The Importance of Network Inventories and Diagrams

The Importance of Network Inventories and Diagrams

"Can you please pass along a list of all assets and network maps?"


When asked for this information during an incident, security professionals sometimes realize they don’t know where these resources are or if they even exist. This realization often prompts a rush to compile this information in the middle of a crisis. Lack of preparation can result in overlooked systems or an incomplete picture of the environment.


To protect, defend, and respond to network-related cybersecurity incidents, it is imperative that organizations have a thorough and up-to-date inventory of all assets, including applications, databases, endpoints, servers, and service accounts. The network inventory should include the following elements:


Name
Functionality
Hostnames and IP addresses
Business purpose
Serial numbers
Vendor information
End-of-life dates
Ports used
Central processing unit (CPU), graphics processing unit (GPU), and random-access memory (RAM) details
Antivirus version
Next-generation security products, such as endpoint detection and response (EDR) solutions
Software and operating system (OS) information (including version)
Physical and logical location (include rack location)
Logical network address
Owners (ideally a technical owner and business owner, along with contact information and backup owner information)
Storage information
Encryption information (at rest and in motion)
Warranty information

After identifying and mapping systems, the next step is assigning attributes to the assets, including the data classification, criticality level, and relevant audit or regulatory requirements. A company might base the criticality of a given endpoint on various factors, such as whether the endpoint is internet facing, represents a single point of failure, supports a critical business process for the organization, or stores or processes sensitive data. This evaluation allows network defenders to ensure proper pr ..

Support the originator by clicking the read the rest link below.