Creating a network inventory report is a daunting task, in the face of massive amounts of data to be collected and incorrectly reported information to be cropped or corrected. In order to make sense of the madness, VARs and consultants need a sensible and efficient method. The ends, however, justify the means, as a successful inventory will provide a complete picture and assist the discovery of issues in need of resolution.
Router Expert: Conducting a network inventory, part 1
Before a network services audit can begin, a network inventory must be conducted. An inventory includes collecting host identification information, such as IP address, network interface hardware (NIC) address and DNS entries, for all network nodes. While some of this information will be on hand in most environments, often it will have errors. In most cases, NIC information and MAC addresses will not be recorded.
A good network inventory is the result of a well planned strategy and process. This involves understanding why information like IP, MAC and DNS are important. From there, a VAR is free to explore methods for collecting the data, such as spreadsheets and notepads.
Taking the inventory tally also involves tools, such as scripts, to assist in the data collection. Some good tools include:
Learn more about taking a network inventory and host identification data collection.
Router Expert: Conducting a network inventory, part 2
The reporting aspect of the network inventory should yield three things:
- A listing of all the active hosts on an IP subnet at the time the inventory was run
- Information on inconsistencies between ICMP collection and the router/switch's visibility of the subnet
- Inconsistencies between what is active on the subnet and what is in DNS.
There is also a fourth aspect that has value, depending on the environment: network hardware information, which can assist in the reading of the results of the network audit data to determine some of the validity of the findings and assist in the configuration of the network vulnerability scan tests. After all, the more you know, the more confident you can be in the findings.
This was first published in April 2007