Network-Audit-Checklist
Network-Audit-Checklist
Network-Audit-Checklist

Six Important Considerations in a Network Audit Checklist

The vitality of any enterprise in today’s digital age depends on the integrity of its network. 

But any network can fail or underperform anytime.

Network audits, which review the network functionality and security, can prevent such failures. 

Periodic network audits maintain network integrity and improve cybersecurity. A robust network audit also guards against sub-optimal performance. It covers spotty coverage, security threats, slow speeds, and other issues. It makes the network more flexible, reliable, and safe. 

A network audit checklist offers a blueprint to conduct the network audit and evaluate the system. The checklist guides the security team through a step-by-step progression.

A typical network audit involves the following steps:

1. Network mapping and inventory management

The first step in a network audit is inventorying all the hardware and software infrastructure in the network.

  • Create a detailed network map. Use an infrastructure mapping tool for the purpose.

Include all devices, software, and connections in the network map. The hardware components include switches, routers, cables, and access points. The software includes operating systems, applications, firewalls, and the like. 

For wireless networks, draw accurate RF heat maps and AP placement maps. RF heat maps make explicit the radio frequency signal strength for a specific location to identify signal strength. AP placement maps are visual representations of access points within a premises. These maps optimise signal coverage and minimise dead zones.

  • Review the devices connected to the network. Make sure there are no unauthorised or unneeded devices connected to the network. For instance, forgotten firewalls or load balancers may cause disruptions. A thorough network map reduces the time to diagnose and address such problems.
  • Review the cabling. Accommodating WiFi6 may require upgraded cables. Optimal performance for today’s requirements needs CAT6 or newer cables. 

Check the connection between the main distribution frame and the independent distribution frame. The main distribution frame is the main server hub. The independent distribution frames are remote rooms for patch panels. Common connection cables come in copper, 1GB fibre, 10GB fibre or 40GB fibre. Make sure the cable meets the bandwidth requirements. Upgrade if necessary. 

  • Review Internet access points. Cross-check permissions to prevent unauthorised access. 
  • Conduct a physical site survey. A physical survey of the network area can unearth anomalies. Examples of anomalies include exposed cables, displaced devices, unauthorised connections, and more.

2. Review device configurations

Scan and monitor the devices connected to the network. Use network monitoring software for the purpose. 

  • Examine the settings of devices connected to the network to ensure optimal configurations. 
  • Ensure configuration of network devices according to vendor recommendations and compliance best practices.
  • Examine the firewall rules to ensure optimal functioning.
  • Make sure all systems and devices have the latest patches installed.
  • Check if any device needs an upgrade to the firmware or if the device itself is obsolete and needs replacement. Hardware upgrades may solve connectivity issues and improve the user experience.

Review device configurations

3. Review the BYOD policy

Many enterprises today have a “bring your own device” (BYOD) policy. When employees work and connect to the enterprise network through their personal phones and laptops, it creates security risks. The top BYOD risks include the personal devices having unsecure hardware and unapproved third-party apps. Also, these devices may have become infested with malware when connected to unsecured networks earlier. 

If the enterprise has a BYOD policy, ensure the BYOD devices:

  • Are configured for user identification and strong authentication.
  • Runs current anti-malware software 
  • Use virtual private networking (VPN) links to access the corporate network.

Mitigating BYOD threats requires clear policies that govern the use of personal devices. Make sure the policy articulates:

  • The approved device types that can connect to the enterprise network.
  • How BYOD devices can interact with specific network components.
  • The stakeholders responsible for implementing and enforcing the BYOD policies.

4. Take stock of data and file security

Data may be an asset in today’s digital era. But poorly-secured data can quickly become a liability. 

  • Identify and classify all sensitive data stored and processed on the network.
  • Eliminating collecting unneeded sensitive data
  • Create an inventory of all user accounts, including roles and access privileges.
  • Clarify who has access to sensitive data. A normal network user usually needs access to very few files. 
  • Review user access controls. Remove the default public setting and restrict access only to specific authorised users.
  • Monitor access and changes to sensitive files. Ongoing monitoring may not be a good idea, as it may produce too many log events.
  • Ensure adequate logging and monitoring for key security events and system activities.

5. Perform vulnerability assessment

The network is only as strong as its weakest link. A comprehensive vulnerability assessment identifies gaps in the hardware or software. Attackers may use these gaps to gain unauthorised access. Once inside the network, they can launch cyber attacks, steal data, make phishing attacks, or wreck damage in many other ways.

  • Undertake penetration testing. Penetration testing is a simulated attack to unearth vulnerabilities. Use the results to patch vulnerabilities proactively before attackers exploit them.
  • Secure passwords. Make sure passwords are complex. Brute force attacks can compromise simple passwords.
  • Ensure strong encryption. Encryption offers protection for data in transit, as well as data at rest. Common encryption types include WEP, WPA pre-shared key, WPA 2 pre-shared key, 802.1x and open. Make sure the encryption standards sync with the enterprise security policy. 
  • Update patches. Outdated security patches on third-party applications present huge risks. 

6. Audit the bandwidth 

All networks have a finite amount of bandwidth that users share. Network monitoring software reveals the bandwidth consumption of the network. Monitoring and understanding bandwidth usage and distribution pinpoints areas of congestion.

Use such insights to make informed decisions on:

  • Expanding the network. A huge increase in users and resource consumption may need a corresponding increase in bandwidth. If the bandwidth remains the same, the performance may degrade.
  • Reducing usage. Some devices or applications may hog bandwidth. Reducing the usage of unwanted or low-priority applications improves bandwidth.
  • Prioritising applications. At times, improving performance may only need managing traffic flow better. 
  • The relative performance of wired and wireless devices. Changing the device configuration can have a big impact on bandwidth consumption.

7. Threat detection and prevention

A comprehensive network audit makes a thorough search for malicious activity on the network. Proactive threat detection keeps the network secure against hidden trojans and other threats. 

Deploy network monitoring tools to scan the network in real-time for any threats.

Review the design of the security apparatus in place for effectiveness. 

Review the security policy. Make sure it considers the latest threats. Use threat intelligence software to identify the latest threats.

Make sure the policies ensure the implementation of the necessary security protocols.

8. Compliance certification 

Network audits ensure that the network meets industry standards and regulations. 

  • Identify relevant compliance requirements. This includes understanding all applicable regulations and frameworks. Examples of compliance regulations include PCI DSS, HIPAA, GDPR, and SOC 2. 
  • Gather documentation related to the specific compliance. 
  • Assign roles and responsibilities for different tasks.

9. Audit report

The last step in the network audit is preparing the audit report detailing the findings of the above steps. A summarised report and suggested improvements offer an action plan for network managers to act on the audit findings. 

Many enterprises conduct network audits as a precursor to updating their security policy. They use the audit report to ensure the policy covers the latest vulnerabilities.

The frequency of network audits depends on network size, complexity, and regulatory mandates. As a general rule, it is worthwhile to conduct a comprehensive audit at least once a year. 

A thorough network audit improves network speed, reliability, and user experience. But preparing for a network security audit can be overwhelming. The process becomes easy with a comprehensive checklist backed up by the right tools to implement the checklist items. State-of-the-art tools such as Tufin streamlined solutions to make the process manageable. Tufin offers best-in-class end-to-end security policy automation with clear visibility and rigorous compliance. The solution works across diverse landscapes, including on-premises networks and cloud.

Tags:
Email
Twitter
LinkedIn
Skype
XING
Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.
Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.