The Importance of Network Documentation

By: Michael Voelker

A common hurdle in many organizations is network documentation. While pretty much everyone in the IT industry understands the importance of network documentation, it is often overlooked and neglected. Network documentation can come in many forms. Diagrams, spreadsheets, IPAM, password managers, etc., can all be part of a robust documentation process.

Details to consider:

  • Follow a standard
    • Network engineers tend to follow their own standards without concern for the others that will read and attempt to understand it. Following an organizational standard allows everyone on the team to share, modify and collaborate easily.
  • Simplification
    • Is the documentation easy to read and explain to other engineers?
    • Is the documentation easily presentable to a non-technical executive team?
    • If the documentation is part of an as-built, will the documentation need to be unnecessarily explained?
    • Can another engineer easily utilize the information to perform necessary tasks such as configuration and troubleshooting?
  • Update Regularly
    • Regularly updating documentation is critical. Neglecting to update documentation is detrimental to everyone on and off the team.
  • Physical and Logical Topologies
    • Any experienced engineer understands the difference between a physical and logical topology. Separating the two can significantly simplify documentation and make the overall infrastructure much easier to understand. A physical topology could contain a single router and 10 switches, while the logical topology might only need to include the router (from a physical perspective).
    • Thinking of the OSI model, a physical topology will provide an in-depth view of the network from a layer 1 perspective. Port IDs, cable types, and device models are all information types to be included. A logical topology will include all information contained within layers 2 and 3 of the OSI stack. VLAN IDs, IPv4/IPv6 prefix and address assignments, routing information and VPN tunnels are examples of critical information to a logical topology. While there are definitely scenarios in which a physical and logical topology may need to be combined, separate physical and logical diagrams should always exist.

Triden Group specializes in cybersecurity advisory and service. We approach all of our engagements with security first. We always recommend a full network assessment in order to develop an understanding of your environment and to provide tailored consultation. Visibility and documentation of your network is critical when developing a plan to secure your critical data.