Network Assessment
Areas of assessment include:
- Local Area Network (wired and wireless)
- Wide Area Network (WAN)
- TCP/IP, DNS/DHCP, and other network protocols
- Operations support systems
- Security
The network assessment team will employ protocol analyzers and performance monitoring tools to gather network performance data for LAN and WAN. In addition, configuration and general network health data for all relevant network and security devices will be collected using the appropriate GUI and/or CLI. The techniques employed include:
- Physical-layer analysis: Perform an automated network discovery and develop and/or verify network map. Examine data captured by protocol analyzers and identify physical errors related to networking devices.
- Network design and configuration analysis: Collect device configuration information. Compare design and configuration data against best practices.
- Network utilization analysis: Examine network utilization for WAN and Internet access connections.
- Network throughput analysis: Measure actual data transfer rates for WAN and Internet access connections and compare against expected results.
- End-to-end performance analysis: Measure network latency across the network. Examine data retransmission rates and the route/path of packets through the network.
- Security vulnerability analysis: High level security assessment to include switch and interface security as well as VLAN security (e.g. student access versus staff access). Assessment scans and credentialed scans can be included in the assessment pending client approval. Credentialed scans allow access to systems and selected end-user devices to enumerate services, applications, and patch levels.
The information collected during the assessment will be analyzed, compared against best practices, and incorporated into an assessment final report. Approximately 2 to 4 weeks after the on-site visit, the final report will be distributed to the client for review and discussion.
The network assessment will take place over a period of 4-6 weeks, depending of the network size and complexity and will occur in several steps. The steps are defined as follows:
- Define the scope of the network and security assessment
- Develop assessment plan
- Site Visit (if required)
- Retrieve network probes and associated data
- Analyze data and develop assessment report
- Conduct conference call or on-site meeting to review assessment report
Performance data will be collected by PXOSYS Engineers using network probes installed on the client network. Performance monitoring applications installed on the network probes may include:
- Using a SNMP-accessible data for all core network switch and router interfaces including utilization and errors
- ntop to characterize network traffic
- Nessus for vulnerability scan
- Iperf for network throughput/jitter/latency testing
If you are interested contact us, one of our Architects will be able to assist you and go over your requirements.