In part one of our Network Assessment piece, we showed you how to focus your spring-cleaning efforts on creating a network inventory and examining your IT infrastructure. In section two, we’ll look to audit three more critical aspects of your network: performance, security, and management.
Having audited your inventory and infrastructure, you should now have a clearer picture of your network. Now you’ll want to test its performance by analyzing key metrics to help define the overall quality of your service.
To compile this data, you’ll need a network performance measurement tool. Your IT partner should be able to provide this, or you can DIY with tools such as Wireshark or iPerf, which can provide powerful data packet capture analytics with diagnostic capabilities.
Broadly speaking, these tools are split into two categories: Passive and Active. Passive tools limit disruptions by avoiding introducing additional network traffic. Active tools inject data into your network to monitor its path to a target destination. It’s important to know the difference because choosing an active tool will require clever scheduling so as not to interrupt existing network traffic.
When testing, you’ll be looking to measure these key metrics:
- Latency – the amount of time it takes for data to travel from a defined location to its chosen destination.
- Bandwidth – the amount of data that can be transmitted over a specific period of time (usually measured in bits per second).
- Packet Loss – the number of data packets that fail to transmit from one destination to another.
- Jitter – related to latency, jitter quantifies the variations in time delay when packets are sent over the network.
- Throughput – also related to latency, throughput is the number of data packets that can be delivered in a predetermined time frame.
With these measurements in hand, you will have a set of hard data to test all your variables against to help improve your network performance going forward.
Solidify Your Security
Internal networks are notoriously open and contain many vulnerabilities, most commonly due to a lack of encryption or authentication controls. In your assessment, you’ll want to do a thorough inspection for weaknesses by monitoring network traffic for any exposed services and testing device and control configurations.
It’s also time to scan every port in your network. Unprotected ports in your network are like unlocked doors in your home, and can be secured by implementing firewalls, SSH public key authentications, and keeping the services you use constantly up-to-date.
Don’t forget to take physical security risks into account as well. Fires, floods, or stolen equipment can be just as damaging as compromised passwords or malicious viruses.
The final detail you’ll need to examine is how your network is being managed. One look at the inventory list you made when you started, and it’s easy to see why this can be a daunting task. Developing and communicating coherent company policies surrounding network access and usage are paramount to keeping your systems clean and under control. Monitor network usage heavily during your assessment to figure out who’s using what and when.
If you haven’t already, consider implementing a Network Management System (NMS) like OpenNMS. An NMS is a set of applications that assist your network administrators by letting them manage software and hardware components individually from a central workstation. Using one can be of great assistance in streamlining the very complex task of day-to-day network management.
Assess Whether You Need Assistance
If you’re looking to make your network assessment as thorough as possible, a Managed Service Provider (MSP) like Longleaf can also help. We’ll analyze your data to properly identify holes in your security systems, expertly optimize your infrastructure, and even help manage your network for you. Contact Longleaf to make your network the cleanest aspect of your office.