Network Mapping – How to Map a Network for Your Enterprise
Network mapping is essential for your business productivity. It gives network administrators important insights on traffic metrics, device status, physical/ logical connections, and more. In addition, it helps your business streamline network troubleshooting and maximize uptime.
What Is Network Mapping?
Network Mapping is the process of identifying physical and logical connectivity within your network. Mapping networks can involve physical and virtual elements of your network, and frequently includes devices like switches, routers, firewalls, ethernet hubs, and access points.
Network Topology Mapping vs. Network Mapping
Network topology mapping is the visualization of nodes and components that are physically present in the network. This is a high-level overview of the network.
On the other hand, network mapping gives better insights into devices. As a network admin, this is beneficial because you’re able to view the physical and logical interfaces, traffic metrics, utilization of bandwidth, CPU, etc. It provides you with a better understanding of what devices are doing, rather than what they look like.
Four Benefits of Mapping a Network
Network mapping is a critical tool for network admins to gain an understanding of network infrastructure, topology, and independencies between networks. Mapping a network helps companies secure, optimize, and manage performance and reliability.
1. Encourage Real-time Network Discovery & Monitoring
This benefit utilizes the protocols ICMP, SNMP, and SSH. These protocols help us discover which devices are active on the network, and they take a real-time approach to network additions rather than waiting for a problem with a device to arise.
A /16 subnet is about 65,000 IP addresses, and it would take an incredibly long time to manually check for changes to the subnet. By using network discovery and monitoring, you can schedule your tool to pick up changes as they occur. Moreover, if you set your schedule to a daily refresh, you can find new network devices that are added and remove devices that are no longer there.
2. Accelerate Network Issue Diagnosis
Insights from a network infrastructure map streamline troubleshooting. A network mapping exercise can help you find out if and when devices are corrupted, and then utilize your connection to problematic devices to restore service as soon as possible. This helps your team reduce network downtime and fulfill your service requirements.
3. Improve Capacity Planning
Utilizing SNMP provides insights on port capacity, how it is utilized by devices, and if there is a bandwidth issue. These insights can help you make informed decisions on which devices need more capacity and more utilization. For example, if you have a 24-port switch, and 23 ports are in use, you’ll need to add capacity to extend the network. This helps network administrators better manipulate traffic for improved network capacity planning.
4. Provide Visibility for Better Network Control
NetFlow uses flow maps to give insights into where traffic is sourced and where it is headed. If there is a failure along the way, NetFlow data can help you determine the best re-route strategy to maintain network uptime while conducting network hardware maintenance on the problem component.
Network Map Examples and Types
Networking maps are effective tools for network admins. These maps help businesses gain insights into the performance and structure of a network. Several types of network maps are used to represent each network; the one you choose depends on the needs of your organization. Below are a few examples of Network Map Types.
Physical Network Maps
This map represents the physical layer of a network, and it is also referred to as a “rack diagram.” Physical networks maps typically illustrate the physical location of network devices, how they are connected to one another, and the type of connections between them. These maps can be created manually or with specialized software that automatically discovers and maps your network devices.
Network Path Mapping
This mapping type shows how data travels through our networks and which nodes are in the physical or logical path.
The logical path involves intrusion prevention systems that are virtualized; the traffic must flow through this virtual path. An example of this is Cisco ASA because it uses FirePOWER, and traffic is directed through this module without physical connectivity. The traffic is matched to a set of signatures to detect if something is in breach of security policies.
Layer 2 Network Maps
Layer 2 Network Maps will display devices such as switches within layer 2 protocol parameters like Spanning Tree Protocol (STP). The main benefit of a Layer 2 map is when you’re trying to follow the data path through a diagram, you’ll know which way the traffic goes through its spanning tree priority.
Layer 3 Network Maps
Layer 3 Network Maps include objects like routers, firewalls, load balancers – IP addressing, route information, and layer segments that hang off each network interconnect. The benefit here is being able to follow a data path from the source right to the destination and know which way the route would take. This is an absolute lifesaver when it comes to troubleshooting.
How to Map a Network
Mapping a network offers many benefits, but it can be a complex process achieved with a variety of different toolsets. The following are some of the main techniques used to map a network. Each example of how to map your network uses a different protocol that is covered in more depth.
SNMP-driven Network Maps
SNMP is a powerful and widely used monitoring protocol. It relies on management information bases (MIB) provided by vendors. SNMP servers can learn the map of a network including connected network devices, port status, serial numbers, and more.
There are 3 versions of SNMP –
- Version 1 is obsolete now.
- Version 2c relies on community string.
- Version 3 is a more secure version and gives a username, password, and security group.
SNMP can also gather information from the Link Layer Discovery Protocol (LLDP) which is an industry standard for learning what is connected to the other side of network devices. In other words, LLDP displays a network device’s “neighbors”.
Cisco made their own related protocol called the Cisco Discovery Protocol (CDP). This helps provide a topological view of the network for Cisco devices. However, CDP is not limited to solely Cisco gear.
For one, VMware utilizes both LLDP and CDP. HP also wrote CDP into telephone systems so they can work with Cisco. In fact, legacy Cisco and HP were partners, but when Cisco began making their own servers, HP started making their own network devices. Some HP command lines even have Cisco commands written into them for Cisco engineers.
NetFlow-driven Network Maps
NetFlow (as in the protocol) was created by Cisco, but several vendors also support it, including Palo Alto, Fortinet, HP, and others. NetFlow offers a chart to show what network traffic is (HTTP, HTTPS), the traffic source, the destination, and utilization. It also helps generate a picture of the network, determine the usual baseline traffic, and expose any abnormalities.
For example, if you start seeing a new URL eating up bandwidth and no one knows what it is, you could start by looking to see if you are under attack, or if a user is doing something they should not be. Insights from this network traffic map help you develop your firewall policies.
ICMP Network Mapping
Internet Control Message Protocol (ICMP) is another popular type of network monitoring protocol. Utilizing Ping, ICMP can detect what is live on the network. When a host is live, assuming there are no security policies blocking the ping request, the host will respond to the message. This is beneficial for monitoring which addresses are in use and helps keep an up-to-date record of connected devices by IP.
However, just because ICMP does not respond doesn’t mean it isn’t assigned to the host or that the IP address isn’t in use. Keep in mind, you could have a firewall policy which blocks a ping. Nonetheless, ICMP makes IP tracking much easier to maintain rather than having to check your devices manually.
Common Network Mapping Tools
A common network mapping tool is an SNMP server. This server connects SNMP clients to a community string. It allows network admins to collect information about the performance, status, and health of network devices. SNMP is supported with most operating systems and vendors.
Microsoft also offers a protocol tool, called Windows Remote Management (WinRM). In the Microsoft environment, WinRM can share OS information including disk space, services, and CPU memory. It allows a secure and efficient method of remote automation and administration.
Simplify Your Network Mapping Today
Network Mapping for your business does not need to be stressful. ParkView Managed Services is a suite of IT infrastructure managed services that can help you manage your storage, server, and network devices. Our specialized network management as a service offering can include automated health checks, configuration management, patch management, firmware management, device provisioning, DHCP & DNS management, and more!
Park Place Technologies also offers Entuity Software™, an enterprise network monitoring software that allows you to manage your network the way you want. This all-in-one tool gives you complete network awareness with features like network discovery, network topology mapping, application path monitoring, and more. Learn more about this enterprise tool today!