Audit Check List-General

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 2

Network Audit Checklist

The following items should be included in every network audit. The auditor should note any deficiencies identified in
each area, but should not be making any modifications of any kind to the existing network during the audit process.
1. Network topology and physical infrastructure documentation in Visio or similar electronic format.
2. Network addresses and names are assigned in a structured manner and are well documented.
3. Network wiring is installed in a structured manner and is well labeled.
4. Network wiring between communications closets and end stations is generally no more than 100 meters.
5. Network availability.
6. Network security for basic security, including the following: passwords are reasonable; passwords are
protected from casual observation in config files; dialin ports are protected.
7. Inventory of all routers and switches. Include the following for each device:
8. Location (city, address, building, floor, wiring closet, rack, slot-in-rack - as detailed as is reasonably
possible).
9. Security of physical location.
10. Configuration.
11. Model and serial number (if easily available)
12. Software version loaded
13. Routing table
14. Routing protocols in use
15. Neighbor table (CDP if Cisco gear)
16. ARP table
17. CAM table (for switches)
18. Spanning tree information for switches
19. Memory utilization (at multiple points during a day, if possible)
20. CPU utilization (at multiple points during a day, if possible)
21. If Cisco routers, output of 'show ip access-list' (and other access lists if routing other protocols)
22. Passwords for all equipment (if encrypted passwords are used)
23. Special redundancy measures (HSRP, etc)
24. Link information. Make sure that the corresponding data volume on an interface is captured at the same
time that other supporing data is captured so that they can be correlated.
25. Traffic volume (bytes) every 5 minutes during at least one business work day. Best if this information is
taken for several days in each of several weeks and reports of average/max values on each segment.
Highlight segments with high levels of utilization for the technology in use on the segment. Report number
of bytes sent/received on the interface, and the bytes/sec on the interface
26. CRC errors of each segment. Report total errors and errors/Mbyte.
27. Report errors on each segment. Breakdown of error types according to the media (collisoins and late
collisions on Ethernet, soft errors and beacons on Token Ring, etc,) For each error type, report total errors
and error/Mbyte of transferred data on the interface.
28. On Token Ring segments, number of soft errors not related to ring insertion and the total amount of data.
Number of beacon frames. Report total errors and errors/Mbyte.
29. Volume of broadcast traffic traffic on each network segment.
30. Number of dropped packets (in and out).
31. Report frame size. Report on any frame sizes less than the optimum for that link.
32. Identify WAN links that terminate in routers outside the AS
33. Contact at external AS
34. Method of route sharing with the external AS (static routes, BGP, IGP, etc)
35. WAN link physical clocking rates (e.g. T1, 56K, etc. Warning - do not depend on Cisco 'bandwidth'
statements)
36. CIR for Frame Relay circuits
37. WAN Circuit ID and carrier and contact phone number
38. Document physical interconnecting media for each segment (10BT, Fiber, etc)
39. Identify locations of major servers
40. Locate network management stations
41. Identify and locate all firewalls and respective topologies
42. Contact information at each remote site (primary and secondary contact person name, email address, and
phone number).
43. Document the services and clients that exist at each site and their relative importance to the business.
44. Document the charges for each WAN circuit.

You might also like