(LiveHacking.Com) – Network auditing can be quite a daunting task for administrators. There are a number of procedures to be followed in order to run an effective network audit. The administrator needs to gather information related to the network infrastructure – from a list of applications installed to network configurations, as well as details of every type of hardware deployed on the network. When you take into account the fact that a network audit needs to be done periodically, it is a lot more expensive to run an audit manually than investing in a tool designed for this purpose.
In order to run a network audit manually you would need to analyze each and every item to ensure all hardware and software installed on your network is authorized, and check the system configuration on each machine. You will also need to compare this data with that of previous audits to identify what hardware / software / configurations changed and/or was removed. A good network auditing tool should run this process automatically for you. This software will create a baseline list for the administrator’s approval and, once that is done, the auditing tool will simply compare each scan to the approved baseline and simply notify the administrator when things change. This not only takes the load off the administrator, but it also allows for a higher frequency of audits – ensuring issues are detected in a timely manner.
There are a number of reasons to implement network auditing within the organization; these include:
Networking auditing provides a number of benefits to the company’s legal requirements. It can ensure the administrator keeps on top of licensing and legal obligations. Additionally, it would provide the company with proof to satisfy any compliancy audits; for example several legal compliance rules mandate certain standards on the network. With a good network auditing solution you would have the required tool to prove you are compliant.
The value of network audit in terms of security is immeasurable; one could say it helps with all aspects from policy enforcement to detection of compromised system. If a user decides to open a share and allow access to everyone, for example, this can be exploited by various malware in their propagation, it can also give an unauthorized user access to data that he shouldn’t have access to.
An administrator will want to know when the configuration changes on one of the machines that he is responsible for.
An administrator needs to have an effective change management process for various reasons. S/he needs to maintain test environments, backup systems, and carry out other tasks that are dependent on these alternative systems being identically configured to the original ones.
For example, if a user were to install a new piece of software on his system without informing the administrator first, the administrator might test the latest patches before deploying them to the network and then be confident that productivity will not be impacted, but it turns out his testing didn’t take this new application in consideration and the system becomes unusable when the two are running together.
Network auditing can save the organization a substantial amount of time and money. Additionally, using software to automate network auditing reduces the risk of human error considerably.
Editor Note: This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Read more on why your organization would benefit from network auditing.
Disclaimer: All product and company names herein may be trademarks of their respective owners.