General discussion

  • Creator
  • #2175537

    How do you document a network?


    by scmgithd ·

    I started here just over 2 years ago and the network has never been documented (four locations, all connected). I’ve been meaning to do it…I have hand drawn pictures of how things are actually connected (hubs, routers, etc). I also have a computer inventory that lists serial number, location, etc. For the HIPAA security rule, I understand that I also need to document what access each PC has (we only have one server with a few users, most are Win98 machines). How do you incorporate all of this information into something usable?

    I’m overwhelmed with all of the information sitting in front of me and not sure how to best lay it out (short of a sharpie and the blank wall in front of my desk).

    Any advice or examples would be wonderful! Thanks!

All Comments

  • Author
    • #3352032

      Some ideas

      by tomsal ·

      In reply to How do you document a network?

      They do have very nice diagram programs out there with network discovery ability, which will detect and “plot” your network devices for you and then you just fill in the information and clean it up so it looks “pretty”.

      But if you are working with tight budgets like me we need to improvise. I collect my network device information manual (ie. pad and paper) going to each device I write down the critical stats as I call it. This varies on the device.


      1) Record exact model number and s/n for each and every device.

      2) As applicable sumarize any added or optional features you/your company purchased/installed for the device. The idea is you need accurate information of the configuration and capabilities each device ACTUALLY has, not just what it COULD do. So if you have a Cisco Switch with an optional fiber GBIC module installed, note that in the documentation.

      3) On switches/routers document any static IP addresses they have and note the IOS versions, on servers document their role, their OS, their patch level (ie. Service Pack 928192) and their IP addresses.

      After data is collected, I would fire up Visio and begin the diagram process. I make it look “pretty” for both the “awe” value it has on the exec types and to make it easy for me to read.

      You document the “pipes” each server takes, noting the connection speed, the duplex and any special information you feel its pertinent. The importance is don’t make up stuff just to make it look nice, don’t draw lines showing connections if that’s not how it really connects in reality.

      When someone looks at your documentation they should be able to easily figure out:

      1) The topology of your network

      2) The bandwidth of your network

      3) The class of equipment you have

      4) The roles of your servers

      5) Identify special areas of your network (IE. if segments of your network are on VLANS, this should be illustrated on your documentation)

      6) Security infrastructure…your firewalls, DMZ, proxy servers, gateway…all this stuff should be easy to deduce from looking at your documentation.

      Personally, I also note warranty information in my documentation too.

      I have my diagram and then there are follow pages as needed to summarize information.

      But like I said, I’m sure places with deeper pockets use “fancy” software packages that prepare network documentation for you.

      • #3351992

        Thanks, one more question…

        by scmgithd ·

        In reply to Some ideas

        Simple scenario to get me started. I have four machines in transcription plugged into a hub that runs to the data room and main switch. Do I “draw” the main switch to a hub to the four computers like a flow chart? How do I show the location of those computers? Do I use maps of the buildings and get that precise or just A runs to B and B connects to C? I started out trying to do maps of the areas and an icon indicating if it’s a PC or dumb terminal with the equipment (inventory) number I’ve assigned. It’s turning into a big map that really isn’t readable anyway.

        Sorry for the elementary questions. This is all new to me and I can’t find any helpful information. I appreciate the advice!

    • #3351898

      A picture speaks a thousand words.

      by mike ·

      In reply to How do you document a network?

      Hi DW,

      The first place i start with is a proper network diagram. If you don’t have an NMC that will automatically generate it try something like MS Visio. A soft version is always easy to update and you don’t need to keep re-inventing the wheel!.
      (Diagrams are great for explaing to others how your network is structured).

      The rest is up to you but uf you have a network that is constantly changing configuration then its very hard to keep a manual text system updated. Try using something like a spreadsheet layout to record more static details, and keep soft back-ups of equipment configurations for contingencies and disasters!.

      Hope this gives youa few pointers.

      • #2804202

        Additional point to this

        by sgs_gti_jay ·

        In reply to A picture speaks a thousand words.

        I totally agee with both Visio / spreadsheet solution. It’s abit of work upfront to set things up so information is easy to find but once you have your spread sheet template designed updating/adding information is a walk in the park.

        Where i was working we had Multiple diagrams via Visio .. You have overall Topology diagrams, Site specific diagrams, Port / service Diagrams and then we had Multiple spreadsheet templates for servers / workstations / Circuit id’s with every bit of information needed incase of emergency situations – provider, contact #’s, Circuit ID’s for both the domestic and international portions of the circuits, patch panel details, local and remote device names the circuit would “ride” into with port information aswell .. the sky is the limit with what you can include but most of all you want any information that you document to be usefull from both a management perspective and also from a support perspective if something breaks.

        Hope this insight helps a little more with your tasks at hand :O)

        Good Luck

    • #2804193

      HIPAA is very exact on what is required

      by cg it ·

      In reply to How do you document a network?

      and if you have to comply with HIPAA, I suggest you start your internet search with HIPAA as a keyword. Learn what is required . I’ll give you a hint. There are 3 categories you must address in your plan. Administrative Safeguard, Physical Safeguards and Technical Safeguard. Under these categories, there are specific areas that you must address. Even if only 1 computer is used and only 1 user, you still have to address all areas.

      As far as general network documentation, if your the network administrator, then during your job, you will come across instances that you wish you had a book which you can refer to to know what is what. That should be your starting point [baseline] on documentation. After that, any changes, and that means any changes need to included as change pages to your baseline set.

      If your running Active Directory, your going to want a complete set of documentation from your DNS zones to your trust relationships. From your Domain structure and delegated administrative roles to your OU structure for users and computers. From that you can create your GPO configuration documentation and templates used.

      Think you get the point.

    • #2804168

      A Discovery Tool may help….

      by jmgarvin ·

      In reply to How do you document a network?

      You may want to run a discovery tool of some sort on your network. Find one that will tell you want ports machines are plugged into, one that can do WMI, uses both an agent and can run agentless (ala WMI), and does multiple versions of SNMP.

      With that being said, you probably want to look into what you need to know as well. Do you need to know all your clients, servers, routers, switches, hubs, printers, etc or do you just need clients and servers? Also keep in mind disconnected clients.

      With that being said are you using something like LanDesk to manage your machines? You can at least get an inventory diagram and build from there.

Viewing 3 reply threads