Over the years, we’ve written extensively about zombie servers, cables that aren’t fully decommissioned, and much more. If we had to sum all that up into just one sentence, it would probably be something like this: IT documentation helps you find resources that are drawing power but not performing any functions.
Just as technology and networks are always changing, the form in which cyberattacks come is always changing — as a result: cyberattacks are all but impossible to 100% prevent. That being said, it is, for most businesses subject to certain regulations, a requirement to do everything possible to take the appropriate, and often required, network actions that make it harder for cyberattacks to take root and reduce any impact they may have.
A major component of preventing cyberattacks? Believe it or not, it’s network discovery — or, in other words, taking stock of what you have in the network (similar to how retailers implement security audits periodically as they can’t track loss without an accurate picture of the inventory).
1. Discover the Network
So, you want to know what’s on your network….how do you go about achieving this?
Maybe you have up-to-date spreadsheets or Visio diagrams? If your spreadsheets and Visio diagrams are out-of-date, however, and not really used as a trusted source, go out and find yourself a good network discovery tool.
Because there are so many vendors out there that can discover your network, you will need to decide: do you need a network mapping solution (just show me what’s on my network and how they are mapped out) or something more advanced, such as a network monitoring solution, with all the bells and whistles (root cause analysis, traffic flow, bandwidth utilization). I wrote an article about the differences between these two solutions and you can read it here.
Another important aspect to consider in network discovery is discovering how a network asset is connected. Make sure to find out if the tool can discover using SNMP, CDP or LLDP protocols to discover your connections (if this is important for you). Finally, if you need to see if a network device is down for example, will the tool alert you if there is an issue? Note that you’ll want to ensure your equipment is SNMP-enabled (unless you want to have agents installed on each device).
2. Visualize the Network
Once the network is discovered, you’ll need to see the results in clean and easy-to-read diagrams. You’ll need to read and analyze these network maps/diagrams to understand how your network is connected. Check to see how these maps are created: are they single user diagrams that are exported to Visio or using Visio as an interface or do you need web-based network maps? Web-based solutions that can be easily accessed by your team members for collaboration? Is it easy to display these maps in your NOC?
3. Track the Network
With the information that was discovered, you should be able to add other items that are not able to be discovered, such as: vendor information, licenses, warranty information, owners, contact name, email address, phone number, etc. The ability to search to easily find information quickly to address any issues immediately. See a list of all the discovered equipment in Asset type reports.
Network diagram software helps organizations discover what’s on the network, see if there are any unwanted visitors, how are network devices connected, produce easy to read network diagrams, that can be easily accessed by any network engineer for faster troubleshooting, and other information that can help secure the network.
Identification of what you have in the network, via network discovery, is crucial to preventing cyberattacks.
Automated network diagram software such as netTerrain helps you inventory the network, learn what’s connected to what, and create diagrams that automatically stay up to date. Once you have a current, and reliable, inventory of the network, you can solve issues as they arise (and also prevent them in the first place). You cannot, after all, secure your exits and entrances if you don’t know where they are in the first place.