking Tools

Make sure that you have a plan for which tools you will be using to audit your network. You may be comfortable with a certain networking tool but if it’s been a while, make sure to reach out to your peers and colleagues for advice on networking tools. Here are a few network auditing tools that are highly recommended by IT professionals.

Access to Devices

Do you have access to all the devices? Whether you use a tool or not, you need access via SNMP, Telnet and/or SSH. Make sure to document the necessary credentials – community strings, usernames, and passwords for gaining access. This is especially true for SNMP as you may find that the network devices have not been enabled for SNMP.

Saving Data & Accessibility

Where will you be accessing and saving data relating to the network audit? A personal laptop, desktop or hard drive? This can be a security concern and misplaced, highly-sensitive information can create increased risks and network vulnerabilities. You may also need a computer that can process and store large amounts of data.

Performing Your Network Audit

You’re ready to start your network audit but unsure where to start. To find a good starting point for your network, start by collecting the information that will be most relevant to the purpose of the audit. As an example, you may want to analyze and troubleshoot potential devices and locations that could be causing the issue. If you’re interested in upgrading your network, you may want to review hardware lifecycles, services, and contract expiration.

Network Discovery Tool

Here are some tools that we recommend when performing a network audit –Solarwinds, NetformX, Wireshark and Nessus. There are many out there, but we tend to gravitate towards the ones mentioned above.

If using an automated tool to perform your network audit, you can start by configuring basic settings such as the SNMP community strings (v1 or v2c) or usernames/passwords (v3), Telnet/SSH usernames/passwords, and enable passwords.

You will be able to use a seed device to initiate a crawl of network devices. It will start with the seed device and hop to other devices on the network using retrieved information from the seed device. You can also configure IP addresses and subnet ranges for the tool to probe.

Network discovery tools can take several hours or even days to create inventories of your network. Many of these tools will create inventories, diagrams, and documents for network audits. These will be used in the post-audit phase of the process.

Post Network Audit Action Items

Running networking tools and creating inventories are great, but what do you do with the results from your audit? There are two outcomes that you should have at the end of your network audit – network audit report and audit recommendations.

Network Audit Report

A network audit report simply keeps everything organized and is used to make sense of the information collected during the audit. As mentioned, many of these networking tools provide automated reports that address issues from a business and operational perspective rather than a technical point of view.

Audit Recommendations

As a result of the audit report, you should have specific actionable data to examine and make recommendations on. This includes the discovery of obsolete devices, outdated software versions, and underutilized network services. It can also be used to make quick-fix recommendations when troubleshooting network issues.

Need Help with a Network Audit or Assessment? Contact Me

Whether upgrading or modernizing your network, I can help you with a comprehensive audit and assessment of your network infrastructure. We’ve helped hundreds of companies since 2002 with their Wide Area Network (WANs) design and migration. Right now, we’re focused on helping companies evaluate SD-WAN vs MPLS network technologies and whether or not their right for their business and applications. What can we do for you? Contact me today for a Free Network Consultation.

Author

James Timmerwilke

Over 23 years of security and data center solution experience, I have a solid understanding of the industry and strive to provide a customized solution while keeping budget top of mind. Contact me for a data center or security assessment today.

Download Resources

Subscribe

Subscribe to Our Newsletter to Receive All Posts in Your Inbox!

Subscribe

Subscribe to Our Newsletter to Receive All Posts in Your Inbox!