Read an Excerpt
Chapter 1: Conducting a Network auditYou bought this book to find out which management data to collect from the network, so why is the first chapter about audits and documentation? Simply put: You can't measure performance and watch for faults effectively without understanding where everything is and how it's connected. No matter how sophisticated the tools you purchase or build may be, the measures and alerts mean nothing without understanding how the network works.
Effective network management begins with a well-designed network. Unfortunately, most people do not have this luxury; if they do have network access, they usually cannot redesign the network to improve their ability to manage the infrastructure. aside from simplifying the management, starting with good network design or improving existing network design facilitates simpler and quicker resolution of network problems.
In order to implement effective network management, you must begin by learning and documenting the network as it currently exists. This includes documenting the physical and logical makeup of the network and its components, the people involved and their responsibilities, and the processes in place (if any) to enhance and maintain the network. These are the steps that make up a network audit. This chapter describes the primary tasks that are useful for learning and documenting how the servers, network devices, and users are connected. By learning and documenting the physical connectivity and logical configuration of your network, you will simplify the troubleshooting process when problems arise. The resultant information provides the foundation and integrity necessary to proceed with thecreation and seeding of the knowledge base described in Chapter 3, "Developing the Network Knowledge Base."
although not an exhaustive study, this chapter covers the following topics:
- The purpose of network audits
- Why documentation is important
- Conducting a physical inventory audit
- Conducting a connectivity audit
- Conducting a process and personnel audit
The Importance of Network audits
The purpose of a network audit is to accurately assess and document the current state of the network, its components, the people involved, and the human processes used. The audit, in effect, documents the purpose and priorities of the network. Without the audit, you must rely on people's memory, hearsay, and possibly out-of-date or inaccurately documented maps and databases.Without proper documentation and understanding of how things change in the network, you cannot reliably deploy performance and fault network management. You must determine how all devices are connected to each other-both physically and logically-and where the network components are located. From this information, you can determine which devices, ports, and connections are important for the development of your performance and fault management strategy.
Note: When you are working with outside consultants for network design or management issues, the network audit should be the first action they initiate. Without understanding the components, people, and processes, an outside consultant cannot accurately determine the state of the network and develop a plan of action. Regardless of your company's level of documentation, the consultant must still verify that the information matches the physical reality.
Without a proper understanding of physical connectivity and the location of network components, it will take longer to isolate network problems and you stand a greater chance of mistakenly introducing faults into the network during moves, adds, and changes.
although commercial auto-discovery and mapping tools do a good job of drawing logically connected networks, they cannot discover on which floor, building, desk, or closet the devices are located. Trace a cable under the floor or between closets at 3 a.m. and you'll never underestimate the importance of a physical map again!
When a portion of a network goes down or becomes unstable, troubleshooting the source of the outage is done through a process of fault isolation. During an outage or fault, network administrators work as quickly as possible to search out and isolate the source of the problem. In order to do so, they typically begin somewhere in the middle or at the edge of the affected area, and work to reduce the fault domain or area of affected devices. The goal is to get as much of the network operating around the fault domain as possible. With proper documentation, this goal is much easier to achieve. In addition, in a well-documented network, the network manager knows which applications and users are affected by a problem, and can proactively notify the user community.
In a poorly documented network, fault isolation becomes a game of finding a needle in the haystack...