General discussion

Locked

NETWORK AUDIT

By REZUMA ·
Hi everybody,

I am an IT consultant (I just started as a independent consultant), I am confident in my knowledge solving problems.
Can anybody recommend me a book or online paper about which are the step to follow when auditing a network? I have a new clients who wants me to solve the few problems that they have and also to do a report of things that could be improve. IT is a windows 2000/2003 network with several satellite offices, so I know that I should check router, AD sites configuration, etc, I know already things I would have to check but I am wondering is there is a book or paper that gives you an organize step by step of things to do when auditing a network... I could work on my own protocol of auditing a network but I would prefer to see if somebody has already done this.

Thank you very much

Rezuma

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

NIST

by tjbaum In reply to NETWORK AUDIT

www.nist.gov is a great source.

Collapse -

Classic consultant .. start from the business

by mrTibbs In reply to NIST

What does the company need? How critical is the IT? If you look at the IT from a business perspective rather than a technical challenge you can assign priorities, risk exposure and real value to your recommendations.
Remember to check with the client that this work is really wanted .. maybe they just want someone to 'fix their lan'

Also check www.sans.org and www.giac.com

Collapse -

define the audit

by bzachary In reply to Classic consultant .. sta ...

The first thing I normally do is define the audit. Do they want software/hardware audit? Do they need things like hd/ram/os. Is this more of a pen. test? (ports/firewall config etc).

Define the critical areas of data. Users, Accting files, SQL db, whatever. Then find out who 'owns' or is in charge of that data. This will help you define your criteria.

If all you are looking for is a simple hw/sw grab some of the low end software apps and you can get a quick snapshot. Ask the customer to purchase the software required as it is theirs to keep.

Collapse -

Define Audit & Get Buy-In on Scope

by amay_alias In reply to define the audit

You have already received good feedback from the two earlier respondants. (Biz needs and definition of body of work)

Define the scope of your Audit, 'what it will cover' (ie; what will be delivered), and 'what it will not cover'.

Get buy-in from your client on your proposed direction. (Your work might include doing a topology map, (Visio is fine for this exercise), of hw, networking and software), defining user group(s), monitoring / redundancy / security rendered under deployed architecture and the resources required to maintain the 'As Is' configuration.

Then you can get to work showing off how you can improve their setup AFTER your client imparts a clear vision of their IT needs as it supports their core business and their plans for growth in near future. Be sure to contemplate ROI considerations before you make recommendations to change their existing real estate.

Good luck!
Allison

Collapse -

Penetration Testing et al

by svandermolen In reply to Define Audit & Get Buy-In ...

If penetration testing is defined as being in scope, it would be a good idea to have the proper legal documentation, especially if they want you to test agsinst denial of service attacks.

You should also get them to define whether or not the IT department will be aware of the security audit. Part of the audit might be to test response strategies, where only a few people are in-the-know.

Collapse -

Use free monitoring tool

by firehorse3971 In reply to NETWORK AUDIT

You can download a free monitoring tool called Nagios ( URL : www.nagios.com ) install on a linux server to proceed detail service monitoring.
Besides, you can also download a security scanner ( URL: www.nexus.com )

Collapse -

Try these links

by Jay Garmon Contributor In reply to NETWORK AUDIT

Making IT Work: How Often Should I Audit My Network?
http://itpapers.techrepublic.com/abstract.aspx?docid=87227

A simple chart for IT audits and security efforts
http://techrepublic.com.com/5100-6298_11-1060378.html

Audit Win2K services and security with Subinacl
http://techrepublic.com.com/5100-6268_11-1051004.html

Conduct an internal and external security audit
http://techrepublic.com.com/5100-6264_11-1058963.html

Final step in security audit process
http://techrepublic.com.com/5100-6329_11-1051365.html

Use LANguard to scan and audit network security
http://techrepublic.com.com/5100-6265_11-1058208.html

Members know their Windows 2000 local file and folder auditing basics
http://techrepublic.com.com/5100-6270_11-5034634.html

How to audit file and folder access to improve Windows 2000 Pro security
http://techrepublic.com.com/5100-6270_11-5034308.html

Cleaning up a predecessor's messy network
http://techrepublic.com.com/5100-6263_11-1054652.html

There are also a good number of articles on our subscription site, TechProGuild:

Create a Windows 2000 audit policy
http://techrepublic.com.com/5100-6345_11-1046917.html

Know what's happening on your Windows 2000 server with auditing
http://techrepublic.com.com/5100-6345_11-1056939.html

Expose holes in your network by using the tools of the hacker trade
http://techrepublic.com.com/5100-6345_11-1056955.html

Compare your server's security with the Consensus Baseline Security Settings
http://techrepublic.com.com/5100-6345_11-5031626.html

Auditing resources on Windows 2000 Professional, part 3
http://techrepublic.com.com/5100-6346_11-5033684.html

Auditing 101: What's happening on your network?
http://techrepublic.com.com/5100-6345_11-5033789.html

Collapse -

by gaynor In reply to NETWORK AUDIT

Hi there
Try centennial - www.centennial.co.uk
or Belarc www.belarc.com

Collapse -

Don't forget the business angle, too...

by ExpatJohn In reply to NETWORK AUDIT

My two yen here...

While going through all the techie stuff, it may be a good idea (well, at least, I do this...) to include some business scope in the audit.

I presume your audience will not be exclusively IT people. Therefore, the audit results would be easier to understand from their point of view if you include some points about asset depreciation, projections of costs for replacement machines/parts/software over the next 12-24 months, etc. Break it down my whatever category is convenient (i.e. function, department, satellite office location, etc.) It will be a good bonus to put in because A) most IT audits focus only on the tech angle or only on the business angle, but very rarely does one cover both and B) it will show you are aware of costs and are not treating the client like they have a blank check for future IT purchases.

Cheers,
John

Back to IT Employment Forum
9 total posts (Page 1 of 1)  

Related Discussions

Related Forums