Please enable JavaScript.
Coggle requires JavaScript to display documents.
Manageable Network Plan (Milestone 1: Prepare to Document (Sufficient…
Manageable Network Plan
The Manageable Network Plan!
The Manageable Network Plan is a series of milestones to take an unmanageable and insecure network and
make it manageable, more defensible, and more secure. :
The Plan is intended to be a long term solution;
implementing the milestones may take a significant amount of resources and time
Milestone 1: Prepare to Document
Purpose. The purposes of documentation are
1) to share information;
2) to retain information. Does your documentation approach address these points?
Sufficient Level of Detail
Someday you will need to consult your documentation to rollback an unwanted
change to a device, or to rebuild a device that had a catastrophic failure. Does your documentation
approach support recording information at this level of detail? Do your admins realize that they need to
document to this level of detail, and include not only the what but also the why of changes?
Timestamps. Does your documentation approach ensure that everything has a timestamp, so you know
when it was last valid?
Backing up. Having good documentation assists in disaster recovery. Is your documentation repository backed up on a regular basis?
Protection. If a network intruder obtains access to your documentation, they may discover additional information about your network. Is your documentation protected and encrypted?
Hard copy: Its hard to read on-line docs when the power goes out! Is a hard copy version of relevant
sections of your documentation readily available?
Milestone 2: Map Your Network
In order to have any sort of control over your network, you first need to know where everything is. This milestone and the next focus primarily on gathering information about your network
Create an accurate map of your current network.
Create an accurate list of ALL devices computers, printers, routers, gateways, etc
Store this information in a database.
Discovering Devices:
Make use of tools (such as Nmap and/or arpwatch) to discover your network devices,
but do not rely on them to discover ALL your devices. A room-to-room walkthrough of your
organization will probably be required, so that no devices are overlooked.
Create a list of ALL protocols that are running your network.
Physical routes. If you are using a Virtual Local Area Network (VLAN), have you recorded the possible
physical routes that your VLAN traffic traverses
Asset responsibility:
Every asset on your network should have a specific person who is responsible for it
No unapproved devices and protocols. Any devices or protocols on your network that you have not approved should be removed.
Milestone 3: Protect Your Network (Network Architecture)
Identify your current network enclaves
Identify your current high-value network assets.
Identify the choke points on your network.
Damage containment. Your network should be designed to keep any damage to it contained
Cloud computing. If all or part of your network is or you are considering such integration be sure that you understand the benefits and risks involved.
Virtualization security. If your network includes virtual servers and/or desktops²or you are considering using these be sure that you understand the security implications
Milestone 4: Reach Your Network (Device Accessibility)
